Ga naar inhoud

Ongeldige installatiekopie bij opstarten van PC en bij openen bepaalde programma's.


Aanbevolen berichten

  • Reacties 53
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

Toch wel raar, wil je zoek.exe nog een runnen op onderstaande manier aub.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
     
    shortcutfix;
    emptyclsid;
    


  • Vink nu de onderstaande opties aan.


    • Auto Clean
    • Chrome Look
    • IE Defaults
    • Reset Chrome

    [*] Klik nu op de knop "Run script".

    [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    [*] Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Hier is de log van Start.exe . Ik had veel werk voor mijn eindwerk, dus heb weinig tijd gehad.

Zoek.exe Version 4.0.0.1 Updated 27-02-2013

Tool run by Administrator on wo 27/02/2013 at 21:18:20,10.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\CLSID\{f0e59437-6148-4a98-b0a6-60d557ef57f4} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f0e59437-6148-4a98-b0a6-60d557ef57f4} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{f0e59437-6148-4a98-b0a6-60d557ef57f4} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f0e59437-6148-4a98-b0a6-60d557ef57f4} deleted successfully

==== Firefox Extensions ======================

ProfilePath: C:\Users\SoetePC\AppData\Roaming\Mozilla\Firefox\Profiles\by3su2n5.default

- WhiteSmoke B - %ProfilePath%\extensions\{f0e59437-6148-4a98-b0a6-60d557ef57f4}

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Undetermined - %AppDir%\extensions\staged

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default

F733C59712465B0BD2130BB7C1A6D6E3 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll - Shockwave Flash

667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat

3FCF47BD73094FA62D81373515F46110 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

632F5B29E8C27631E7AC76E330FE2980 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U7

AB87C54CA19675880B0CAE65B8AF140C - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.11

36FBE76F4F51396B0F70FC95CD7481D2 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin

B78F4C2C592C87DF54E8E0C6AAEF3874 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.1.0.30109.0.dll - Silverlight Plug-In

6209F3BD43FDA86699EEF01B9CF5F0CF - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.1

D72CC3C02764E28C691DBA9751FF8A86 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.1

BC405F582CAAC78AEDE4488E8A259FA1 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.1

C560D8A34A372EE10235938FD2D34CC3 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.1

AF28C98E0897F0475833D02D3CCFFF77 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.1

CABA1A399C7C7471DEBA73CB3BA5AADB - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.1

1D10BD2720963F6B6DB25ACB1F5CF8E9 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.1

C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery

414BADCE0803E142B5B57322E85103AC - C:\Program Files\Garmin GPS Plugin\npGarmin.dll - Garmin Communicator Plug-In

9317118077072C08CD84597D2925249A - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat

667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - Silverlight Plug-In

BF2AD333C79072EEBE5AE0D72670E64E - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll - Microsoft® Silverlight

DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

==== Deleting Files \ Folders ======================

"C:\Users\SoetePC\AppData\Roaming\Mozilla\Firefox\Profiles\by3su2n5.default\extensions\{f0e59437-6148-4a98-b0a6-60d557ef57f4}" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

ccbgjfdieajmokelnlapbedknchgenne - C:\Users\SoetePC\AppData\Local\CRE\ccbgjfdieajmokelnlapbedknchgenne.crx[27/06/2012 19:15]

icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30/10/2012 23:48]

oelbclnhkbhlhikfmpmbakbgeonbjjnp - C:\Users\SoetePC\AppData\Local\CRE\oelbclnhkbhlhikfmpmbakbgeonbjjnp.crx[14/02/2013 17:30]

Google Drive - Administrator - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Administrator - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Administrator - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

avast WebRep - Administrator - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

WhiteSmoke B - Administrator - Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp

Gmail - Administrator - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - SoetePC - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - SoetePC - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - SoetePC - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Game Master 2.1 - SoetePC - Default\Extensions\ccbgjfdieajmokelnlapbedknchgenne

Google Search - SoetePC - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

avast WebRep - SoetePC - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

DVDVideoSoft Browser Extension - SoetePC - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp

WhiteSmoke B - SoetePC - Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp

Gmail - SoetePC - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{30E68078-191F-4017-AC01-10659DF0CE30} SearchYa//searchya.com/?chnl=dcom-100&s=1&cr=837630667&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDyD&q={searchTerms}"

