Ga naar inhoud

Politievirus - weer eens ...

dirkx19
 Delen

Aanbevolen berichten

dirkx19 Leerling

dirkx19

Geplaatst:
  • Auteur
Geplaatst:

Dank je Kape voor de reactie.

Heb akties uitgevoerd (dank je voor de prima handleiding, ideaal voor een leek als ik ...).

Zie hieronder de inhoud van Combifix.txt:

ComboFix 13-01-12.01 - Gebruiker 13/01/2013 12:31:39.2.2 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.1022.214 [GMT 1:00]

Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Gebruiker\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

FILE ::

"c:\programdata\dsgsdgdsgdsgw.js"

"c:\windows\pss\0.9432218369705224.exe"

"c:\windows\pss\jag158176.exe"

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-12-13 to 2013-01-13 ))))))))))))))))))))))))))))))

.

.

2013-01-13 11:41 . 2013-01-13 11:41 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-01-13 11:41 . 2013-01-13 11:41 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2013-01-12 23:05 . 2013-01-12 23:05 -------- d-----w- c:\windows\system32\SPReview

2013-01-12 22:25 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe

2013-01-12 22:25 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll

2013-01-12 22:25 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2013-01-12 22:25 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll

2013-01-12 22:25 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll

2013-01-12 22:25 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll

2013-01-12 22:25 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll

2013-01-12 22:25 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll

2013-01-12 22:25 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe

2013-01-12 08:35 . 2013-01-12 08:38 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\MAGIX

2013-01-12 08:33 . 2013-01-12 13:54 -------- d-----w- c:\program files\MAGIX

2013-01-12 08:33 . 2013-01-12 11:33 -------- d-----w- c:\program files\Common Files\MAGIX Services

2013-01-12 08:33 . 2013-01-12 11:32 -------- d-----w- c:\programdata\MAGIX

2013-01-12 08:33 . 2013-01-12 08:33 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\simplitec

2013-01-12 08:33 . 2013-01-12 08:33 -------- d-----w- c:\programdata\simplitec

2013-01-12 08:33 . 2013-01-12 08:33 -------- d-----w- c:\program files\simplitec

2013-01-12 08:32 . 2013-01-12 08:32 -------- d-----w- c:\program files\MSXML 4.0

2013-01-10 19:18 . 2013-01-10 19:31 284 ----a-w- c:\windows\DeleteOnReboot.bat

2013-01-09 20:31 . 2013-01-09 20:31 -------- d-----w- c:\program files\Common Files\Java

2013-01-09 20:31 . 2013-01-09 20:30 859072 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-01-09 20:30 . 2013-01-09 20:30 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-01-06 11:39 . 2013-01-06 11:39 -------- d-----w- c:\programdata\NCH Swift Sound

2013-01-05 23:37 . 2013-01-10 20:02 -------- d-----w- c:\programdata\NCH Software

2013-01-05 23:34 . 2013-01-10 20:07 -------- d-----w- c:\program files\NCH Software

2013-01-05 23:34 . 2013-01-10 20:03 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\NCH Software

2012-12-23 23:45 . 2013-01-08 20:51 2962 ----a-w- c:\programdata\dsgsdgdsgdsgw.js

2012-12-23 21:44 . 2012-12-23 21:44 -------- d-----w- c:\users\Gebruiker\AppData\Local\gamehouse

2012-12-23 21:41 . 2012-12-23 21:41 -------- d-----w- c:\users\Gebruiker\AppData\Local\Graboid Inc

2012-12-23 21:41 . 2012-12-23 21:41 -------- d-----w- c:\users\Gebruiker\AppData\Local\Graboid

2012-12-23 21:41 . 2012-12-23 21:41 -------- d-----w- c:\programdata\Graboid Inc

2012-12-23 21:41 . 2012-12-23 21:41 -------- d-----w- c:\users\Gebruiker\AppData\Local\Geckofx

2012-12-23 21:38 . 2012-12-23 21:40 -------- d-----w- c:\programdata\Package Cache

2012-12-23 16:42 . 2012-12-24 16:26 -------- d-----w- C:\GameHouse Games

2012-12-23 16:41 . 2012-12-24 16:25 -------- d-----w- c:\program files\RealArcade

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-12 22:59 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll

2013-01-12 08:36 . 2007-04-27 09:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll

