Dimike
-
Items
58 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Dimike
-
Hey Clarkie, bedankt voor de tip, ik heb het zo kunnen afdrukken. Ik zal dit topic markeren als opgelost Hartelijk bedankt, Mvg, Dimi
-
Ok Clarkie, ik zal dit eens proberen, ik hou je op de hoogte. Mvg, Dimi
-
Ik werk inderdaad via de verkenner. Ik ken er zelf niet zo heel veel van af, vandaar
-
Hallo Jongens, ik zou foto's willen afdrukken op formaat 7,5x5 cm. Ik heb een HP Photosmart printer, en foto's afdrukken is gen probleem, maar hij drukt steeds af op de standaard fotoformaten. Hebben jullie enig idee hoe ik dit kan oplossen? Met vriendelijke groet, Dimi
-
Hey Mako, hartelijk bedankt voor de reactie en de hulp bij dit probleem Ik zal deze topic markeren als opgelost. Met vriendelijke groet, Dimi
-
Hey Mako, tot nu toe geen update error meer gehad. Wel kregen we vandag dit op de pc: Deze Trojan werd door onze Kaspersky gedetecteerd in dat "zoek" programma. Kan mss niets zijn, maar we hebben het gedesinfecteerd en verwijderd. Grtz, Dimi
-
Ok, hartelijk bedankt Mako ik zal kijken of er nog wat alternatieven zijn. Ik laat je binnen een paar dagen ook weten of ik nog van die meldingen krijg. Grtz, Dimi
-
Ok, super Mako. Alvast bedankt voor de hulp zover. Kan het kwaad indien ik die silverlight terug moest installeren? Of kennen jullie misschien een andere programma om printscreens te maken? Grtz, Dimi
-
Hier het zoek logje: Zoek.exe Version 4.0.0.2 Updated 22-June-2013 Tool run by Dimitri on zo 23/06/2013 at 17:15:01,76. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightShot"=- ==== Deleting Files \ Folders ====================== "C:\Users\Dimitri\AppData\Local\Skillbrains" not found "C:\Windows\tasks\DSite.job" deleted "C:\Windows\tasks\update-S-1-5-21-3578651871-2908149207-1726792251-1000.job" deleted "C:\Windows\tasks\update-sys.job" deleted "c:\program files (x86)\Skillbrains" deleted ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3578651871-2908149207-1726792251-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-3578651871-2908149207-1726792251-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== EOF on zo 23/06/2013 at 17:15:59,66 ======================
-
Hier het logje: Logfile of random's system information tool 1.09 (written by random/random) Run by Dimitri at 2013-06-23 16:38:48 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 873 GB (93%) free of 943 GB Total RAM: 8141 MB (70% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:38:52, on 23/06/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16611) Boot mode: Normal Running processes: C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Users\Dimitri\AppData\Local\Skillbrains\lightshot\4.3.0.0\LightShot.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Program Files\trend micro\Dimitri.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing) O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" O4 - HKCU\..\Run: [LightShot] C:\Users\Dimitri\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 5510 series.lnk = ? O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: acaptuser32.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15322 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" -r "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Acer\Registration\GREGsvc.exe" "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" "C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe" "C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe" -Embedding C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-445591a9-b2f5-4e2b-af89-b121528309ba -SystemEventPortName:HostProcess-85384b94-224c-45c5-856a-e3fead08bca6 -IoCancelEventPortName:HostProcess-71a26081-1bb1-4af9-be80-defeca831460 -NonStateChangingEventPortName:HostProcess-f97e0de9-7570-4cb9-9586-090c1d605dbf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a4193983-3a6d-4582-b476-cb80e9244ff2 -DeviceGroupId:WpdFsGroup "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming "C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN1A70962905NR;CONNECTION=USB;MONITOR=1; "C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart "C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program" "C:\Users\Dimitri\AppData\Local\Skillbrains\lightshot\4.3.0.0\LightShot.exe" Flags: uninsdeletevalue "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe" -Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" KHALMNPR.EXE /API C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 4764 C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} taskeng.exe {095DEA9C-5BCB-4A1D-BCD9-6284A5A5B837} "C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\Nero\Update\NASvc.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files\EgisTec IPS\PMMUpdate.exe" "C:\Program Files\EgisTec IPS\EgisUpdate.exe" "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe" "C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5488.56249800.398324307 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5488 "\\.\pipe\gecko-crash-server-pipe.5488" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe" --proxy-stub-channel=Flash6416.6903BDE0.30101 --host-broker-channel=Flash6416.6903BDE0.6152 --host-pid=6416 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe" --channel=2008.0044F6D0.1174169939 --proxy-stub-channel=Flash6416.6903BDE0.30101 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll" --host-npapi-version=27 --type=renderer taskeng.exe {862C8154-84F5-414F-AD36-B377FE4301FE} C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 600 604 612 65536 608 "C:\Users\Dimitri\Downloads\RSITx64.exe" C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\DSite.job C:\Windows\tasks\update-S-1-5-21-3578651871-2908149207-1726792251-1000.job C:\Windows\tasks\update-sys.job =========Mozilla firefox========= ProfilePath - C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\wfn6x18t.default [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.7.700.224 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59] "Description"=Intel IPT WebApi plugin "Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] "Description"=This plugin updates Intel WebAPI component "Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] "Description"=WildTangent Games App Presence Detector Plugin "Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.7.700.224 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\wfn6x18t.default\extensions\ {84b24861-62f6-364b-eba5-2e5e2061d7e6} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}] Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2012-08-17 652216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}] Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-06-02 1066688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}] Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2012-08-17 510392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}] Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-02-21 436464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2012-08-17 580536] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}] Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2012-08-17 537528] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}] Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-06-02 878784] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}] Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2012-08-17 424888] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}] Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21 367344] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2012-08-17 484280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-11-14 13353064] "OOTag"=C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [2010-02-23 13856] "EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightShot"=C:\Users\Dimitri\AppData\Local\Skillbrains\lightshot\LightShot.exe [2012-11-14 226152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM] C:\Program Files (x86)\Origin\Origin.exe [2013-06-04 3456080] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-03-22 248208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] C:\Users\Dimitri\AppData\Roaming\uTorrent\uTorrent.exe [2013-05-03 1044560] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-06-22 341360] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "OOTag"=C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [2010-02-23 13856] "USB3MON"=C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2011-12-04 291096] "Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2012-02-07 636520] "Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2013-05-08 44128] "Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208] ""= [] "LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304] "AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2013-03-15 356376] C:\Users\Dimitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Inktwaarschuwingen controleren - HP Photosmart 5510 series.lnk - C:\Windows\system32\RunDll32.exe OpenOffice.org 3.4.1.