{4F4D5FE8-84F3-436E-882D-458E97084CF5} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={DB958E27-D6B6-4578-9467-BE1C128B0C42}&mid=eb977de8b2f747d0a126d15650ccf3a4-3ec428ebacfab87382bd6ccc856866b177e3e6f0〈=nl&ds=AVG&pr=pr&d=2012-06-09"

{F2C97E00-925F-4CCA-B0EF-63D2D27A9B23} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\SoetePC\Desktop\Microsoft Office Word 2007.lnk -

C:\Users\SoetePC\Desktop\Steam.lnk - C:\Program Files\Steam\steam.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk - C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe

C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

==== shortcuts in Users Start Menu ======================

C:\Users\SoetePC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free Studio Manager.lnk - C:\Program Files\Common Files\DVDVideoSoft\FreeStudioManager.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk - C:\Program Files\Common Files\DVDVideoSoft\bin\DVSSysReport.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Rocket Subscription.lnk - C:\Program Files\Common Files\DVDVideoSoft\bin\SubscriptionOffer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk - C:\Program Files\Common Files\DVDVideoSoft\lib\Uninstall.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube to MP3 Converter.lnk - C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Info iTunes.lnk - C:\Program Files\iTunes\iTunes.Resources\nl.lproj\About iTunes.rtf

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

==== shortcuts in Quick Launch ======================

C:\Users\SoetePC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\SoetePC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TuneUp Utilities 2013.lnk - C:\Program Files\TuneUp Utilities 2013\Integrator.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\SoetePC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\SoetePC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\SoetePC\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\SoetePC\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

C:\users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\SoetePC\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\ADMINI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

Link naar reactie
Delen op andere sites

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.

>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.

4de6eab6867f3-Combofix.JPG

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

* (hier of hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

computer doet nog altijd hetzelfde.

Hier is het logbestand:

ComboFix 13-03-01.01 - Administrator 02/03/2013 9:59.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3036.1733 [GMT 1:00]

Gestart vanuit: c:\users\Administrator\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\PC_VAN_SOETE

c:\programdata\PC_VAN_SOETE\drv06152012184544.inf

c:\programdata\PC_VAN_SOETE\syslog.txt

c:\programdata\PC_VAN_SOETE\win06152012184534344.sys

c:\users\Administrator\AppData\Local\assembly\tmp

c:\windows\system32\SET3BD3.tmp

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-02-02 to 2013-03-02 ))))))))))))))))))))))))))))))

.

.

2013-03-02 09:10 . 2013-03-02 09:10 -------- d-----w- c:\users\SoetePC\AppData\Local\temp

2013-03-02 09:10 . 2013-03-02 09:10 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-03-01 11:34 . 2013-02-08 00:45 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{41D2E781-4DAF-4EAC-8780-A058793497CF}\mpengine.dll

2013-02-27 20:26 . 2013-02-27 20:18 24064 ----a-w- c:\windows\zoek-delete.exe

2013-02-27 20:26 . 2013-03-02 09:11 -------- d-----w- c:\users\Administrator\AppData\Local\Temp

2013-02-27 19:25 . 2013-02-27 19:25 -------- d-----w- c:\users\Administrator\AppData\Roaming\TuneUp Software

2013-02-24 17:39 . 2013-02-24 17:39 -------- d-----w- c:\users\SoetePC\AppData\Local\Conduit

2013-02-24 17:31 . 2013-02-24 17:32 -------- d-----w- c:\program files\DVDVideoSoft

2013-02-24 17:31 . 2013-02-24 17:31 -------- d-----w- c:\program files\Common Files\DVDVideoSoft

2013-02-24 17:20 . 2013-02-24 17:20 -------- d-----w- c:\users\SoetePC\AppData\Roaming\TuneUp Software

2013-02-24 17:20 . 2013-02-27 19:31 -------- d-----w- c:\program files\TuneUp Utilities 2013

2013-02-24 17:20 . 2013-02-24 17:20 -------- d-----w- c:\programdata\TuneUp Software

2013-02-24 17:19 . 2013-02-24 17:19 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2013-02-24 17:19 . 2013-02-24 17:31 -------- d-----w- c:\users\SoetePC\AppData\Roaming\OpenCandy

2013-02-19 15:21 . 2013-02-19 15:21 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%

2013-02-14 08:20 . 2013-02-14 08:23 4126720 ----a-w- c:\program files\GUT60EB.tmp

2013-02-14 08:20 . 2013-02-14 08:20 -------- d-----w- c:\program files\GUM60EA.tmp