2013-01-09 20:30 . 2011-06-21 20:29 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-12-14 15:49 . 2012-07-31 15:55 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-10-29 15:59 . 2012-10-29 15:59 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

2012-05-15 13:19 . 2011-05-21 13:54 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-03-26 1516600]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-07-26 247768]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-11-12 361632]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]

"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-11-12 5106904]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

simplicheck.lnk - c:\program files\simplitec\simplicheck\simplicheck.exe [2012-4-19 2891072]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 0 (0x0)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 10.lnk]

backup=c:\windows\pss\Snagit 10.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^0.9432218369705224.exe.lnk]

backup=c:\windows\pss\0.9432218369705224.exe.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ctfmon.lnk]

backup=c:\windows\pss\ctfmon.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Inktwaarschuwingen controleren - HP Deskjet 3050A J611 series.lnk]

backup=c:\windows\pss\Inktwaarschuwingen controleren - HP Deskjet 3050A J611 series.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^jag158176.exe.lnk]

backup=c:\windows\pss\jag158176.exe.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\removeiMeshdatamngr]

RD [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

2009-04-24 03:21 203928 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]

2010-10-27 17:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]

2009-04-02 16:05 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2011-05-18 23:51 136176 ----atw- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]

R3 bDMusicb;bDMusicb;c:\users\GEBRUI~1\AppData\Local\Temp\bDMusicb.sys [x]

R3 c2wts;Claims voor Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]

R3 GamesAppService;GamesAppService;c:\program files\WildTangent Games\App\GamesAppService.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]

R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]

R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]

S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys [x]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]

S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]

S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]

S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]

S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 netr73;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr73.sys [x]

S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2013-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 23:51]

.

2013-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 23:51]

.

2013-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3998802262-254871581-164839200-1000Core.job

- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-18 23:51]

.

2013-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3998802262-254871581-164839200-1000UA.job

- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-18 23:51]

.

2013-01-13 c:\windows\Tasks\HP Photo Creations Messager.job

- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]

.

2013-01-13 c:\windows\Tasks\SDMsgUpdate (TE).job

- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2012-03-01 18:22]

.

.

------- Bijkomende Scan -------

.

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\bo46pb43.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.032"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.abr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.apd"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.arw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.bay"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.bw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.cr2"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.crw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.cs1"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.dcr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.dcx"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.djv"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.djvu"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.dng"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.eps"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.erf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.fff"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.fpx"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.hdr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.icn"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.iff"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ilbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.int"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.inta"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.iw4"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.j2c"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.j2k"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jbr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jif"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jp2"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jpc"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jpk"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jpx"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.kdc"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.lbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.mef"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.mos"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.mrw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.nef"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.nrw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.orf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pbr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pcd"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pct"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pcx"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pef"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pgm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pic"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pict"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pix"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ppm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.psd"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.psp"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pspbrush"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pspimage"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.raf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ras"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.raw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rgb"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rgba"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rsb"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rw2"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rwl"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.sgi"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.sr2"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.srf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.tga"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.thm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.v30po"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.v30pp"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.v30ppf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.wbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.wbmp"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xif"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xmp"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xpm"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]