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="acaptuser64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-02-08 68848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=lvcod64.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo"=vfwwdm32.dll "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux1"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-06-23 16:38:48 ----D---- C:\rsit 2013-06-23 16:38:48 ----D---- C:\Program Files\trend micro 2013-06-20 19:36:31 ----RA---- C:\Windows\system32\AdobePDFUI.dll 2013-06-20 19:35:49 ----A---- C:\Windows\SYSWOW64\acaptuser32.dll 2013-06-19 16:09:17 ----D---- C:\Program Files\Adobe 2013-06-19 15:25:02 ----D---- C:\Users\Dimitri\AppData\Roaming\Lavasoft 2013-06-17 16:00:28 ----A---- C:\Windows\system32\AdobePDF.dll 2013-06-17 12:08:05 ----A---- C:\Users\Dimitri\AppData\Roaming\WBPU-TTL.DAT 2013-06-15 17:14:18 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-06-15 17:14:18 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-06-15 17:14:18 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-06-15 17:14:18 ----A---- C:\Windows\system32\urlmon.dll 2013-06-15 17:14:18 ----A---- C:\Windows\system32\iertutil.dll 2013-06-15 17:14:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-06-15 17:14:17 ----A---- C:\Windows\system32\ieui.dll 2013-06-15 17:14:17 ----A---- C:\Windows\system32\ieframe.dll 2013-06-15 17:14:16 ----A---- C:\Windows\system32\mshtml.dll 2013-06-15 17:14:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-06-13 14:00:36 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-06-13 14:00:36 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-06-13 14:00:36 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-06-13 14:00:36 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-06-13 14:00:36 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-06-13 14:00:36 ----A---- C:\Windows\system32\iesysprep.dll 2013-06-13 14:00:36 ----A---- C:\Windows\system32\iesetup.dll 2013-06-13 14:00:36 ----A---- C:\Windows\system32\iernonce.dll 2013-06-13 14:00:36 ----A---- C:\Windows\system32\ie4uinit.exe 2013-06-13 14:00:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-06-13 14:00:35 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-06-13 14:00:35 ----A---- C:\Windows\system32\msfeeds.dll 2013-06-13 14:00:35 ----A---- C:\Windows\system32\jscript9.dll 2013-06-13 14:00:35 ----A---- C:\Windows\system32\jscript.dll 2013-06-13 14:00:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-06-13 14:00:33 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-06-13 14:00:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-06-13 14:00:33 ----A---- C:\Windows\system32\wininet.dll 2013-06-13 14:00:33 ----A---- C:\Windows\system32\jsproxy.dll 2013-06-13 11:06:22 ----A---- C:\Windows\SYSWOW64\win32spl.dll 2013-06-13 11:06:22 ----A---- C:\Windows\system32\win32spl.dll 2013-06-13 11:06:22 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-06-13 11:06:21 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll 2013-06-13 11:06:21 ----A---- C:\Windows\system32\cryptdlg.dll 2013-06-13 11:06:20 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll 2013-06-13 11:06:20 ----A---- C:\Windows\system32\WindowsCodecs.dll 2013-06-13 11:06:19 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2013-06-13 11:06:19 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2013-06-13 11:06:19 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-06-13 11:06:19 ----A---- C:\Windows\SYSWOW64\certutil.exe 2013-06-13 11:06:19 ----A---- C:\Windows\SYSWOW64\certenc.dll 2013-06-13 11:06:19 ----A---- C:\Windows\system32\cryptsvc.dll 2013-06-13 11:06:19 ----A---- C:\Windows\system32\cryptnet.dll 2013-06-13 11:06:19 ----A---- C:\Windows\system32\crypt32.dll 2013-06-13 11:06:19 ----A---- C:\Windows\system32\certutil.exe 2013-06-13 11:06:19 ----A---- C:\Windows\system32\certenc.dll 2013-06-13 11:06:15 ----A---- C:\Windows\SYSWOW64\d3d11.dll 2013-06-13 11:06:15 ----A---- C:\Windows\system32\d3d11.dll 2013-06-02 23:32:13 ----A---- C:\Windows\system32\klfphc.dll 2013-06-02 23:32:04 ----D---- C:\Windows\ELAMBKUP 2013-06-02 23:32:03 ----D---- C:\Program Files (x86)\Kaspersky Lab 2013-06-02 23:32:02 ----D---- C:\ProgramData\Kaspersky Lab 2013-06-02 23:31:59 ----A---- C:\Windows\system32\drivers\klif.sys 2013-06-02 23:31:59 ----A---- C:\Windows\system32\drivers\klflt.sys 2013-05-27 12:32:47 ----D---- C:\Program Files (x86)\WestwoodOnline 2013-05-27 12:32:16 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll 2013-05-27 12:32:16 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll 2013-05-27 12:32:16 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll 2013-05-27 12:32:16 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll 2013-05-27 12:32:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll 2013-05-27 12:32:16 ----A---- C:\Windows\system32\XAudio2_7.dll 2013-05-27 12:32:16 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2013-05-27 12:32:16 ----A---- C:\Windows\system32\xactengine3_7.dll 2013-05-27 12:32:16 ----A---- C:\Windows\system32\d3dcsx_43.dll 2013-05-27 12:32:16 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2013-05-27 12:32:15 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll 2013-05-27 12:32:15 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll 2013-05-27 12:32:15 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll 2013-05-27 12:32:15 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll 2013-05-27 12:32:15 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2013-05-27 12:32:15 ----A---- C:\Windows\system32\D3DX9_43.dll 2013-05-27 12:32:15 ----A---- C:\Windows\system32\d3dx11_43.dll 2013-05-27 12:32:15 ----A---- C:\Windows\system32\d3dx10_43.dll 2013-05-27 12:32:14 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll 2013-05-27 12:32:14 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll 2013-05-27 12:32:14 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll 2013-05-27 12:32:14 ----A---- C:\Windows\system32\XAudio2_6.dll 2013-05-27 12:32:14 ----A---- C:\Windows\system32\xactengine3_6.dll 2013-05-27 12:32:14 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2013-05-27 12:32:13 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll 2013-05-27 12:32:13 ----A---- C:\Windows\system32\XAudio2_5.dll 2013-05-27 12:32:13 ----A---- C:\Windows\system32\xactengine3_5.dll 2013-05-27 12:32:13 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2013-05-27 12:32:12 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll 2013-05-27 12:32:12 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll 2013-05-27 12:32:12 ----A---- C:\Windows\system32\d3dx11_42.dll 2013-05-27 12:32:12 ----A---- C:\Windows\system32\d3dcsx_42.dll 2013-05-27 12:32:11 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll 2013-05-27 12:32:11 ----A---- C:\Windows\system32\D3DX9_42.dll 2013-05-27 12:32:11 ----A---- C:\Windows\system32\D3DX9_41.dll 2013-05-27 12:32:11 ----A---- C:\Windows\system32\d3dx10_41.dll 2013-05-27 12:32:11 ----A---- C:\Windows\system32\D3DCompiler_41.dll 