Ga naar inhoud

Advanced System Protector kan niet verwijderd worden.

luwina

Door luwina
in Archief Andere software

 Delen

Aanbevolen berichten

kape Grootmeester

kape

Geplaatst:
Geplaatst: (aangepast)

Malwarebytes heeft een berg rotzooi van je PC gehaald.

Kijk bij Software of je die Advanced System Protector daar ziet opduiken. Zo ja, mag je die daar verwijderen. Indien niet aanwezig, mag je volgende vetgedrukte map verwijderen: C:\Program Files (x86)\Advanced System Protector.

aangepast door kape
Link naar reactie
Delen op andere sites
  • Reacties 45
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

luwina Bijdrager

luwina

Geplaatst:
  • Auteur
Geplaatst:

Hoi Kape, het is gelukt, ASP is eraf. heel erg bedankt.Wil je me ook met het volgende helpen,.....Ik kan mijn berichten in hotmail niet openen , kan wel de berichten zien maar niet openen.Bovenin de balk geegft het aan : " kan op dit moment geen verbinding maken met outlook, probeer het later opnieuw".

Link naar reactie
Delen op andere sites
luwina Bijdrager

luwina

Geplaatst:
  • Auteur
Geplaatst: (aangepast)

Hoi Kape, ik zal dit item markeren als " opgelost" en een nieuwe vraag stellen in een ander forum. Nogmaals heel erg bedankt.

PC Helpforum moderator bericht:
Luwina, heb al je berichten samengevoegd ... want mogelijk hebben de problemen toch iets met elkaar te maken aangepast door kape
Link naar reactie
Delen op andere sites
luwina Bijdrager

luwina

Geplaatst:
  • Auteur
Geplaatst:

Hallo, sinds een paar dagen kan ik geen mail openen. Ik had hotmail maar dat is overgezet naar outlook.De problemen waren er echter al toen het nog " hotmail" was.Ik kan wel zien dat er nieuwe berichten zijn maar ze niet openen.Echter de berichten van deze site komen sinds kort ook niet meer in mijn mail terecht.Ook werkt Windows-update niet meer.Wat is er aan de hand ?Vr gr Luwina.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
luwina Bijdrager