"OODEFRAG12.00.00.01PROFESSIONAL"="B5FA394FE9E3C65EED2D9F185888188339988A093BE21BE2EF3787127A07B86388BCC5CC5788231BB13929C0968BB14187916F00AE1C4B744ABF5E0D98E25EBF35EC0A111F16EF8855CD25EAC6D0B3B17D60E680C62B35A7C1E7F56D8DA293A9884873755661CC6D25250A5353BC168D0A5B0F4BDE1DCB4D0641B61A452761A492BC54249D34F8A432A9328A2A2573255F8BECF6D3F820C80A916CCCAE3E754AA76FE11F924E5C1BD1FD5BF53C558A5C722EE7EC0AB46C1404554996BE2F20C65FB7B4B75ADF01D51DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E667A2D97226D213B5555D575E7D6A3B980822057490146DC0C7052C6A52A6EED47C839B06449C7E6937A133E827A98E76A8082E390C2AEC73CC1C6554A61D48BEC2E3A0D8B4F4D1C73B3A7801F32E61147BD04BC9AB3EB20D6B8A3FEA415330A3AD1A5020DD5BCC3DD57A7A41A4E66EF5232FE52CFA4D6832CFDE2BFA5F3187FBEE33278C4EC7A9B7DA0CDDE0B87869A0340AE8BB89C85B9B72DDFE234215D457FC6E03231824C6BB5F4D286832FB2BAC857BA5A7EB94FC1888FDF359AC51C2570F41253DCFCE2961BDCE47B6187B3046B0514F72388BE0878E6A27E3682D9DB224533586109B75D0945687FBF478162E178F80738AF84160C5839ADE42E0D7B27C823D80F452F74CC45E9E40D76622B65AEBB2D3039EF9ABB1DC333A8A9B87371C5E2C00222D1FA6F512A35B52AD3DC962D0499446B18B851A3D3AB916FDE7B04EAC53ADBB5AFC451156917C7CAA71E3595D078679DA1CA08BA05EF3BD1F54271F63E8856CFD4A2545BDC6A4F02BEF94AFE39451CA37744257372F575E0A51B35FB18959E12FE0D5849388A94DF50B8097E97EEEE7D701C18F632321D7BA0384A577B04E4C78BF7984547D36B441BC5F09AAB4AF85C1D20F8D3E14E58E24B25D49C743DB625A8948BFB2B0C54DBA20FEBE950C35DA6E9EAAEC90BE8EEB2C509268EC85CEDEC5858CF313122CC201F4BDB74CBC7624CA3D280EDC4354DC2EEC8FE363A3C97C221E26A38FF50FC3281E90B7A5E2BE2137AB329554A94A51F53ED2E0D92B3F804BE208947411E702B9257FC42B00AC94090B066BE0D9513EC69EECC9B60EF82E10063AD1C58084B33035282B9CF733C60920753B1CA0A21CD50B07C99124944F3360D7A837C385947B9E3979EC929703F4D464F5D5314A68CEA5595238A602326CE90FAB32BE62E380D47803C0FBF5197D34CDCE929FA7234E35321BA9B4062965C225315537E4621770BC5EF3C63EDC47EFBCBE87E56DD067A2F4199A50B8083E2FEE52715AA8D80B2C72E7956430A5EBDDD40224E0A4F81F7C178D735F092A8A14D9EE0CB5A2101C681BBE6630E4CF78F4C9"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-01-13 12:44:31

ComboFix-quarantined-files.txt 2013-01-13 11:44

ComboFix2.txt 2013-01-12 22:26

.

Pre-Run: 34.766.684.160 bytes beschikbaar

Post-Run: 34.706.923.520 bytes beschikbaar

.

- - End Of File - - 4BCB330B920C4704B891D6B4A894B95C

Link naar reactie
Delen op andere sites
dirkx19 Leerling

dirkx19

Geplaatst:
  • Auteur
Geplaatst:

Is gelukt. Ziehier de log:

ComboFix 13-01-12.01 - Gebruiker 13/01/2013 12:31:39.2.2 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.1022.214 [GMT 1:00]

Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Gebruiker\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

FILE ::

"c:\programdata\dsgsdgdsgdsgw.js"

"c:\windows\pss\0.9432218369705224.exe"

"c:\windows\pss\jag158176.exe"

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-12-13 to 2013-01-13 ))))))))))))))))))))))))))))))

.

.

2013-01-13 11:41 . 2013-01-13 11:41 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-01-13 11:41 . 2013-01-13 11:41 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2013-01-12 23:05 . 2013-01-12 23:05 -------- d-----w- c:\windows\system32\SPReview

2013-01-12 22:25 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe

2013-01-12 22:25 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll

2013-01-12 22:25 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2013-01-12 22:25 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll

2013-01-12 22:25 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll

2013-01-12 22:25 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll

2013-01-12 22:25 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll

2013-01-12 22:25 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll

2013-01-12 22:25 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe

2013-01-12 08:35 . 2013-01-12 08:38 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\MAGIX

2013-01-12 08:33 . 2013-01-12 13:54 -------- d-----w- c:\program files\MAGIX

2013-01-12 08:33 . 2013-01-12 11:33 -------- d-----w- c:\program files\Common Files\MAGIX Services

2013-01-12 08:33 . 2013-01-12 11:32 -------- d-----w- c:\programdata\MAGIX

2013-01-12 08:33 . 2013-01-12 08:33 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\simplitec