2013-05-27 12:32:10 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll 2013-05-27 12:32:10 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll 2013-05-27 12:32:10 ----A---- C:\Windows\system32\XAudio2_4.dll 2013-05-27 12:32:10 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2013-05-27 12:32:10 ----A---- C:\Windows\system32\xactengine3_4.dll 2013-05-27 12:32:09 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll 2013-05-27 12:32:09 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll 2013-05-27 12:32:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll 2013-05-27 12:32:09 ----A---- C:\Windows\system32\X3DAudio1_6.dll 2013-05-27 12:32:09 ----A---- C:\Windows\system32\D3DX9_40.dll 2013-05-27 12:32:09 ----A---- C:\Windows\system32\d3dx10_40.dll 2013-05-27 12:32:09 ----A---- C:\Windows\system32\D3DCompiler_40.dll 2013-05-27 12:32:08 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll 2013-05-27 12:32:08 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll 2013-05-27 12:32:08 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll 2013-05-27 12:32:08 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll 2013-05-27 12:32:08 ----A---- C:\Windows\system32\XAudio2_3.dll 2013-05-27 12:32:08 ----A---- C:\Windows\system32\XAPOFX1_2.dll 2013-05-27 12:32:08 ----A---- C:\Windows\system32\xactengine3_3.dll 2013-05-27 12:32:08 ----A---- C:\Windows\system32\X3DAudio1_5.dll 2013-05-27 12:32:07 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll 2013-05-27 12:32:07 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll 2013-05-27 12:32:07 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll 2013-05-27 12:32:07 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll 2013-05-27 12:32:07 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll 2013-05-27 12:32:07 ----A---- C:\Windows\system32\XAudio2_2.dll 2013-05-27 12:32:07 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2013-05-27 12:32:07 ----A---- C:\Windows\system32\xactengine3_2.dll 2013-05-27 12:32:07 ----A---- C:\Windows\system32\d3dx10_39.dll 2013-05-27 12:32:07 ----A---- C:\Windows\system32\D3DCompiler_39.dll 2013-05-27 12:32:06 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll 2013-05-27 12:32:06 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll 2013-05-27 12:32:06 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll 2013-05-27 12:32:06 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll 2013-05-27 12:32:06 ----A---- C:\Windows\system32\XAudio2_1.dll 2013-05-27 12:32:06 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2013-05-27 12:32:06 ----A---- C:\Windows\system32\xactengine3_1.dll 2013-05-27 12:32:06 ----A---- C:\Windows\system32\D3DX9_39.dll 2013-05-27 12:32:05 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll 2013-05-27 12:32:05 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll 2013-05-27 12:32:05 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll 2013-05-27 12:32:05 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2013-05-27 12:32:05 ----A---- C:\Windows\system32\d3dx10_38.dll 2013-05-27 12:32:05 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2013-05-27 12:32:04 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll 2013-05-27 12:32:04 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll 2013-05-27 12:32:04 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll 2013-05-27 12:32:04 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll 2013-05-27 12:32:04 ----A---- C:\Windows\system32\XAudio2_0.dll 2013-05-27 12:32:04 ----A---- C:\Windows\system32\xactengine3_0.dll 2013-05-27 12:32:04 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2013-05-27 12:32:04 ----A---- C:\Windows\system32\D3DX9_38.dll 2013-05-27 12:32:03 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll 2013-05-27 12:32:03 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll 2013-05-27 12:32:03 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll 2013-05-27 12:32:03 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll 2013-05-27 12:32:03 ----A---- C:\Windows\system32\xactengine2_10.dll 2013-05-27 12:32:03 ----A---- C:\Windows\system32\D3DX9_37.dll 2013-05-27 12:32:03 ----A---- C:\Windows\system32\d3dx10_37.dll 2013-05-27 12:32:03 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2013-05-27 12:32:02 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll 2013-05-27 12:32:02 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll 2013-05-27 12:32:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll 2013-05-27 12:32:02 ----A---- C:\Windows\system32\d3dx9_36.dll 2013-05-27 12:32:02 ----A---- C:\Windows\system32\d3dx10_36.dll 2013-05-27 12:32:02 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2013-05-27 12:32:01 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll 2013-05-27 12:32:01 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll 2013-05-27 12:32:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll 2013-05-27 12:32:01 ----A---- C:\Windows\system32\xactengine2_9.dll 2013-05-27 12:32:01 ----A---- C:\Windows\system32\d3dx9_35.dll 2013-05-27 12:32:01 ----A---- C:\Windows\system32\d3dx10_35.dll 2013-05-27 12:32:01 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2013-05-27 12:32:00 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll 2013-05-27 12:32:00 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll 2013-05-27 12:32:00 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll 2013-05-27 12:32:00 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll 2013-05-27 12:32:00 ----A---- C:\Windows\system32\xactengine2_8.dll 2013-05-27 12:32:00 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2013-05-27 12:32:00 ----A---- C:\Windows\system32\d3dx10_34.dll 2013-05-27 12:32:00 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2013-05-27 12:31:59 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll 2013-05-27 12:31:59 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll 2013-05-27 12:31:59 ----A---- C:\Windows\system32\xinput1_3.dll 2013-05-27 12:31:59 ----A---- C:\Windows\system32\xactengine2_7.dll 2013-05-27 12:31:59 ----A---- C:\Windows\system32\d3dx9_34.dll 2013-05-27 12:31:58 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll 2013-05-27 12:31:58 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll 2013-05-27 12:31:58 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll 2013-05-27 12:31:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll 2013-05-27 12:31:58 ----A---- C:\Windows\system32\xactengine2_6.dll 2013-05-27 12:31:58 ----A---- C:\Windows\system32\d3dx9_33.dll 2013-05-27 12:31:58 ----A---- C:\Windows\system32\d3dx10_33.dll 2013-05-27 12:31:58 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2013-05-27 12:31:57 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll 2013-05-27 12:31:57 ----A---- C:\Windows\SYSWOW64\d3dx10.dll 2013-05-27 12:31:57 ----A---- C:\Windows\system32\xactengine2_5.dll 2013-05-27 12:31:57 ----A---- C:\Windows\system32\d3dx10.dll 2013-05-27 12:31:56 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll 2013-05-27 12:31:56 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll 2013-05-27 12:31:56 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll 2013-05-27 12:31:56 ----A---- C:\Windows\system32\xactengine2_4.dll 2013-05-27 12:31:56 ----A---- C:\Windows\system32\x3daudio1_1.dll 2013-05-27 12:31:56 ----A---- C:\Windows\system32\d3dx9_31.dll 2013-05-27 12:31:55 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll 2013-05-27 12:31:55 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll 2013-05-27 12:31:55 ----A---- C:\Windows\system32\xinput1_2.dll 2013-05-27 12:31:55 ----A---- C:\Windows\system32\xactengine2_3.dll 2013-05-27 12:31:54 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll 2013-05-27 12:31:54 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll 2013-05-27 12:31:54 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll 2013-05-27 12:31:54 ----A---- C:\Windows\system32\xinput1_1.dll 2013-05-27 12:31:54 ----A---- C:\Windows\system32\xactengine2_2.dll 