hoe secure.bidvertiser.com verwijderen

kweezie wabbit · 8 maart 2012

Je kan proberen om IE terug op de standaardwaarden in te stellen.

- Open Internet explorer.

- Druk op de Alt toets op je toetsenbord. Er verschijnt een menu.

- Ga naar het menu Extra en kies Internetopties.

- Op de tab Geavanceerd klik je onderaan op de knop Opnieuw instellen...

- Klik nogmaals op Opnieuw instellen.

- Klik op Sluiten en herstart internet explorer.

Opmerking:

Bovenstaande procedure kan ook volautomatisch gebeuren, door dit programma te downloaden en uit te voeren: reset IE naar standaardinstellingen (klik erop).

Meer info over het opnieuw instellen van IE, vindt u hier.

HPc · 8 maart 2012

Na instellen van de standaardvoorwaarden kan ik mijn emailattachements weer downloaden . Bedankt voor de tip.

HPc · 8 maart 2012

- Het lukt nog steeds niet met het installeren van windows service pack 1 (SP1).

Na foutmelding werd ik doorverwezen naar Problemen met het installeren van Service Pack 1 (SP1) voor Windows 7 en Windows Server 2008 R2 oplossen

Ik heb dan het System Update Readiness Tool gedownload en geïnstalleerd (voor Windows 7 32-bits (x86)).

--> SP1 installatie niet gelukt.

- Vervolgens heb ik de Windows Update-probleemoplosser gebruikt. --> SP1 installatie niet gelukt

- Op deze pagina Download Details Hulpprogramma System Update Readiness voor Windows 7 (KB947821) [februari 2012] staan er bij "Downloads van anderen bekijken" nog downloads.

Moet ik hier nog iets van downloaden alvorens ik windows service pack 1 kan installeren?

kape · 8 maart 2012

Uit je log van Combofix gaan we nog één en ander verwijderen :

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

C:\user.js

Folder::

c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}

DDS::

mStart Page = about:blank

Firefox::

FF - ProfilePath - c:\users\Pela\AppData\Roaming\Mozilla\Firefox\Profiles\9ndw5now.default\

FF - prefs.js: browser.search.defaulturl –

FF - user.js: extensions.BabylonToolbar_i.id - d02d2a220000000000001c659d2da719

FF - user.js: extensions.BabylonToolbar_i.hardId - d02d2a220000000000001c659d2da719

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15380

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1721:09

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.newTab - false

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109985

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.instlRef – sst

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

HPc · 8 maart 2012

log van combofix:

ComboFix 12-03-06.01 - Pela 08/03/2012 17:54:37.2.4 - x86

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.1911.1095 [GMT 1:00]

Gestart vanuit: c:\users\Pela\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Pela\Desktop\CFScript.txt

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"C:\user.js"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\user.js

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-02-08 to 2012-03-08 ))))))))))))))))))))))))))))))

.

2012-03-08 17:29 . 2012-03-08 17:29 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-03-08 15:45 . 2012-03-08 15:45 -------- d-----w- c:\windows\system32\SPReview

2012-03-08 15:16 . 2012-03-08 15:16 -------- d-----w- c:\windows\CheckSur

2012-03-06 12:24 . 2012-02-20 00:05 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D0C1191-9F5C-482F-82E5-CD3FD342CE36}\mpengine.dll

2012-03-03 22:36 . 2012-03-03 22:36 637848 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-03-03 22:36 . 2012-03-03 22:36 -------- d-----w- c:\program files\Java

2012-03-02 15:49 . 2012-03-02 15:49 -------- d-----w- c:\windows\system32\EventProviders

2012-03-01 16:24 . 2012-03-01 16:24 388096 ----a-r- c:\users\Pela\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-02-29 16:42 . 2012-03-01 21:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-02-27 17:28 . 2012-02-27 17:28 -------- d-----w- c:\program files\Common Files\Adobe

2012-02-23 18:48 . 2012-02-23 18:48 -------- d-----w- C:\temp

2012-02-23 18:37 . 2012-02-23 18:37 -------- d-----w- c:\users\Pela\AppData\Local\Trend Micro