2013-01-12 08:33 . 2013-01-12 08:33 -------- d-----w- c:\programdata\simplitec

2013-01-12 08:33 . 2013-01-12 08:33 -------- d-----w- c:\program files\simplitec

2013-01-12 08:32 . 2013-01-12 08:32 -------- d-----w- c:\program files\MSXML 4.0

2013-01-10 19:18 . 2013-01-10 19:31 284 ----a-w- c:\windows\DeleteOnReboot.bat

2013-01-09 20:31 . 2013-01-09 20:31 -------- d-----w- c:\program files\Common Files\Java

2013-01-09 20:31 . 2013-01-09 20:30 859072 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-01-09 20:30 . 2013-01-09 20:30 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-01-06 11:39 . 2013-01-06 11:39 -------- d-----w- c:\programdata\NCH Swift Sound

2013-01-05 23:37 . 2013-01-10 20:02 -------- d-----w- c:\programdata\NCH Software

2013-01-05 23:34 . 2013-01-10 20:07 -------- d-----w- c:\program files\NCH Software

2013-01-05 23:34 . 2013-01-10 20:03 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\NCH Software

2012-12-23 23:45 . 2013-01-08 20:51 2962 ----a-w- c:\programdata\dsgsdgdsgdsgw.js

2012-12-23 21:44 . 2012-12-23 21:44 -------- d-----w- c:\users\Gebruiker\AppData\Local\gamehouse

2012-12-23 21:41 . 2012-12-23 21:41 -------- d-----w- c:\users\Gebruiker\AppData\Local\Graboid Inc

2012-12-23 21:41 . 2012-12-23 21:41 -------- d-----w- c:\users\Gebruiker\AppData\Local\Graboid

2012-12-23 21:41 . 2012-12-23 21:41 -------- d-----w- c:\programdata\Graboid Inc

2012-12-23 21:41 . 2012-12-23 21:41 -------- d-----w- c:\users\Gebruiker\AppData\Local\Geckofx

2012-12-23 21:38 . 2012-12-23 21:40 -------- d-----w- c:\programdata\Package Cache

2012-12-23 16:42 . 2012-12-24 16:26 -------- d-----w- C:\GameHouse Games

2012-12-23 16:41 . 2012-12-24 16:25 -------- d-----w- c:\program files\RealArcade

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-12 22:59 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll

2013-01-12 08:36 . 2007-04-27 09:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll

2013-01-09 20:30 . 2011-06-21 20:29 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-12-14 15:49 . 2012-07-31 15:55 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-10-29 15:59 . 2012-10-29 15:59 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

2012-05-15 13:19 . 2011-05-21 13:54 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-03-26 1516600]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-07-26 247768]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-11-12 361632]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]

"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-11-12 5106904]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

simplicheck.lnk - c:\program files\simplitec\simplicheck\simplicheck.exe [2012-4-19 2891072]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 0 (0x0)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 10.lnk]

backup=c:\windows\pss\Snagit 10.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^0.9432218369705224.exe.lnk]

backup=c:\windows\pss\0.9432218369705224.exe.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ctfmon.lnk]

backup=c:\windows\pss\ctfmon.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Inktwaarschuwingen controleren - HP Deskjet 3050A J611 series.lnk]

backup=c:\windows\pss\Inktwaarschuwingen controleren - HP Deskjet 3050A J611 series.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^jag158176.exe.lnk]

backup=c:\windows\pss\jag158176.exe.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\removeiMeshdatamngr]

RD [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

2009-04-24 03:21 203928 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]

2010-10-27 17:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]

2009-04-02 16:05 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2011-05-18 23:51 136176 ----atw- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]

R3 bDMusicb;bDMusicb;c:\users\GEBRUI~1\AppData\Local\Temp\bDMusicb.sys [x]

R3 c2wts;Claims voor Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]

R3 GamesAppService;GamesAppService;c:\program files\WildTangent Games\App\GamesAppService.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]

R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]

R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]

S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys [x]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]

S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]

S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]

S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]

S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 netr73;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr73.sys [x]

S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2013-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 23:51]

.

2013-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 23:51]

.

2013-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3998802262-254871581-164839200-1000Core.job

- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-18 23:51]

.

2013-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3998802262-254871581-164839200-1000UA.job

- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-18 23:51]

.

2013-01-13 c:\windows\Tasks\HP Photo Creations Messager.job

- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]

.

2013-01-13 c:\windows\Tasks\SDMsgUpdate (TE).job

- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2012-03-01 18:22]

.

.

------- Bijkomende Scan -------

.