2013-05-27 12:31:54 ----A---- C:\Windows\system32\xactengine2_1.dll 2013-05-27 12:31:51 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll 2013-05-27 12:31:51 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll 2013-05-27 12:31:51 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll 2013-05-27 12:31:51 ----A---- C:\Windows\system32\xactengine2_0.dll 2013-05-27 12:31:51 ----A---- C:\Windows\system32\x3daudio1_0.dll 2013-05-27 12:31:51 ----A---- C:\Windows\system32\d3dx9_30.dll 2013-05-27 12:31:51 ----A---- C:\Windows\system32\d3dx9_29.dll 2013-05-27 12:31:50 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll 2013-05-27 12:31:50 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll 2013-05-27 12:31:50 ----A---- C:\Windows\system32\d3dx9_28.dll 2013-05-27 12:31:50 ----A---- C:\Windows\system32\d3dx9_27.dll 2013-05-27 12:31:49 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll 2013-05-27 12:31:49 ----A---- C:\Windows\system32\d3dx9_26.dll 2013-05-27 12:31:48 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll 2013-05-27 12:31:48 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll 2013-05-27 12:31:48 ----A---- C:\Windows\system32\d3dx9_25.dll 2013-05-27 12:31:48 ----A---- C:\Windows\system32\d3dx9_24.dll 2013-05-27 12:07:05 ----D---- C:\Users\Dimitri\AppData\Roaming\clear.fiMVPSDK20 2013-05-26 15:44:38 ----D---- C:\Users\Dimitri\AppData\Roaming\Origin 2013-05-26 15:44:37 ----D---- C:\Program Files (x86)\Origin Games 2013-05-26 15:43:16 ----D---- C:\ProgramData\Origin 2013-05-26 15:43:16 ----A---- C:\Windows\wininit.ini 2013-05-26 15:43:15 ----D---- C:\ProgramData\Electronic Arts 2013-05-26 15:43:13 ----D---- C:\Program Files (x86)\Origin 2013-05-24 15:00:40 ----D---- C:\Program Files (x86)\Mozilla Firefox ======List of files/folders modified in the last 1 month====== 2013-06-23 16:38:52 ----D---- C:\Windows\Prefetch 2013-06-23 16:38:49 ----D---- C:\Windows\Temp 2013-06-23 16:38:48 ----RD---- C:\Program Files 2013-06-23 16:30:08 ----D---- C:\Users\Dimitri\AppData\Roaming\TS3Client 2013-06-23 12:07:16 ----D---- C:\Windows\system32\config 2013-06-23 11:59:51 ----D---- C:\Windows\System32 2013-06-23 11:59:51 ----D---- C:\Windows\inf 2013-06-23 11:59:51 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-06-23 11:55:51 ----A---- C:\Windows\SYSWOW64\log.txt 2013-06-23 11:53:47 ----D---- C:\ProgramData\NVIDIA 2013-06-21 12:27:10 ----SHD---- C:\System Volume Information 2013-06-20 19:36:46 ----SHD---- C:\Windows\Installer 2013-06-20 19:35:49 ----D---- C:\Windows\SysWOW64 2013-06-19 15:54:42 ----RD---- C:\Program Files (x86) 2013-06-19 15:54:41 ----SD---- C:\ProgramData\Microsoft 2013-06-19 09:14:24 ----D---- C:\Windows\system32\drivers 2013-06-17 16:01:39 ----HD---- C:\ProgramData 2013-06-17 16:00:31 ----D---- C:\Windows\system32\DriverStore 2013-06-16 10:02:14 ----D---- C:\Windows\rescache 2013-06-15 22:15:00 ----D---- C:\Users\Dimitri\AppData\Roaming\uTorrent 2013-06-15 20:56:12 ----D---- C:\Windows\winsxs 2013-06-15 20:55:55 ----D---- C:\Program Files\Internet Explorer 2013-06-15 20:55:55 ----D---- C:\Program Files (x86)\Internet Explorer 2013-06-15 17:14:25 ----D---- C:\Windows\system32\catroot 2013-06-15 17:14:24 ----D---- C:\Windows\system32\catroot2 2013-06-13 18:25:05 ----D---- C:\Windows\Panther 2013-06-13 18:23:55 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-06-13 18:23:55 ----D---- C:\Windows\system32\nl-NL 2013-06-13 14:00:56 ----D---- C:\Windows\debug 2013-06-13 14:00:55 ----A---- C:\Windows\system32\MRT.exe 2013-06-12 16:35:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-06-05 16:26:56 ----D---- C:\Windows 2013-06-04 11:39:37 ----D---- C:\Windows\Minidump 2013-06-04 11:39:37 ----D---- C:\Windows\Logs 2013-06-02 23:25:14 ----D---- C:\ProgramData\McAfee 2013-06-02 23:25:14 ----D---- C:\Program Files\Common Files 2013-06-02 23:25:13 ----D---- C:\Program Files (x86)\McAfee 2013-06-01 21:06:02 ----D---- C:\Program Files\CCleaner 2013-05-27 13:24:10 ----D---- C:\Windows\system32\wdi 2013-05-27 12:32:48 ----D---- C:\Program Files (x86)\Common Files 2013-05-27 12:31:54 ----RSD---- C:\Windows\assembly 2013-05-27 12:31:52 ----D---- C:\Windows\Microsoft.NET 2013-05-25 18:20:09 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-30 568600] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2011-12-04 16152] R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-06-19 458584] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-06-02 620128] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2012-08-02 28504] R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-06-19 54368] R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2013-06-02 178448] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-06-21 22648] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-06-21 20520] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-06-21 62776] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984] R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-09-21 80384] R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2011-11-30 358576] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-11-16 2950632] R3 iusb3hub;Intel® USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2011-12-04 355096] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2011-12-04 785688] R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2013-03-15 29016] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-03-15 29528] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-01-03 77192] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-01-03 61832] R3 lvpopf64;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640] R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232] R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] R3 LVUVC64;Logitech QuickCam Fusion(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2011-04-19 1488448] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-18 189288] R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 E1G60;Intel® PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792] S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R2 AVP;Kaspersky Anti-Virus-service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2013-03-15 356376] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2012-02-29 28264] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560] R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-02-07 277784] R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-12-25 1640768] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-12-25 381248] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-03-22 93072] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-02-07 363800] R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208] R3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096] S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904] S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-05-03 651720] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-02-08 359664] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-24 117144] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-03 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------
-
Hallo iedereen, ik heb sinds een aantal dagen een probleem op mijn desktop pc. Op een bepaald moment begint er één of andere update te lopen. Deze veroorzaakt dan verschillende kadertjes achter elkaar, steeds met dezelfde melding erin. Tot er op het einde een melding komt dat deze update niet meer werkt. Ik heb geen idee waarvan deze update zou zijn. Het gebeurd ook niet elke dag, maar om de x aantal dagen. Hier is een prinstscreen van deze melding: Hopelijk kunnen jullie me hiermee helpen. Onze Kaspersky detecteerd niets. Met vriendelijke groet, Dimi
-
Hoi Dasle, zal niets meer moeten controleren. Mijn pc heeft volledig de geest gegeven. Krijg hem niet meer opgestart. Toch bedankt voor de hulp die jullie geboden hebben. Ik zet er bij deze een slotje op. Mvg, Dimi
-
