Ga naar inhoud

Aanbevolen berichten

Dit ziet er al goed uit.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

Hierbij het ComboFix log:

ComboFix 12-05-30.02 - Administrator 30/05/2012 13:02:00.1.6 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4094.2215 [GMT 2:00]

Gestart vanuit: c:\users\Administrator\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\1331726695.bdinstall.bin

c:\users\Administrator\AppData\Local\assembly\tmp

c:\users\Administrator\AppData\Roaming\inst.exe

c:\users\Administrator\AppData\Roaming\vso_ts_preview.xml

c:\windows\iun6002.exe

c:\windows\shutdown.dll

c:\windows\SysWow64\avisynth.dll

c:\windows\SysWow64\devil.dll

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-04-28 to 2012-05-30 ))))))))))))))))))))))))))))))

.

.

2012-05-30 11:13 . 2012-05-30 11:13 -------- d-----w- c:\users\Yolan\AppData\Local\temp

2012-05-30 11:13 . 2012-05-30 11:13 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-05-30 11:13 . 2012-05-30 11:13 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-05-30 11:13 . 2012-05-30 11:13 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-29 14:47 . 2012-05-29 14:47 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F591A97-C28B-46D6-9A83-AE57CDCDEF17}\gapaengine.dll

2012-05-29 14:47 . 2012-05-08 08:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E0D82EAF-8307-4AD5-B9C9-0BE6BE9C0C43}\mpengine.dll

2012-05-28 12:01 . 2012-05-28 12:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-05-28 12:01 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-05-28 11:39 . 2012-05-08 08:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-05-28 11:37 . 2012-05-28 11:37 -------- d-----w- c:\program files (x86)\Microsoft Security Client

2012-05-28 11:37 . 2012-05-28 11:37 -------- d-----w- c:\program files\Microsoft Security Client

2012-05-28 11:25 . 2012-05-28 11:25 388096 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-05-27 23:52 . 2012-05-27 23:52 -------- d-----w- c:\users\Administrator\AppData\Roaming\GitHub

2012-05-27 23:52 . 2012-05-28 00:04 -------- d-----w- c:\users\Administrator\AppData\Local\GitHub

2012-05-27 23:50 . 2012-05-28 01:04 -------- d-----w- c:\users\Administrator\AppData\Local\Apps

2012-05-27 23:50 . 2012-05-28 01:03 -------- d-----w- c:\users\Administrator\AppData\Local\Deployment

2012-05-27 19:39 . 2012-05-27 19:39 -------- d-----w- c:\users\Administrator\AppData\Local\SplitMediaLabs

2012-05-27 18:06 . 2012-05-16 10:07 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys

2012-05-27 15:44 . 2012-05-27 18:06 -------- d-----w- c:\program files\Soluto

2012-05-27 15:43 . 2012-05-28 11:31 -------- d-----w- c:\programdata\Soluto

2012-05-26 19:15 . 2012-05-26 19:15 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework

2012-05-26 19:12 . 2012-05-26 19:12 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8

2012-05-26 19:11 . 2012-05-26 19:11 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services

2012-05-26 19:10 . 2012-05-26 19:10 -------- d-----r- C:\MSOCache

2012-05-26 17:30 . 2012-05-26 17:30 -------- d-----w- c:\users\Administrator\AppData\Local\Microsoft Help

2012-05-25 14:20 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4218DDC1-FC31-4F03-86E3-39ACE7F3E628}\mpengine.dll

2012-05-17 19:33 . 2012-05-17 19:33 -------- d-----w- c:\users\Administrator\.astah

2012-05-17 19:33 . 2012-05-17 19:34 -------- d-----w- c:\program files\astah-professional

2012-05-16 16:12 . 2012-05-20 20:30 -------- d-----w- c:\users\Administrator\AppData\Roaming\AVI ReComp

2012-05-16 16:11 . 2011-05-30 13:42 255488 ----a-w- c:\windows\system32\xvidvfw.dll

2012-05-16 16:11 . 2011-05-23 07:49 173568 ----a-w- c:\windows\system32\xvid.ax

2012-05-16 16:11 . 2011-05-23 07:45 696832 ----a-w- c:\windows\system32\xvidcore.dll