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\bo46pb43.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.032"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.abr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.apd"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.arw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.bay"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.bw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.cr2"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.crw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.cs1"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.dcr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.dcx"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.djv"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.djvu"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.dng"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.eps"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.erf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.fff"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.fpx"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.hdr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.icn"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.iff"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ilbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.int"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.inta"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.iw4"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.j2c"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.j2k"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jbr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jif"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jp2"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jpc"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jpk"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jpx"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.kdc"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.lbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.mef"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.mos"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.mrw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.nef"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.nrw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.orf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pbr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pcd"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pct"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pcx"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pef"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pgm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pic"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pict"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pix"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ppm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.psd"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.psp"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pspbrush"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pspimage"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.raf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ras"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.raw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rgb"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rgba"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rsb"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rw2"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rwl"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.sgi"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.sr2"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.srf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.tga"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.thm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.v30po"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.v30pp"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.v30ppf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.wbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.wbmp"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xif"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xmp"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xpm"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]

"OODEFRAG12.00.00.01PROFESSIONAL"="B5FA394FE9E3C65EED2D9F185888188339988A093BE21BE2EF3787127A07B86388BCC5CC5788231BB13929C0968BB14187916F00AE1C4B744ABF5E0D98E25EBF35EC0A111F16EF8855CD25EAC6D0B3B17D60E680C62B35A7C1E7F56D8DA293A9884873755661CC6D25250A5353BC168D0A5B0F4BDE1DCB4D0641B61A452761A492BC54249D34F8A432A9328A2A2573255F8BECF6D3F820C80A916CCCAE3E754AA76FE11F924E5C1BD1FD5BF53C558A5C722EE7EC0AB46C1404554996BE2F20C65FB7B4B75ADF01D51DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E667A2D97226D213B5555D575E7D6A3B980822057490146DC0C7052C6A52A6EED47C839B06449C7E6937A133E827A98E76A8082E390C2AEC73CC1C6554A61D48BEC2E3A0D8B4F4D1C73B3A7801F32E61147BD04BC9AB3EB20D6B8A3FEA415330A3AD1A5020DD5BCC3DD57A7A41A4E66EF5232FE52CFA4D6832CFDE2BFA5F3187FBEE33278C4EC7A9B7DA0CDDE0B87869A0340AE8BB89C85B9B72DDFE234215D457FC6E03231824C6BB5F4D286832FB2BAC857BA5A7EB94FC1888FDF359AC51C2570F41253DCFCE2961BDCE47B6187B3046B0514F72388BE0878E6A27E3682D9DB224533586109B75D0945687FBF478162E178F80738AF84160C5839ADE42E0D7B27C823D80F452F74CC45E9E40D76622B65AEBB2D3039EF9ABB1DC333A8A9B87371C5E2C00222D1FA6F512A35B52AD3DC962D0499446B18B851A3D3AB916FDE7B04EAC53ADBB5AFC451156917C7CAA71E3595D078679DA1CA08BA05EF3BD1F54271F63E8856CFD4A2545BDC6A4F02BEF94AFE39451CA37744257372F575E0A51B35FB18959E12FE0D5849388A94DF50B8097E97EEEE7D701C18F632321D7BA0384A577B04E4C78BF7984547D36B441BC5F09AAB4AF85C1D20F8D3E14E58E24B25D49C743DB625A8948BFB2B0C54DBA20FEBE950C35DA6E9EAAEC90BE8EEB2C509268EC85CEDEC5858CF313122CC201F4BDB74CBC7624CA3D280EDC4354DC2EEC8FE363A3C97C221E26A38FF50FC3281E90B7A5E2BE2137AB329554A94A51F53ED2E0D92B3F804BE208947411E702B9257FC42B00AC94090B066BE0D9513EC69EECC9B60EF82E10063AD1C58084B33035282B9CF733C60920753B1CA0A21CD50B07C99124944F3360D7A837C385947B9E3979EC929703F4D464F5D5314A68CEA5595238A602326CE90FAB32BE62E380D47803C0FBF5197D34CDCE929FA7234E35321BA9B4062965C225315537E4621770BC5EF3C63EDC47EFBCBE87E56DD067A2F4199A50B8083E2FEE52715AA8D80B2C72E7956430A5EBDDD40224E0A4F81F7C178D735F092A8A14D9EE0CB5A2101C681BBE6630E4CF78F4C9"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-01-13 12:44:31

ComboFix-quarantined-files.txt 2013-01-13 11:44

ComboFix2.txt 2013-01-12 22:26

.