2013-02-13 19:54 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll

2013-02-13 13:00 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys

2013-02-13 13:00 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll

2013-02-13 13:00 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-02-13 13:00 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-02-13 13:00 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-02-13 12:33 . 2013-02-13 12:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-02-13 12:33 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-02-13 10:36 . 2013-02-13 10:36 -------- d-----w- c:\users\SoetePC\AppData\Roaming\Malwarebytes

2013-02-06 18:58 . 2012-08-21 12:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2013-02-06 18:57 . 2013-02-06 18:57 -------- d-----w- c:\program files\iPod

2013-02-06 18:57 . 2013-02-06 18:57 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-03-01 12:06 . 2012-04-15 13:49 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-01 12:06 . 2012-02-02 17:34 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-20 12:02 . 2011-06-11 00:58 770384 ----a-w- c:\windows\system32\msvcr100.dll

2013-02-20 12:02 . 2011-06-11 00:58 421200 ----a-w- c:\windows\system32\msvcp100.dll

2013-02-13 10:23 . 2008-01-21 02:24 26624 ----a-w- c:\windows\system32\wtsapi32.dll

2013-01-20 12:05 . 2012-03-04 10:00 1945664 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll

2013-01-20 11:50 . 2012-11-21 13:41 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat

2013-01-17 00:28 . 2012-03-25 10:31 232336 ------w- c:\windows\system32\MpSigStub.exe

2012-12-16 13:12 . 2012-12-23 12:34 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-16 10:50 . 2012-12-23 12:34 293376 ----a-w- c:\windows\system32\atmfd.dll

2012-12-07 16:21 . 2012-09-29 13:11 570912 ----a-w- c:\programdata\Microsoft\VWDExpress\10.0\1033\ResourceCache.dll

2012-05-25 15:38 . 2012-04-15 11:05 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

2013-01-30 14:49 281760 ----a-w- c:\program files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"Spotify Web Helper"="c:\users\Administrator\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-26 1199576]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-01 13789728]

"tsnp2uvc"="c:\windows\tsnp2uvc.exe" [2008-08-28 233472]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-29 450660]

"fspuip"="c:\program files\FSP\fspuip.exe" [2009-06-19 765952]

"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2009-04-10 191488]

"LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2009-07-07 343552]

"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2009-08-05 413696]

"MDS_Menu"="c:\program files\HomeCinema\MediaShow4\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"HideFastUserSwitching"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2012-12-19 14:39 41208 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2012-11-28 13:13 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2006-12-10 20:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2012-12-12 12:57 152544 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]

2009-04-15 21:54 50472 ------w- c:\program files\HomeCinema\PowerDVD8\Language\Language.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-10-24 12:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]

2012-10-26 15:32 7880664 ----a-w- c:\users\Administrator\AppData\Roaming\Spotify\spotify.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]

2012-10-26 15:32 1199576 ----a-w- c:\users\Administrator\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]

2009-05-19 20:16 222504 ------w- c:\program files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe

.

R1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\ADMINI~1\AppData\Local\Temp\Rar$EXa0.305\EmsisoftEmergencyKit\Run\a2ddax86.sys [x]

R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

.

2013-03-02 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 12:06]

.

2013-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-23 13:32]

.

2013-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-23 13:32]

.

2013-03-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-1000Core.job

- c:\users\SoetePC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-21 14:38]

.

2013-03-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-1000UA.job

- c:\users\SoetePC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-21 14:38]

.

2013-03-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-500Core.job

- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-12 11:56]

.

2013-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-248962601-4230873439-1730479556-500UA.job

- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-12 11:56]

.

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyOverride = local

IE: Download all by YouTube Robot - c:\program files\YouTubeRobot\downall.htm

IE: Download by YouTube Robot - c:\program files\YouTubeRobot\downlink.htm

IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

TCP: DhcpNameServer = 195.130.131.4 195.130.130.132

FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\6d1i9qll.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

FF - ExtSQL: !HIDDEN! 2012-04-03 12:57; belgiumeid@eid.belgium.be; c:\program files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

HKLM-Run-Smart Communicator - c:\program files\SmartSchool\Bin\SmartCommunicator.exe

HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

SafeBoot-WudfPf

SafeBoot-WudfRd

MSConfigStartUp-BitTorrent - c:\program files\BitTorrent\BitTorrent.exe

MSConfigStartUp-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

AddRemove-Advanced System Protector_is1 - c:\program files\Advanced System Protector\unins000.exe