2012-02-23 18:26 . 2012-03-02 20:48 -------- d-----w- c:\program files\Trend Micro

2012-02-21 16:24 . 2012-02-21 16:24 -------- d-----w- c:\users\Pela\AppData\Local\ACD Systems

2012-02-21 16:24 . 2012-02-21 16:24 -------- d-----w- c:\users\Pela\AppData\Roaming\ACD Systems

2012-02-21 16:22 . 2012-02-23 22:00 -------- d-----w- c:\program files\Common Files\ACD Systems

2012-02-21 16:21 . 2012-02-21 16:21 -------- d-----w- c:\users\Pela\AppData\Local\Downloaded Installations

2012-02-21 16:10 . 2012-02-21 16:10 -------- d-----w- c:\users\Pela\AppData\Roaming\TuneUp Software

2012-02-21 16:09 . 2012-02-21 16:11 -------- d-----w- c:\programdata\TuneUp Software

2012-02-21 16:09 . 2012-02-21 16:09 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2012-02-21 16:07 . 2012-03-03 20:03 -------- d-----w- c:\users\Pela\AppData\Roaming\uTorrent

2012-02-14 22:56 . 2011-12-14 02:50 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-02-14 22:56 . 2011-12-14 03:32 141112 ----a-w- c:\program files\Internet Explorer\sqmapi.dll

2012-02-14 22:56 . 2011-12-14 03:04 1798656 ----a-w- c:\windows\system32\jscript9.dll

2012-02-14 22:56 . 2011-12-14 02:57 1127424 ----a-w- c:\windows\system32\wininet.dll

2012-02-14 22:56 . 2011-12-14 02:54 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll

2012-02-14 22:55 . 2011-12-14 02:59 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll

2012-02-14 22:55 . 2011-12-14 02:56 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2012-02-14 21:29 . 2012-01-03 05:44 478208 ----a-w- c:\windows\system32\timedate.cpl

2012-02-14 21:29 . 2011-12-16 07:59 690688 ----a-w- c:\windows\system32\msvcrt.dll

2012-02-14 21:29 . 2012-01-04 09:03 442880 ----a-w- c:\windows\system32\ntshrui.dll

2012-02-14 21:29 . 2012-01-14 03:48 2340864 ----a-w- c:\windows\system32\win32k.sys

2012-02-11 21:56 . 2012-02-11 21:56 -------- d-----w- c:\users\Pela\AppData\Local\Apps

2012-02-10 20:03 . 2012-02-10 20:10 -------- d-----w- c:\users\Pela\AppData\Roaming\Systweak

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-03 22:36 . 2011-10-19 15:56 567696 ----a-w- c:\windows\system32\deployJava1.dll

2012-03-03 19:58 . 2011-10-16 16:21 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-02-23 08:18 . 2010-11-10 17:36 237072 ------w- c:\windows\system32\MpSigStub.exe

2011-12-14 17:43 . 2011-11-17 17:33 704336 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2011-09-29 07:28 . 2011-10-16 12:22 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

((((((((((((((((((((((((((((( SnapShot@2012-03-06_20.31.19 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-09-05 13:43 . 2012-03-08 16:15 58076 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 04:55 . 2012-03-08 16:15 38064 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2010-10-06 18:36 . 2012-03-08 16:08 17110 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2062663584-2361553994-830336109-1000_UserData.bin

- 2009-07-14 04:50 . 2012-03-06 19:25 86016 c:\windows\System32\DriverStore\infpub.dat

+ 2009-07-14 04:50 . 2012-03-08 16:14 86016 c:\windows\System32\DriverStore\infpub.dat

+ 2012-03-08 16:13 . 2012-03-08 16:13 14189 c:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat

- 2012-03-06 19:23 . 2012-03-06 19:23 14189 c:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat

- 2010-09-30 09:59 . 2012-03-06 19:38 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-09-30 09:59 . 2012-03-08 12:20 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-09-30 09:59 . 2012-03-08 12:20 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-09-30 09:59 . 2012-03-06 19:38 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:41 . 2012-03-08 12:20 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:41 . 2012-03-06 19:38 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2012-03-06 19:24 . 2012-03-06 19:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-03-08 16:13 . 2012-03-08 16:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-03-06 19:24 . 2012-03-06 19:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-03-08 16:13 . 2012-03-08 16:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-03-08 15:41 . 2012-03-08 15:41 152576 c:\windows\winsxs\Temp\PendingRenames\456c0ff441fdcc01570800006c0ba815.msclmd.dll

+ 2012-03-08 13:06 . 2012-03-08 13:06 152576 c:\windows\winsxs\Temp\PendingRenames\0bc6d1532cfdcc01570800008015a810.msclmd.dll

+ 2010-10-11 18:14 . 2012-03-07 23:10 328438 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

+ 2012-03-08 15:45 . 2012-03-08 15:29 253952 c:\windows\System32\SPReview\spwizui.dll

- 2012-03-06 12:47 . 2012-03-06 12:21 253952 c:\windows\System32\SPReview\spwizui.dll

- 2012-03-06 12:47 . 2012-03-06 12:21 280576 c:\windows\System32\SPReview\spreview.exe

+ 2012-03-08 15:45 . 2012-03-08 15:29 280576 c:\windows\System32\SPReview\spreview.exe

+ 2012-03-08 15:45 . 2012-03-08 15:29 190464 c:\windows\System32\SPReview\sperror.dll

- 2012-03-06 12:47 . 2012-03-06 12:21 190464 c:\windows\System32\SPReview\sperror.dll

+ 2009-07-14 04:50 . 2012-03-08 16:14 143360 c:\windows\System32\DriverStore\infstrng.dat

- 2009-07-14 04:50 . 2012-03-06 19:25 143360 c:\windows\System32\DriverStore\infstrng.dat

+ 2009-07-14 04:50 . 2012-03-08 16:14 143360 c:\windows\System32\DriverStore\infstor.dat

- 2009-07-14 04:50 . 2012-03-06 19:25 143360 c:\windows\System32\DriverStore\infstor.dat

- 2009-07-14 04:47 . 2012-03-06 19:23 276968 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 04:47 . 2012-03-08 16:13 276968 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 02:03 . 2012-03-08 16:31 7340032 c:\windows\System32\SMI\Store\Machine\schema.dat

- 2009-07-14 02:03 . 2012-03-06 18:03 7340032 c:\windows\System32\SMI\Store\Machine\schema.dat

+ 2011-09-12 19:58 . 2012-03-08 16:13 2062676 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2062663584-2361553994-830336109-1000-12288.dat

+ 2010-10-19 19:47 . 2012-03-08 16:13 30434584 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2062663584-2361553994-830336109-1000-8192.dat

- 2011-11-02 01:11 . 2012-03-06 19:23 47221300 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2062663584-2361553994-830336109-1000-4096.dat

+ 2011-11-02 01:11 . 2012-03-08 16:13 47221300 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2062663584-2361553994-830336109-1000-4096.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-01-08 1602856]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-04-07 495708]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-21 136216]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-21 171032]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-21 169496]

"FreeFallProtection"="c:\program files\STMicroelectronics\Accelerometer\FF_Protection.exe" [2009-07-22 2384896]

"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-09-05 5249024]

"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]

"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]

"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-14 50472]

"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2010-05-20 206336]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-06 136176]

R2 InstallFilterService;FF Install Filter Service;c:\program files\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-11-30 60928]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]

R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]

R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-06 136176]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-08-10 171520]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-06 1343400]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [2009-11-27 16176]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_f39a6924a795ad94\aestsrv.exe [2009-03-03 81920]

S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]

S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [2009-12-03 41648]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 143968]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-27 125696]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 232960]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-05 277536]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]

S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

.

Inhoud van de 'Gedeelde Taken' map

.

2012-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-06 19:07]

.