Pre-Run: 34.766.684.160 bytes beschikbaar

Post-Run: 34.706.923.520 bytes beschikbaar

.

- - End Of File - - 4BCB330B920C4704B891D6B4A894B95C

- - - Updated - - -

Sorry, is dezelfde log als deze die ik eerder doorstuurde, maar zag dit niet in de lijst van reacties staan ... .

Maar neen, voorlopig geen ongewenste meldingen meer.

Dank voor jullie assistentie.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\programdata\dsgsdgdsgdsgw.js

Registry::

[-HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ctfmon.lnk]

[-HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^jag158176.exe.lnk]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\removeiMeshdatamngr]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]

"OODEFRAG12.00.00.01PROFESSIONAL"=-

Driver::

bDMusicb

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in de rode snelkoppeling van ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites
dirkx19 Leerling

dirkx19

Geplaatst:
  • Auteur
Geplaatst:

Voilà, het resultaat:

ComboFix 13-01-12.01 - Gebruiker 14/01/2013 23:28:04.3.2 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.1022.287 [GMT 1:00]

Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Gebruiker\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

FILE ::

"c:\programdata\dsgsdgdsgdsgw.js"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_BDMUSICB

-------\Service_bDMusicb

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-12-14 to 2013-01-14 ))))))))))))))))))))))))))))))

.

.

2013-01-14 22:36 . 2013-01-14 22:36 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-01-14 22:36 . 2013-01-14 22:36 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2013-01-12 23:05 . 2013-01-12 23:05 -------- d-----w- c:\windows\system32\SPReview

2013-01-12 22:25 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe

2013-01-12 22:25 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll

2013-01-12 22:25 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2013-01-12 22:25 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll

2013-01-12 22:25 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll

2013-01-12 22:25 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll

2013-01-12 22:25 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll

2013-01-12 22:25 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll

2013-01-12 22:25 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe

2013-01-12 08:35 . 2013-01-12 08:38 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\MAGIX

2013-01-12 08:33 . 2013-01-12 13:54 -------- d-----w- c:\program files\MAGIX

2013-01-12 08:33 . 2013-01-12 11:33 -------- d-----w- c:\program files\Common Files\MAGIX Services

2013-01-12 08:33 . 2013-01-12 11:32 -------- d-----w- c:\programdata\MAGIX

2013-01-12 08:33 . 2013-01-12 08:33 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\simplitec

2013-01-12 08:33 . 2013-01-12 08:33 -------- d-----w- c:\programdata\simplitec

2013-01-12 08:33 . 2013-01-12 08:33 -------- d-----w- c:\program files\simplitec

2013-01-12 08:32 . 2013-01-12 08:32 -------- d-----w- c:\program files\MSXML 4.0

2013-01-10 19:18 . 2013-01-10 19:31 284 ----a-w- c:\windows\DeleteOnReboot.bat

2013-01-09 20:31 . 2013-01-09 20:31 -------- d-----w- c:\program files\Common Files\Java

2013-01-09 20:31 . 2013-01-09 20:30 859072 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-01-09 20:30 . 2013-01-09 20:30 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-01-06 11:39 . 2013-01-06 11:39 -------- d-----w- c:\programdata\NCH Swift Sound

2013-01-05 23:37 . 2013-01-10 20:02 -------- d-----w- c:\programdata\NCH Software

2013-01-05 23:34 . 2013-01-10 20:07 -------- d-----w- c:\program files\NCH Software

2013-01-05 23:34 . 2013-01-10 20:03 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\NCH Software

2012-12-23 23:45 . 2013-01-08 20:51 2962 ----a-w- c:\programdata\dsgsdgdsgdsgw.js

2012-12-23 21:44 . 2012-12-23 21:44 -------- d-----w- c:\users\Gebruiker\AppData\Local\gamehouse

2012-12-23 21:41 . 2012-12-23 21:41 -------- d-----w- c:\users\Gebruiker\AppData\Local\Graboid Inc

2012-12-23 21:41 . 2012-12-23 21:41 -------- d-----w- c:\users\Gebruiker\AppData\Local\Graboid

2012-12-23 21:41 . 2012-12-23 21:41 -------- d-----w- c:\programdata\Graboid Inc

2012-12-23 21:41 . 2012-12-23 21:41 -------- d-----w- c:\users\Gebruiker\AppData\Local\Geckofx