2012-05-16 16:11 . 2011-05-23 09:52 153088 ----a-w- c:\windows\SysWow64\xvid.ax

2012-05-16 16:10 . 2012-05-16 16:11 -------- d-----w- c:\program files (x86)\AVI ReComp

2012-05-14 16:17 . 2012-05-14 16:17 -------- d-----w- c:\program files\Oracle

2012-05-14 16:16 . 2012-04-04 16:33 955800 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-05-13 20:05 . 2012-05-13 20:05 -------- d-----w- c:\program files\TeamSpeak 3 Client

2012-05-12 17:59 . 2012-05-12 17:59 -------- d-----w- c:\users\Administrator\.sessionstealer

2012-05-12 15:39 . 2012-05-12 15:39 -------- d-----w- c:\users\Administrator\AppData\Local\IsolatedStorage

2012-05-12 15:39 . 2012-05-12 15:39 -------- d-----w- c:\users\Administrator\AppData\Local\Red Gate

2012-05-12 14:52 . 2012-05-12 14:52 -------- d-----w- c:\program files (x86)\GSAutoClicker3

2012-05-12 14:51 . 2012-05-12 14:51 -------- d-----w- c:\program files (x86)\AutoClick3

2012-05-11 23:51 . 2012-05-11 23:51 -------- d-----w- c:\users\Administrator\AppData\Roaming\AnvSoft

2012-05-11 14:31 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll

2012-05-11 14:31 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-05-11 14:31 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-11 14:31 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys

2012-05-11 14:31 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-05-11 14:31 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-05-11 14:30 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys

2012-05-11 14:30 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-05-11 14:30 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2012-05-11 14:30 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2012-05-11 14:30 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-11 14:30 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2012-05-11 14:30 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-05-10 17:08 . 2012-05-10 17:08 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-05-10 17:08 . 2012-05-10 17:08 -------- d-----w- c:\program files (x86)\Oracle

2012-05-10 17:08 . 2012-04-04 16:47 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-05-09 14:40 . 2010-11-03 20:08 83456 ----a-w- c:\windows\SysWow64\yv12vfw.dll

2012-05-09 14:40 . 2010-11-03 20:08 83456 ----a-w- c:\windows\SysWow64\i420vfw.dll

2012-05-09 14:40 . 2007-05-16 22:57 86016 ----a-w- c:\windows\SysWow64\MediaBridgeSourceFilter.ax

2012-05-09 14:40 . 2007-04-07 19:22 241664 ----a-w- c:\windows\SysWow64\PmpSplitter.ax

2012-05-09 14:40 . 2010-06-21 08:12 1527650 ----a-w- c:\windows\SysWow64\libfftw3f-3.dll

2012-05-09 14:40 . 2009-07-18 09:08 1527650 ----a-w- c:\windows\SysWow64\fftw3.dll

2012-05-09 14:40 . 2008-04-05 22:53 140288 ----a-w- c:\windows\SysWow64\avsfilter.dll

2012-05-09 14:40 . 2005-09-13 04:09 4608 ----a-w- c:\windows\SysWow64\AvsRecursion.dll

2012-05-09 14:40 . 2004-01-24 03:35 57344 ----a-w- c:\windows\SysWow64\avisynth_c.dll

2012-05-09 14:38 . 2012-05-09 14:38 -------- d-----w- c:\program files (x86)\XviD4PSP 5

2012-05-09 14:22 . 2012-05-09 14:22 -------- d-----w- c:\program files (x86)\MP3 Encoder

2012-05-09 14:07 . 2012-05-09 14:07 -------- d-----w- C:\VirtualDub

2012-04-30 23:05 . 2012-04-30 23:05 -------- d-----w- c:\program files (x86)\SpotifyRemotelessHelper

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-05 17:42 . 2012-04-01 13:57 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-05-05 17:42 . 2011-09-07 15:25 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-05 17:42 . 2012-04-01 14:42 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-04-04 16:47 . 2011-02-21 12:16 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-04-04 16:33 . 2011-02-21 12:14 839056 ----a-w- c:\windows\system32\deployJava1.dll