Hoi jongens, vandaag hebben we de pc verschillende keren (3x) moeten opstarten. Zelfs het systeem herstel loste niets op. Heb dit systeemherstel dan zelf laten afsluiten, daarna nog eens opgestart en dan startte hij toch op. Ik vrees dat hij het een van de volgende dagen gaat begeven...
-
Hey Dasle, Ik heb soluto geïnstalleerd en de programma's die niet hoefden mee op te starten uitgeschakeld. Zal nu bekijken hoe de pc verder loopt. Alvast bedankt voor al jullie hulp tot nu toe.
-
En hier de tasklist: Imagenaam Proces-i Services ========================= ======== ============================================ System Idle Process 0 n.v.t. System 4 n.v.t. smss.exe 376 n.v.t. csrss.exe 476 n.v.t. wininit.exe 652 n.v.t. csrss.exe 676 n.v.t. services.exe 720 n.v.t. lsass.exe 736 SamSs lsm.exe 744 n.v.t. winlogon.exe 808 n.v.t. svchost.exe 904 DcomLaunch, PlugPlay, Power nvvsvc.exe 968 nvsvc svchost.exe 1008 RpcEptMapper, RpcSs svchost.exe 488 AudioSrv, Dhcp, eventlog, lmhosts, wscsvc svchost.exe 664 AudioEndpointBuilder, CscService, hidserv, Netman, PcaSvc, SysMain, TrkWks, UxSms, WdiSystemHost, WPDBusEnum, wudfsvc svchost.exe 832 Appinfo, BITS, Browser, gpsvc, iphlpsvc, LanmanServer, MMCSS, ProfSvc, RasMan, Schedule, seclogon, SENS, ShellHWDetection, Themes, Winmgmt, wuauserv svchost.exe 1160 EventSystem, netprofm, nsi, SstpSvc, WdiServiceHost nvxdsync.exe 1268 n.v.t. nvvsvc.exe 1280 n.v.t. svchost.exe 1348 CryptSvc, Dnscache, LanmanWorkstation, NlaSvc, TapiSrv spoolsv.exe 1480 Spooler svchost.exe 1520 BFE, DPS, MpsSvc armsvc.exe 1684 AdobeARMservice dwm.exe 1712 n.v.t. explorer.exe 1720 n.v.t. AppleMobileDeviceService. 1776 Apple Mobile Device avp.exe 1952 AVP taskhost.exe 2036 n.v.t. mDNSResponder.exe 704 Bonjour Service LVPrcSrv.exe 1572 LVPrcS64 svchost.exe 1548 Net Driver HPZ12 LVPrS64H.exe 2004 n.v.t. svchost.exe 1540 Pml Driver HPZ12 SetPoint.exe 2124 n.v.t. TomTomHOMERunner.exe 2132 n.v.t. SeaPort.exe 2140 SeaPort sidebar.exe 2148 n.v.t. msnmsgr.exe 2164 n.v.t. TosBtMng.exe 2216 n.v.t. rundll32.exe 2396 n.v.t. nvtray.exe 2428 n.v.t. KHALMNPR.exe 2492 n.v.t. svchost.exe 2912 stisvc hpwuschd2.exe 3008 n.v.t. winampa.exe 3016 n.v.t. avp.exe 3024 n.v.t. iTunesHelper.exe 3044 n.v.t. jusched.exe 3060 n.v.t. TomTomHOMEService.exe 2392 TomTomHOMEService svchost.exe 2372 WinDefend WLIDSVC.EXE 2608 wlidsvc WLIDSVCM.EXE 3312 n.v.t. svchost.exe 3844 FontCache, SSDPSRV, upnphost SearchIndexer.exe 1076 WSearch iPodService.exe 4356 iPod Service svchost.exe 4484 PolicyAgent TosBtSrv.exe 4624 TOSHIBA Bluetooth Service WUDFHost.exe 4768 n.v.t. TosA2dp.exe 4888 n.v.t. TosBtHid.exe 5100 n.v.t. TosBtHSP.exe 4500 n.v.t. TosAVRC.exe 4644 n.v.t. tosOBEX.exe 3964 n.v.t. tosBtProc.exe 5428 n.v.t. NASvc.exe 2764 NAUpdate daemonu.exe 5452 nvUpdatusService wmpnetwk.exe 5740 WMPNetworkSvc firefox.exe 5876 n.v.t. plugin-container.exe 5572 n.v.t. FlashPlayerPlugin_11_4_40 5304 n.v.t. FlashPlayerPlugin_11_4_40 2684 n.v.t. audiodg.exe 6048 n.v.t. cmd.exe 4492 n.v.t. conhost.exe 4568 n.v.t. tasklist.exe 2720 n.v.t. WmiPrvSE.exe 776 n.v.t.
-
Sorry voor de vergissing Dasle. Bij deze de nieuwe printscreen, heb er twee moeten maken, kreeg alles niet in 1 scherm:
-
Bij deze de printscreen van mijn taakbeheer:
-
Hey Kape, ik heb het zowel met IE, Google Chrome als met Opera geprobeerd. Dit verandert niets aan het blijven hangen. Heb je verder mss nog een idee wat het zou kunnen zijn? Het is echt de pc zelf die blijft hangen, niet het internet...
-
Bij deze een nieuwe speedtest op een moment dat hij wat bleef hangen, dit heeft echter niet zolang geduurd. http://www.speedtest.net/result/2156731765.png
-
Heb mijn internetsnelheid ff getest. Ken er zelf niet veel van, anders moet jij eens kijken. Heb ook mijn browser getest: Firefox, en die werkte perfect in de test van peacekeeper ofzoiets... http://www.speedtest.net/result/2149934816.png
-
Command and conquer tiberium alliances is een browserspel, dus ik speel gewoon online via firefox. Denk niet dat dit spel te zwaar is voor mijn pc, het enige wat ik zou moeten hebben is de laatste versie van firefox, internet explorer of google chrome en een goede internetverbinding. Verder vind ik niets van system requirements. Ik speelde hiervoor ook andere spellen en daar had ik het heel af en toe bij. Maar nu was het echt veel erger geworden. Momenteel lijkt alles redelijk vlot te verlopen...
-
Het 'hangen' is nog niet 100% opgelost, maar is wel al wat beter, de snelheid van de pc is wel al een stuk sneller. Wat heeft combofix eigenlijk gedaan? Enig idee wat het 'hangen' misschien nog kan veroorzaken? Het is vooral als Ik Command and Conquer Tiberium Alliances speel en dan nog iets wil opendoen, zoals een extra tab in firefox, of gewoon een map op de pc.
-
Op eerste zicht lijkt de pc sneller te gaan, maar zal binnen een paar uur nog eens een reactie zetten met wat ik ondervind. Bedankt alvast voor de hulp tot hiertoe, kape
-
Hier het nieuwe combofix logje: ComboFix 12-08-29.03 - Evyke 30/08/2012 15:15:38.2.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.2047.1060 [GMT 2:00] Gestart vanuit: c:\users\Evyke\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\Evyke\Desktop\CFScript.txt AV: Kaspersky Anti-Virus *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984} SP: Kaspersky Anti-Virus *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-28 to 2012-08-30 )))))))))))))))))))))))))))))) . . 2012-08-30 13:23 . 2012-08-30 13:23 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-08-30 13:23 . 2012-08-30 13:23 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-29 09:52 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B36DC7DD-7B88-420F-9124-A9C0FE592109}\mpengine.dll 2012-08-28 12:59 . 2012-08-28 12:59 -------- d-----w- c:\program files\Speccy 2012-08-15 10:11 . 2012-08-17 07:26 -------- d-----w- c:\program files (x86)\SpeedFan 2012-08-15 09:09 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys 2012-08-15 09:04 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll 2012-08-15 09:04 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-15 09:04 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe 2012-08-15 09:04 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll 2012-08-15 09:04 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-08-15 09:04 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll 2012-08-15 09:04 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll 2012-08-15 09:04 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-08-15 09:04 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll 2012-08-15 09:04 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll 2012-08-15 09:04 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll 2012-08-15 09:04 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-15 17:19 . 2012-04-25 04:55 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-15 17:19 . 2011-05-24 04:53 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-15 09:05 . 2010-07-29 18:25 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-07-03 11:46 . 2010-12-14 08:04 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-25 18:30 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-06-09 05:43 . 2012-07-15 07:44 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-06 06:06 . 2012-07-15 07:44 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-15 07:44 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-15 07:44 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-15 07:44 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-15 07:44 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-15 07:44 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-02 22:19 . 2012-06-21 09:58 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 09:59 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-21 09:59 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 09:59 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 09:58 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-21 09:59 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-21 09:58 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 09:58 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-21 09:58 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 05:50 . 