2012-12-23 21:38 . 2012-12-23 21:40 -------- d-----w- c:\programdata\Package Cache

2012-12-23 16:42 . 2012-12-24 16:26 -------- d-----w- C:\GameHouse Games

2012-12-23 16:41 . 2012-12-24 16:25 -------- d-----w- c:\program files\RealArcade

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-12 22:59 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll

2013-01-12 08:36 . 2007-04-27 09:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll

2013-01-09 20:30 . 2011-06-21 20:29 779704 ----a-w- c:\windows\system32\deployJava1.dll

2012-12-14 15:49 . 2012-07-31 15:55 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-10-29 15:59 . 2012-10-29 15:59 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

2012-05-15 13:19 . 2011-05-21 13:54 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-03-26 1516600]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-07-26 247768]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-11-12 361632]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]

"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-11-12 5106904]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

simplicheck.lnk - c:\program files\simplitec\simplicheck\simplicheck.exe [2012-4-19 2891072]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 0 (0x0)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 10.lnk]

backup=c:\windows\pss\Snagit 10.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^0.9432218369705224.exe.lnk]

backup=c:\windows\pss\0.9432218369705224.exe.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Inktwaarschuwingen controleren - HP Deskjet 3050A J611 series.lnk]

backup=c:\windows\pss\Inktwaarschuwingen controleren - HP Deskjet 3050A J611 series.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

2009-04-24 03:21 203928 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]

2010-10-27 17:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]

2009-04-02 16:05 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2011-05-18 23:51 136176 ----atw- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

R3 c2wts;Claims voor Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]

R3 GamesAppService;GamesAppService;c:\program files\WildTangent Games\App\GamesAppService.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]

R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]

R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]

S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys [x]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]

S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]

S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]

S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]

S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 netr73;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr73.sys [x]

S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [x]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2013-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 23:51]

.

2013-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 23:51]

.

2013-01-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3998802262-254871581-164839200-1000Core.job

- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-18 23:51]

.

2013-01-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3998802262-254871581-164839200-1000UA.job

- c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-18 23:51]

.

2013-01-14 c:\windows\Tasks\HP Photo Creations Messager.job

- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]

.

2013-01-14 c:\windows\Tasks\SDMsgUpdate (TE).job

- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2012-03-01 18:22]

.

.

------- Bijkomende Scan -------

.

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\bo46pb43.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.032"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.abr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.apd"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.arw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.bay"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.bw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.cr2"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.crw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.cs1"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.dcr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.dcx"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.djv"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.djvu"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.dng"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.eps"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.erf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.fff"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.fpx"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.hdr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.icn"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.iff"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ilbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.int"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.inta"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.iw4"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.j2c"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.j2k"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jbr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jif"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jp2"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jpc"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jpk"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jpx"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.kdc"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.lbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.mef"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.mos"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.mrw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.nef"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.nrw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.orf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pbr"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pcd"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pct"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pcx"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pef"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pgm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pic"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pict"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pix"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ppm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.psd"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.psp"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pspbrush"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pspimage"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.raf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ras"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.raw"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rgb"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rgba"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rsb"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rw2"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rwl"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.sgi"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.sr2"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.srf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.tga"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.thm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.v30po"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.v30pp"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.v30ppf"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.wbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.wbmp"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xbm"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xif"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xmp"

.

[HKEY_USERS\S-1-5-21-3998802262-254871581-164839200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xpm"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]