luwina

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 12-12-13.02 - Winie 18-12-2012 16:42:56.5.2 - x64Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.2807.1421 [GMT 1:00]Gestart vanuit: c:\users\Winie\Desktop\ComboFix.exeAV: PC Veilig 9.12 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}FW: PC Veilig 9.12 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}SP: PC Veilig 9.12 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt.- VERMINDERDE FUNCTIONALITEIT MODUS -..(((((((((((((((((((( Bestanden Gemaakt van 2012-11-18 to 2012-12-18 ))))))))))))))))))))))))))))))..2012-12-18 15:47 . 2012-12-18 15:47 -------- d-----w- c:\users\Default\AppData\Local\temp2012-12-14 20:24 . 2012-12-14 20:24 388096 ----a-r- c:\users\Winie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe2012-12-14 19:12 . 2012-12-14 19:12 -------- d-----w- c:\program files\CCleaner2012-12-14 18:59 . 2012-12-14 18:59 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-12-14 18:59 . 2012-12-14 18:59 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2012-12-14 13:50 . 2012-12-14 13:50 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys2012-12-14 13:41 . 2012-12-14 13:41 33408 ----a-w- c:\windows\SysWow64\drivers\fsbts.sys2012-12-14 13:41 . 2012-12-14 14:11 50384 ----a-w- c:\windows\system32\drivers\fses.sys2012-12-14 13:41 . 2009-11-18 16:07 94024 ----a-w- c:\windows\system32\drivers\fsdfw.sys2012-12-14 08:02 . 2012-12-17 15:36 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A5320E4-7038-4711-B0C4-B872D6D1B42C}\offreg.dll2012-12-14 07:58 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A5320E4-7038-4711-B0C4-B872D6D1B42C}\mpengine.dll2012-12-13 20:30 . 2012-12-13 20:30 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service2012-12-13 20:18 . 2012-12-13 20:18 -------- d-----w- c:\program files\Microsoft Silverlight2012-12-13 20:18 . 2012-12-13 20:18 -------- d-----w- c:\program files (x86)\SweetIM2012-12-13 20:18 . 2012-12-13 20:18 -------- d-----w- c:\programdata\SweetIM2012-12-13 20:17 . 2012-12-16 02:19 -------- d-----w- c:\program files (x86)\Yontoo2012-12-13 20:17 . 2012-12-13 20:17 -------- d-----w- c:\programdata\Tarma Installer2012-12-13 20:17 . 2012-12-13 20:17 -------- d-----w- c:\users\Winie\AppData\Local\Wajam2012-12-13 19:16 . 2012-12-13 19:16 -------- d-----w- c:\programdata\Ad-Aware Antivirus2012-12-13 19:16 . 2012-12-13 19:16 -------- d-----w- c:\users\Winie\AppData\Roaming\LavasoftStatistics2012-12-13 19:14 . 2012-12-13 19:18 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus2012-12-13 19:14 . 2012-12-13 19:14 -------- d-----w- c:\programdata\Lavasoft2012-12-13 19:14 . 2012-12-13 19:14 -------- d-----w- c:\users\Winie\AppData\Local\Downloaded Installations2012-12-13 19:13 . 2012-12-13 19:13 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys2012-12-13 19:13 . 2012-12-13 19:18 -------- d-----w- c:\programdata\Search Protection2012-12-13 19:13 . 2012-12-13 19:13 -------- d-----w- c:\users\Winie\AppData\Local\adawarebp2012-12-13 19:13 . 2012-12-13 19:13 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection2012-12-13 19:12 . 2012-12-13 19:18 -------- d-----w- c:\users\Winie\AppData\Roaming\Ad-Aware Antivirus2012-12-12 14:26 . 2012-12-12 14:26 -------- d-----w- c:\users\Winie\AppData\Local\Mozilla2012-12-12 12:39 . 2012-12-12 12:39 0 ----a-w- c:\windows\SysWow64\sho674F.tmp2012-12-12 08:16 . 2011-02-19 06:37 1135104 ----a-w- c:\windows\system32\FntCache.dll2012-12-10 16:35 . 2012-12-10 16:35 -------- d-----w- c:\program files (x86)\Softonic2012-12-10 16:34 . 2012-12-10 16:34 -------- d-----w- c:\program files (x86)\VS Revo Group2012-12-08 19:28 . 2012-12-12 07:58 -------- d-----w- c:\windows\system32\SPReview2012-12-08 19:25 . 2012-12-08 19:25 -------- d-----w- c:\windows\system32\EventProviders2012-12-08 19:25 . 2012-12-12 07:59 -------- d-----w- C:\32d0d171ca2c7c551161012012-11-28 20:53 . 2012-11-28 20:53 -------- d-----w- c:\users\Winie\AppData\Local\CRE2012-11-27 12:48 . 2012-11-27 12:48 -------- d-----w- c:\programdata\34323...((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-12-18 14:58 . 2010-06-24 09:33 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2012-11-16 01:56 . 2011-12-08 15:53 66395536 ----a-w- c:\windows\system32\MRT.exe2012-11-01 16:31 . 2005-10-10 08:28 181824 ----a-w- c:\program files\MSSP3NL.DLL2012-10-18 18:18 . 2012-11-16 00:12 3147264 ----a-w- c:\windows\system32\win32k.sys2012-10-16 21:20 . 2012-11-28 14:28 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll2012-10-16 21:20 . 2012-11-28 14:28 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll2012-10-16 20:34 . 2012-11-28 14:28 559104 ----a-w- c:\windows\apppatch\AcLayers.dll2012-10-08 12:19 . 2012-11-16 01:58 17811968 ----a-w- c:\windows\system32\mshtml.dll2012-10-08 11:42 . 2012-11-16 01:58 10925568 ----a-w- c:\windows\system32\ieframe.dll2012-10-08 11:31 . 2012-11-16 01:58 2312704 ----a-w- c:\windows\system32\jscript9.dll2012-10-08 11:24 . 2012-11-16 01:58 1346048 ----a-w- c:\windows\system32\urlmon.dll2012-10-08 11:23 . 