2012-04-04 14:43 . 2011-08-18 21:18 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr

2012-04-04 14:43 . 2011-08-18 19:19 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2012-04-01 22:11 . 2011-08-18 19:19 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0

2012-03-20 18:44 . 2012-03-20 18:44 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys

2012-03-20 18:44 . 2012-03-20 18:44 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2012-03-15 21:08 . 2011-08-19 10:33 2480064 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll

2012-03-12 18:56 . 2012-03-12 18:56 947472 ----a-w- c:\windows\SysWow64\msjava.dll

2012-03-06 23:15 . 2011-09-25 19:01 258520 ----a-w- c:\windows\system32\aswBoot.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 94208 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 94208 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 94208 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 94208 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Steam"="c:\program files (x86)\Steam\steam.exe" [2011-11-11 1242448]

"ISPMonitor"="c:\program files (x86)\ISP Monitor\isp.exe" [2012-01-16 418304]

"Akamai NetSession Interface"="c:\users\Administrator\AppData\Local\Akamai\netsession_win.exe" [2012-05-07 3331872]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]

"RemotelessHelper"="c:\program files (x86)\SpotifyRemotelessHelper\SpotifyRemotelessHelper.exe" [2012-04-26 2315264]

"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-05-21 880496]

"Xvid"="c:\program files (x86)\XviD\CheckUpdate.exe" [2011-01-17 8192]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048]

"CamserviceHD"="c:\program files (x86)\Hercules\Hercules DualPix HD Webcam\Camservice.exe" [bU]

"LinuxTSC_startup"="c:\program files (x86)\LinuxTSC\usr\X11R6\bin\XWin.exe" [2003-11-09 3664384]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2011-11-28 296056]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"ST Recovery Launcher"="c:\windows\SMINST\VistaLauncher.exe" [2008-09-11 46416]

.

c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x]

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

R2 Apache2.2;Apache2.2;c:\program files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [2011-09-09 20549]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 136176]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]

R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2012-05-16 584768]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-09-09 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-09-09 79360]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [2010-03-30 26752]

R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Classic\safedrv.sys [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 136176]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-26 129976]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 SteComposite;Acer Composite USB Service;c:\windows\system32\DRIVERS\ste_compo_x64.sys [x]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2011-01-18 68440]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys [x]

R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]

R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]

R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]

S2 ISPMonitorSrv;ISP Monitor;c:\program files (x86)\ISP Monitor\ISPMonitorSrv.exe [2008-06-09 36864]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-09-23 641832]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]

S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]

S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]

S3 AKDWC20ET;Hercules Dualpix HD Webcam;c:\windows\system32\Drivers\HDVidvx.sys [x]

S3 camfilt2;camfilt2;c:\windows\system32\DRIVERS\camfilt2.sys [x]

S3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]

S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys [x]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2011-03-04 11:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-05-29 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 17:42]

.

2011-11-15 c:\windows\Tasks\AutoKMS.job

- c:\windows\AutoKMS\AutoKMS.exe [2011-11-14 16:51]

.

2012-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 19:49]

.

2012-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 19:49]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]

c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [bU]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 97792 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 97792 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 97792 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17 97792 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816]

"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616]

"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <local>

IE: &Verzenden naar OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.130.4 195.130.131.4

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\7qbrsq5a.default\

.

- - - - ORPHANS VERWIJDERD - - - -

.

Wow6432Node-HKCU-Run-AdobeBridge - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]

"ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]

"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (Administrator)