"OODEFRAG12.00.00.01PROFESSIONAL"="B5FA394FE9E3C65EED2D9F185888188339988A093BE21BE2EF3787127A07B86388BCC5CC5788231BB13929C0968BB14187916F00AE1C4B744ABF5E0D98E25EBF35EC0A111F16EF8855CD25EAC6D0B3B17D60E680C62B35A7C1E7F56D8DA293A9884873755661CC6D25250A5353BC168D0A5B0F4BDE1DCB4D0641B61A452761A492BC54249D34F8A432A9328A2A2573255F8BECF6D3F820C80A916CCCAE3E754AA76FE11F924E5C1BD1FD5BF53C558A5C722EE7EC0AB46C1404554996BE2F20C65FB7B4B75ADF01D51DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E667A2D97226D213B5555D575E7D6A3B980822057490146DC0C7052C6A52A6EED47C839B06449C7E6937A133E827A98E76A8082E390C2AEC73CC1C6554A61D48BEC2E3A0D8B4F4D1C73B3A7801F32E61147BD04BC9AB3EB20D6B8A3FEA415330A3AD1A5020DD5BCC3DD57A7A41A4E66EF5232FE52CFA4D6832CFDE2BFA5F3187FBEE33278C4EC7A9B7DA0CDDE0B87869A0340AE8BB89C85B9B72DDFE234215D457FC6E03231824C6BB5F4D286832FB2BAC857BA5A7EB94FC1888FDF359AC51C2570F41253DCFCE2961BDCE47B6187B3046B0514F72388BE0878E6A27E3682D9DB224533586109B75D0945687FBF478162E178F80738AF84160C5839ADE42E0D7B27C823D80F452F74CC45E9E40D76622B65AEBB2D3039EF9ABB1DC333A8A9B87371C5E2C00222D1FA6F512A35B52AD3DC962D0499446B18B851A3D3AB916FDE7B04EAC53ADBB5AFC451156917C7CAA71E3595D078679DA1CA08BA05EF3BD1F54271F63E8856CFD4A2545BDC6A4F02BEF94AFE39451CA37744257372F575E0A51B35FB18959E12FE0D5849388A94DF50B8097E97EEEE7D701C18F632321D7BA0384A577B04E4C78BF7984547D36B441BC5F09AAB4AF85C1D20F8D3E14E58E24B25D49C743DB625A8948BFB2B0C54DBA20FEBE950C35DA6E9EAAEC90BE8EEB2C509268EC85CEDEC5858CF313122CC201F4BDB74CBC7624CA3D280EDC4354DC2EEC8FE363A3C97C221E26A38FF50FC3281E90B7A5E2BE2137AB329554A94A51F53ED2E0D92B3F804BE208947411E702B9257FC42B00AC94090B066BE0D9513EC69EECC9B60EF82E10063AD1C58084B33035282B9CF733C60920753B1CA0A21CD50B07C99124944F3360D7A837C385947B9E3979EC929703F4D464F5D5314A68CEA5595238A602326CE90FAB32BE62E380D47803C0FBF5197D34CDCE929FA7234E35321BA9B4062965C225315537E4621770BC5EF3C63EDC47EFBCBE87E56DD067A2F4199A50B8083E2FEE52715AA8D80B2C72E7956430A5EBDDD40224E0A4F81F7C178D735F092A8A14D9EE0CB5A2101C681BBE6630E4CF78F4C9"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'Explorer.exe'(5760)

c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll

c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL

c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr

c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\progra~1\AVG\AVG2012\avgrsx.exe

c:\program files\AVG\AVG2012\avgcsrvx.exe

c:\windows\system32\nvvsvc.exe

c:\windows\system32\atieclxx.exe

c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

c:\program files\Common Files\Acronis\Schedule2\schedul2.exe

c:\windows\system32\taskhost.exe

c:\windows\system32\conhost.exe

c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

c:\windows\system32\WUDFHost.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\windows\system32\sppsvc.exe

c:\program files\Common Files\Java\Java Update\jucheck.exe

c:\program files\Java\jre7\bin\javaw.exe

.

**************************************************************************

.

Voltooingstijd: 2013-01-14 23:43:49 - machine werd herstart

ComboFix-quarantined-files.txt 2013-01-14 22:43

ComboFix2.txt 2013-01-13 11:44

ComboFix3.txt 2013-01-12 22:26

.

Pre-Run: 33.685.417.984 bytes beschikbaar

Post-Run: 33.460.846.592 bytes beschikbaar

.

- - End Of File - - 90D1EB578758D4EB08BB8DB63B38C345

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Problemen van de baan, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht/Programma’s en bestanden zoeken en typ daar: ComboFix /Uninstall (met spatie voor de /).

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten). In Windows 7

  • via Start -> Configuratiescherm -> Systeem & Beveiliging -> Systeem -> Systeembeveiliging -> schakel nu systeemherstel uit door de gewenste schijf te selecteren en op "configureren" te klikken.
  • Klik nu op "verwijderen" om alle herstelpunten te verwijderen.
  • Klik op "Toepassen" en "OK".
  • Ga nu terug naar “Systeembeveiliging” en maak meteen een nieuw herstelpunt, zodat je niet hoeft te wachten op een automatisch herstelpunt van het systeem.
  • Kies voor “Maken”. Geef het herstelpunt een eigen naam en klik op “Maken”.
  • Herstart nu de PC.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.