2012-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-06 19:07]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.bing.com/

TCP: DhcpNameServer = 193.74.208.65 194.119.228.67 192.168.1.1

FF - ProfilePath - c:\users\Pela\AppData\Roaming\Mozilla\Firefox\Profiles\9ndw5now.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3106777&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine -

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

FF - user.js: extensions.BabylonToolbar_i.id - d02d2a220000000000001c659d2da719

FF - user.js: extensions.BabylonToolbar_i.hardId - d02d2a220000000000001c659d2da719

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15380

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1721:09

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9

FF - user.js: extensions.BabylonToolbar_i.newTab - false

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109985

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

.

**************************************************************************

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Windows 6.1.7600 Disk: WDC_WD25 rev.01.0 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

.

device: opened successfully

user: MBR read successfully

kernel: MBR read successfully

user != kernel MBR !!!

error: Read Kan de opdracht niet uitvoeren door een fout in een I/O-apparaat.

sectors 488397151 (+0): user != kernel

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.032"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.abr"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ani"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.apd"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.arw"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.bay"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-2062663584-2361553994-830336109-1000)

"Progid"="ACDSee Pro 3.bmp"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.bw"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.cr2"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.crw"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.cs1"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.cur"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.dcr"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.dcx"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-2062663584-2361553994-830336109-1000)

"Progid"="ACDSee Pro 3.dib"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.djv"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.djvu"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.dng"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.emf"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.eps"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.erf"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.fff"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.fpx"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.gif"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.hdr"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.icl"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.icn"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.iff"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ilbm"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.int"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.inta"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.iw4"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.j2c"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.j2k"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jbr"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-2062663584-2361553994-830336109-1000)

"Progid"="ACDSee Pro 3.jfif"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jif"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jp2"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jpc"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-2062663584-2361553994-830336109-1000)

"Progid"="ACDSee Pro 3.jpe"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-2062663584-2361553994-830336109-1000)

"Progid"="ACDSee Pro 3.jpeg"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-2062663584-2361553994-830336109-1000)

"Progid"="ACDSee Pro 3.jpg"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jpk"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.jpx"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.kdc"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.lbm"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.mef"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.mos"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.mrw"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NEF\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.nef"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.nrw"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.orf"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pbm"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pbr"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pcd"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pct"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pcx"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pef"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pgm"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pic"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pict"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pix"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-2062663584-2361553994-830336109-1000)

"Progid"="ACDSee Pro 3.png"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ppm"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.psd"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.psp"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pspbrush"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.pspimage"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.raf"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ras"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.raw"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rgb"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rgba"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rle"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rsb"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rw2"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.rwl"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.sgi"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.sr2"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.srf"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.tga"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.THM\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.thm"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-2062663584-2361553994-830336109-1000)

"Progid"="ACDSee Pro 3.tif"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-2062663584-2361553994-830336109-1000)

"Progid"="ACDSee Pro 3.tiff"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ttc"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.ttf"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.v30po"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.v30pp"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.v30ppf"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.wbm"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.wbmp"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.wmf"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xbm"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xif"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xmp"

.

[HKEY_USERS\S-1-5-21-2062663584-2361553994-830336109-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 3.xpm"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-03-08 18:45:41

ComboFix-quarantined-files.txt 2012-03-08 17:45

ComboFix2.txt 2012-03-06 20:47

.

Pre-Run: 184.723.628.032 bytes beschikbaar

Post-Run: 184.674.906.112 bytes beschikbaar

.

- - End Of File - - 6A6E09987C5AD45573C7EA11FD5F8A06

kape · 8 maart 2012

Vreemd ... slechts 1 deeltje is gelukt, de rest niet. Wil je hetzelfde nog eens herhalen, maar nu in "veilige modus".

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}

DDS::

mStart Page = about:blank

Firefox::

FF - ProfilePath - c:\users\Pela\AppData\Roaming\Mozilla\Firefox\Profiles\9ndw5now.default\

FF - prefs.js: browser.search.defaulturl -