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,14,ca,

05,9c,b2,eb,0b,bb,9d,bf,17,8f,69,f9,db

"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,3b,1b,f9,df,5c,

2d,50,ee,ad,02,96,7b,09,49,17,26,d6,d2

"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,3b,1b,9d,6a,7b,

2f,b3,1b,95,0f,82,1d,51,09,a7,d0,d1,ec

"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,3b,1b,71,2d,90,

6f,f4,6a,4a,04,a9,f2,4e,fc,1e,7f,e7,66

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c8,25,

8d,33,16,d7,03,90,c7,14,24,75,4f,27,de

"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,3b,1b,25,b4,e6,

a9,10,54,31,00,a4,29,07,f3,03,c9,46,e7

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1c,dd,

c6,74,fe,33,0a,a2,7f,d9,65,c2,82,cc,b1

"{DDA57003-0068-4ED2-9D32-4D1EC707D94D}"=hex:51,66,7a,6c,4c,1d,3b,1b,13,6c,b0,

c0,59,5a,ba,07,83,39,08,5e,c4,40,9d,55

"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,3b,1b,f1,06,41,

37,c7,01,0d,0f,b6,a8,8a,e9,64,69,06,89

"{5802D092-1784-4908-8CDB-99B6842D353D}"=hex:51,66,7a,6c,4c,1d,3b,1b,82,cc,17,

45,b5,4d,60,00,92,d0,dc,f6,87,6a,71,25

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (Administrator)

"Timestamp"=hex:2d,c1,47,9e,69,96,cc,01

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,24,f1,d8,82,9f,7e,52,47,b8,45,b7,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,24,f1,d8,82,9f,7e,52,47,b8,45,b7,\

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.3G2"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.3GP"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.3G2"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.3GP"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.669\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.669"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ADTS"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ADTS"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ADTS"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AIFF"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AIFF"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AIFF"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amf\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.amf"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ASF"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ASX"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AU"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AVI"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avr\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.avr"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.B4S\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.PlayList"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.caf\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.caf"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.CDA"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (Administrator)

"Progid"="ThunderbirdEML"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.far\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.far"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FLAC\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.FLAC"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.FLV"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htk\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.htk"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]

@Denied: (2) (Administrator)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]

@Denied: (2) (Administrator)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.iff"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.it\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.it"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.itz\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.itz"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.KAR\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.KAR"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.M2TS"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.M2TS"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.m3u"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u8\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.PlayList"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.M4A"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MP4"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mat\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.mat"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mdz\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.mdz"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MIDI"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MIDI"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MIZ\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.MIZ"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.MKV"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MOV"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP1\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.MP1"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MP3"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MP3"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MP4"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MP4"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mtm\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.mtm"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.M2TS"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NSA\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.NSA"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nst\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.nst"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NSV\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.NSV"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.OGG\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.OGG"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.okt\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.okt"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.paf\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.paf"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.PlayList"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ptm\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.ptm"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pvf\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.pvf"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.raw"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rf64\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.rf64"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MIDI"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.s3m\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.s3m"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.s3z\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.s3z"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sd2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.sd2"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sds\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.sds"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sf\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.sf"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]

@Denied: (2) (Administrator)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AU"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.stm\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.stm"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.stz\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.stz"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.SWF\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.SWF"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.TTS"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.TTS"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ult\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.ult"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.VLB\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.VLB"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.voc\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.voc"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.w64\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.w64"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wal\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.SkinZip"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WAV"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WAX"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdseml\UserChoice]

@Denied: (2) (Administrator)

"Progid"="ThunderbirdEML"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webm\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.webm"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wlz\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.LangZip"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ASF"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMA"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMD"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMS"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMV"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ASX"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMZ"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WPL"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wsz\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.SkinZip"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wve\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.wve"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WVX"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]

@Denied: (2) (Administrator)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]

@Denied: (2) (Administrator)

"Progid"="FirefoxHTML"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xi\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.xi"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xm\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.xm"

.

[HKEY_USERS\S-1-5-21-2746974207-3414542493-310138508-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmz\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Winamp.File.xmz"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\windows\SysWOW64\PnkBstrA.exe

.

**************************************************************************

.

Voltooingstijd: 2012-05-30 13:34:12 - machine werd herstart

ComboFix-quarantined-files.txt 2012-05-30 11:34

ComboFix2.txt 2012-03-14 17:11

ComboFix3.txt 2012-03-12 16:49

.

Pre-Run: 169.014.591.488 bytes beschikbaar

Post-Run: 168.442.957.824 bytes beschikbaar

.

- - End Of File - - 262CC70077BA1BE5469892261146A81A

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.