2012-07-15 07:44 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 05:48 . 2012-07-15 07:44 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 05:48 . 2012-07-15 07:44 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 05:45 . 2012-07-15 07:44 340992 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 05:44 . 2012-07-15 07:44 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 04:40 . 2012-07-15 07:44 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 04:40 . 2012-07-15 07:44 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 04:39 . 2012-07-15 07:44 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34 . 2012-07-15 07:44 96768 ----a-w- c:\windows\SysWow64\sspicli.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-08-29_14.12.41 ))))))))))))))))))))))))))))))))))))))))) . + 2010-07-29 17:43 . 2012-08-30 12:59 46906 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-08-30 09:51 30314 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2010-07-29 17:39 . 2012-08-29 12:48 13192 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-113092802-26259392-1898462911-1000_UserData.bin + 2010-07-29 17:39 . 2012-08-30 09:51 13192 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-113092802-26259392-1898462911-1000_UserData.bin - 2010-07-29 23:12 . 2012-08-29 04:53 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-07-29 23:12 . 2012-08-29 15:06 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-07-29 23:12 . 2012-08-29 15:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2010-07-29 23:12 . 2012-08-29 04:53 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-08-29 04:53 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-08-29 15:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-08-30 12:57 . 2012-08-30 12:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-08-29 12:46 . 2012-08-29 12:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-08-30 12:57 . 2012-08-30 12:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-08-29 12:46 . 2012-08-29 12:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-08-29 12:46 . 2009-10-06 23:46 131608 c:\windows\Temp\logishrd\LVPrcInj02.dll + 2012-08-30 12:57 . 2009-10-06 23:46 131608 c:\windows\Temp\logishrd\LVPrcInj02.dll + 2012-08-30 12:57 . 2009-10-06 23:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll - 2012-08-29 12:46 . 2009-10-06 23:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll - 2009-07-14 05:01 . 2012-08-29 10:04 326652 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-08-30 10:03 326652 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2011-01-04 15:51 . 2012-08-29 10:04 39192148 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-113092802-26259392-1898462911-1000-8192.dat + 2011-01-04 15:51 . 2012-08-30 10:03 39192148 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-113092802-26259392-1898462911-1000-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-12-09 74752] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe" [2011-04-24 202296] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776] . c:\users\Evyke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Inktwaarschuwingen controleren - HP Photosmart 5510 series.lnk - c:\windows\system32\RunDll32.exe [2009-7-14 45568] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-8-26 2684256] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056] R3 DIRECTIO;DIRECTIO;c:\program files (x86)\BurnInTest\DirectIo.sys [2008-03-19 15872] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120] R3 PortTalk;PortTalk;c:\windows\system32\Drivers\PortTalk.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-29 1255736] S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11864] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352] S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592] S3 dvdfab;dvdfab;c:\windows\system32\drivers\dvdfab.sys [2010-11-08 71552] S3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] S3 LVUVC64;Logitech QuickCam Fusion(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-07-29 82816] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392] . . Inhoud van de 'Gedeelde Taken' map . 2012-08-30 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-25 17:19] . 2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 06:41] . 2012-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 06:41] . 2012-08-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-113092802-26259392-1898462911-1000Core.job - c:\users\Evyke\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-03 07:24] . 2012-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-113092802-26259392-1898462911-1000UA.job - c:\users\Evyke\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-03 07:24] . 2012-08-30 c:\windows\Tasks\HP Photo Creations Communicator.job - c:\programdata\HP Photo Creations\Communicator.exe [2012-06-09 09:38] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1609296] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 195.130.131.132 195.130.130.4 FF - ProfilePath - c:\users\Evyke\AppData\Roaming\Mozilla\Firefox\Profiles\bmsbioe1.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties FF - user.js: network.protocol-handler.warn-external.dnupdate - false . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.032" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.abr" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ani" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.apd" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.arw" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bay" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bmp" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bw" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cr2" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.crw" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cs1" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cur" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dcr" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dcx" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dib" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.djv" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.djvu" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dng" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.emf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.eps" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.erf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.fff" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.fpx" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.gif" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.hdr" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.icl" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.icn" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ilbm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.int" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.inta" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.iw4" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.j2c" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.j2k" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jbr" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jfif" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jif" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jp2" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpc" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpe" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpeg" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpg" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpk" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpx" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.kdc" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.lbm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mef" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mos" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mrw" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.nef" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.nrw" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.orf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pbm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pbr" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pcd" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pct" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pcx" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pef" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pgm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pic" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pict" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pix" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.png" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ppm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.psd" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.psp" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pspbrush" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pspimage" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.raf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ras" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rgb" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rgba" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rle" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rsb" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rw2" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rwl" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.sgi" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.sr2" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.srf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tga" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.THM\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.thm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tif" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tiff" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ttc" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ttf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wbm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wbmp" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wmf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xbm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xif" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xpm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:d3,22,5a,20,74,c9,fe,4d,7a,7a,38,92,78,1f,a4,a4,2b,b9,2e,d4,e8,5e,32, db,e9,2b,72,c1,d1,9b,b1,ba,24,33,d4,05,59,07,db,f1,77,d5,3f,2c,da,7b,e7,9b,\ "??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.9" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-08-30 15:26:53 ComboFix-quarantined-files.txt 2012-08-30 13:26 ComboFix2.txt 2012-08-29 14:15 . Pre-Run: 70.385.811.456 bytes beschikbaar Post-Run: 70.163.550.208 bytes beschikbaar . - - End Of File - - 4E3497E92D8D41E0D07EB6AF9741C266
-
Hier het combofix logje ComboFix 12-08-28.03 - Evyke 29/08/2012 16:05:40.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.2047.959 [GMT 2:00] Gestart vanuit: c:\users\Evyke\Downloads\ComboFix.exe AV: Kaspersky Anti-Virus *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984} SP: Kaspersky Anti-Virus *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Downloaded Installers c:\program files (x86)\Downloaded Installers\{990eb956-00f8-48e0-a222-a5a832671c92}\setup.msi c:\users\Evyke\AppData\Roaming\Local c:\users\Evyke\ia_remove.sh3069.tmp c:\users\Evyke\ia_remove.sh4340.tmp c:\windows\security\Database\tmp.edb c:\windows\SysWow64\Temp c:\windows\SysWow64\Temp\KSKD87SFDS . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-28 to 2012-08-29 )))))))))))))))))))))))))))))) . . 2012-08-29 14:12 . 2012-08-29 14:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-08-29 14:12 . 2012-08-29 14:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-29 09:52 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B36DC7DD-7B88-420F-9124-A9C0FE592109}\mpengine.dll 2012-08-28 12:59 . 2012-08-28 12:59 -------- d-----w- c:\program files\Speccy 2012-08-15 10:11 . 2012-08-17 07:26 -------- d-----w- c:\program files (x86)\SpeedFan 2012-08-15 09:09 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys 2012-08-15 09:04 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll 2012-08-15 09:04 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-15 09:04 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe 2012-08-15 09:04 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll 2012-08-15 09:04 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-08-15 09:04 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll 2012-08-15 09:04 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll 2012-08-15 09:04 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-08-15 09:04 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll 2012-08-15 09:04 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll 2012-08-15 09:04 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll 2012-08-15 09:04 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-15 17:19 . 2012-04-25 04:55 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-15 17:19 . 2011-05-24 04:53 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-15 09:05 . 2010-07-29 18:25 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-07-03 11:46 . 2010-12-14 08:04 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-25 18:30 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-06-09 05:43 . 2012-07-15 07:44 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-06 06:06 . 2012-07-15 07:44 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-15 07:44 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-15 07:44 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-15 07:44 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-15 07:44 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-15 07:44 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-02 22:19 . 2012-06-21 09:58 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 09:59 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-21 09:59 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 09:59 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 09:58 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-21 09:59 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-21 09:58 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 09:58 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-21 09:58 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 05:50 . 2012-07-15 07:44 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 05:48 . 2012-07-15 07:44 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 05:48 . 2012-07-15 07:44 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 05:45 . 2012-07-15 07:44 340992 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 05:44 . 2012-07-15 07:44 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 04:40 . 2012-07-15 07:44 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 04:40 . 2012-07-15 07:44 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 04:39 . 2012-07-15 07:44 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34 . 2012-07-15 07:44 96768 ----a-w- c:\windows\SysWow64\sspicli.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-12-09 74752] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe" [2011-04-24 202296] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . c:\users\Evyke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Inktwaarschuwingen controleren - HP Photosmart 5510 series.lnk - c:\windows\system32\RunDll32.exe [2009-7-14 45568] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-8-26 2684256] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176] R2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056] R3 DIRECTIO;DIRECTIO;c:\program files (x86)\BurnInTest\DirectIo.sys [2008-03-19 15872] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 136176] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120] R3 PortTalk;PortTalk;c:\windows\system32\Drivers\PortTalk.