AddRemove-Garmin TOPO Swiss_is1 - g:\garmin\TOPO Swiss\unins000.exe

AddRemove-WhiteSmoke_B Toolbar - c:\program files\WhiteSmoke_B\uninstall.exe

AddRemove-_{E1A63F75-1F72-4450-980D-434496FFC646} - c:\program files\Corel\Corel Painter Essentials 4\MSILauncher {E1A63F75-1F72-4450-980D-434496FFC646}

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2013-03-02 10:11

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MsDepSvc]

"ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (Administrator)

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (Administrator)

"Timestamp"=hex:e0,a2,83,7a,79,9a,cd,01

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,28,44,88,96,e2,82,44,b4,bc,67,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,28,44,88,96,e2,82,44,b4,bc,67,\

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.3g2"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]

@Denied: (2) (Administrator)

"Progid"="VLC.3gp"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.3gp2"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.3gpp"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.7z\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WinRAR"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.aac"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ac3\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.ac3"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adts\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.adts"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AIFF"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AIFF"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AIFF"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amc\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.amc"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AMR\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.AMR"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ASF"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ASX"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AU"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]

@Denied: (2) (Administrator)

"Progid"="avifile"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.bwf"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.caf\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.caf"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.CDA"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdda\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.cdda"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.cel"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DB\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Applications\\accicons.exe"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dif\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.dif"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dv\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.dv"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Microsoft Internet Mail Message"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.flc"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.fli"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.GZ\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WinRAR"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]

@Denied: (2) (Administrator)

"Progid"="ChromeHTML.Administrator"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]

@Denied: (2) (Administrator)

"Progid"="ChromeHTML.Administrator"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Applications\\OIS.EXE"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.kar"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.m15"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.m1a"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1s\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.m1s"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.M3U"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3url\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.m3url"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]

@Denied: (2) (Administrator)

"Progid"="VLC.m4a"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4b\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.m4b"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4p\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.m4p"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.m4v"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.m75"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mac\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.mac"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]

@Denied: (2) (Administrator)

"Progid"="IE.AssocFile.MHT"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]

@Denied: (2) (Administrator)

"Progid"="IE.AssocFile.MHT"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MIDI"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MIDI"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOV\UserChoice]

@Denied: (2) (Administrator)

"Progid"="MOV_auto_file"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MP3"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP4\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Applications\\vlc.exe"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpm\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.mpm"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.mpv"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MPEG"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mqv\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.mqv"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.partial\UserChoice]

@Denied: (2) (Administrator)

"Progid"="IE.AssocFile.PARTIAL"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.pct"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.php\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Applications\\notepad.exe"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.pic"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.pict"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pnt\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.pnt"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pntg\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.pntg"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\UserChoice]

@Denied: (2) (Administrator)

"Progid"="Applications\\ppvwicon.exe"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.qcp"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qt\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.qt"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qti\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.qti"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtif\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.qtif"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rar\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WinRAR"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.MIDI"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sd2\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.sd2"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.sdv"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]

@Denied: (2) (Administrator)

"Progid"="ChromeHTML.Administrator"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.smf"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.smi"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.smil"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.sml"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.AU"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]

@Denied: (2) (Administrator)

"Progid"="IE.AssocFile.SVG"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.swa"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tar\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WinRAR"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.targa\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.targa"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tgz\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WinRAR"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.ulw"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]

@Denied: (2) (Administrator)

"Progid"="IE.AssocFile.URL"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]

@Denied: (2) (Administrator)

"Progid"="QuickTime.vfw"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WAV"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WAX"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.website\UserChoice]

@Denied: (2) (Administrator)

"Progid"="IE.AssocFile.WEBSITE"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ASF"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMA"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMD"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMS"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMV"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.ASX"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WMZ"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WPL"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]

@Denied: (2) (Administrator)

"Progid"="WMP11.AssocFile.WVX"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]

@Denied: (2) (Administrator)

"Progid"="ChromeHTML.Administrator"

.

[HKEY_USERS\S-1-5-21-248962601-4230873439-1730479556-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]

@Denied: (2) (Administrator)

"Progid"="ChromeHTML.Administrator"

.

Voltooingstijd: 2013-03-02 10:14:53

ComboFix-quarantined-files.txt 2013-03-02 09:14

.

Pre-Run: 315.237.539.840 bytes beschikbaar

Post-Run: 315.229.519.872 bytes beschikbaar

.

- - End Of File - - FB643C804C887041C9C8FEBCB720405A

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.