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-29 1255736] S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11864] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352] S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592] S3 dvdfab;dvdfab;c:\windows\system32\drivers\dvdfab.sys [2010-11-08 71552] S3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640] S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] S3 LVUVC64;Logitech QuickCam Fusion(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-07-29 82816] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392] . . Inhoud van de 'Gedeelde Taken' map . 2012-08-29 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-25 17:19] . 2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 06:41] . 2012-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-19 06:41] . 2012-08-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-113092802-26259392-1898462911-1000Core.job - c:\users\Evyke\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-03 07:24] . 2012-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-113092802-26259392-1898462911-1000UA.job - c:\users\Evyke\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-03 07:24] . 2012-08-29 c:\windows\Tasks\HP Photo Creations Communicator.job - c:\programdata\HP Photo Creations\Communicator.exe [2012-06-09 09:38] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1609296] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 195.130.131.132 195.130.130.4 FF - ProfilePath - c:\users\Evyke\AppData\Roaming\Mozilla\Firefox\Profiles\bmsbioe1.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties FF - user.js: network.protocol-handler.warn-external.dnupdate - false . - - - - ORPHANS VERWIJDERD - - - - . URLSearchHooks-{65ca59ee-9920-4d7f-8c41-bfa12403261a} - (no file) Wow6432Node-HKLM-Run-NPSStartup - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-Fire Element 1.2 - c:\program files (x86)\ScreenSaverGift\Fire Element 1.2\Fire Element 1.2\Uninstall Fire Element Screensaver 1.2.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.032" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.abr" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ani" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.apd" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.arw" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bay" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bmp" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.bw" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cr2" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.crw" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cs1" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.cur" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dcr" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dcx" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dib" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.djv" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.djvu" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.dng" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.emf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.eps" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.erf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.fff" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.fpx" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.gif" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.hdr" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.icl" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.icn" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ilbm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.int" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.inta" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.iw4" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.j2c" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.j2k" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jbr" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jfif" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jif" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jp2" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpc" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpe" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpeg" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpg" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpk" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.jpx" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.kdc" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.lbm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mef" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mos" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.mrw" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.nef" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.nrw" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.orf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pbm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pbr" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pcd" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pct" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pcx" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pef" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pgm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pic" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pict" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pix" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.png" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ppm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.psd" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.psp" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pspbrush" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.pspimage" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.raf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ras" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rgb" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rgba" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rle" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rsb" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rw2" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.rwl" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.sgi" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.sr2" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.srf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tga" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.THM\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.thm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tif" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.tiff" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ttc" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.ttf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wbm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wbmp" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.wmf" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xbm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xif" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ACDSee Photo Manager 12.xpm" . [HKEY_USERS\S-1-5-21-113092802-26259392-1898462911-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:d3,22,5a,20,74,c9,fe,4d,7a,7a,38,92,78,1f,a4,a4,2b,b9,2e,d4,e8,5e,32, db,e9,2b,72,c1,d1,9b,b1,ba,24,33,d4,05,59,07,db,f1,77,d5,3f,2c,da,7b,e7,9b,\ "??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.9" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-08-29 16:15:34 ComboFix-quarantined-files.txt 2012-08-29 14:15 . Pre-Run: 70.567.620.608 bytes beschikbaar Post-Run: 70.510.194.688 bytes beschikbaar . - - End Of File - - 1E2CB7CC4CCE415659D51AB11BBA91D5