2012-11-16 01:58 1392128 ----a-w- c:\windows\system32\wininet.dll2012-10-08 11:22 . 2012-11-16 01:58 1494528 ----a-w- c:\windows\system32\inetcpl.cpl2012-10-08 11:22 . 2012-11-16 01:58 237056 ----a-w- c:\windows\system32\url.dll2012-10-08 11:20 . 2012-11-16 01:58 85504 ----a-w- c:\windows\system32\jsproxy.dll2012-10-08 11:18 . 2012-11-16 01:58 173056 ----a-w- c:\windows\system32\ieUnatt.exe2012-10-08 11:17 . 2012-11-16 01:58 599040 ----a-w- c:\windows\system32\vbscript.dll2012-10-08 11:17 . 2012-11-16 01:58 816640 ----a-w- c:\windows\system32\jscript.dll2012-10-08 11:15 . 2012-11-16 01:58 729088 ----a-w- c:\windows\system32\msfeeds.dll2012-10-08 11:15 . 2012-11-16 01:58 2144768 ----a-w- c:\windows\system32\iertutil.dll2012-10-08 11:13 . 2012-11-16 01:58 96768 ----a-w- c:\windows\system32\mshtmled.dll2012-10-08 11:13 . 2012-11-16 01:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-10-08 11:09 . 2012-11-16 01:58 248320 ----a-w- c:\windows\system32\ieui.dll2012-10-08 07:56 . 2012-11-16 01:58 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll2012-10-08 07:48 . 2012-11-16 01:58 1129472 ----a-w- c:\windows\SysWow64\wininet.dll2012-10-08 07:47 . 2012-11-16 01:58 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl2012-10-08 07:44 . 2012-11-16 01:58 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe2012-10-08 07:43 . 2012-11-16 01:58 420864 ----a-w- c:\windows\SysWow64\vbscript.dll2012-10-08 07:40 . 2012-11-16 01:58 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb2012-09-25 22:39 . 2012-11-16 00:12 95744 ----a-w- c:\windows\system32\synceng.dll2012-09-25 21:55 . 2012-11-16 00:12 78336 ----a-w- c:\windows\SysWow64\synceng.dll..((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))..*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]2012-11-01 15:25 220632 ----a-w- c:\users\Winie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]2012-11-01 15:25 220632 ----a-w- c:\users\Winie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]2012-11-01 15:25 220632 ----a-w- c:\users\Winie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-06-08 880528]"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-10-19 17875120]"GoogleChromeAutoLaunch_C391B160A9461A1047C28399CD4694DC"="c:\users\Winie\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-11-28 1242728].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2010-05-26 1545568]"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]"F-Secure TNB"="c:\program files (x86)\PC Veilig\FSGUI\TNBUtil.exe" [2012-12-14 1655464]"F-Secure Manager"="c:\program files (x86)\PC Veilig\Common\FSM32.EXE" [2009-11-18 201128]"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-05-25 263936]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-11-16 542104].c:\users\Winie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk - c:\users\Winie\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe [N/A].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2012-12-14 50384]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944]R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 246376]R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-08 1255736]R4 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [x]R4 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [x]R4 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\PC Veilig\Anti-Virus\Win2K\FSfilter.sys [2009-11-18 41640]R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\PC Veilig\Anti-Virus\Win2K\FSrec.sys [2009-11-18 27048]S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-12-14 56016]S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2012-12-13 14456]S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-09-13 31080]S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\PC Veilig\HIPS\drivers\fshs.sys [2009-11-18 59784]S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-11-18 94024]S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\PC Veilig\Anti-Virus\minifilter\fsvista.sys [2009-11-18 16768]S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-06-11 868896]S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-05-25 255744]S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-28 243232]S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-09-13 722528]S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\PC Veilig\Anti-Virus\minifilter\fsgk.sys [2012-12-14 199736]S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\PC Veilig\ORSP Client\fsorsp.exe [2012-12-14 61088]S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc.Inhoud van de 'Gedeelde Taken' map.2012-12-18 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-14 18:59].2012-12-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3447960757-339270444-3093424101-1001Core.job- c:\users\Winie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-20 13:48].2012-12-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3447960757-339270444-3093424101-1001UA.job- c:\users\Winie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-20 13:48]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]2012-11-01 15:25 244696 ----a-w- c:\users\Winie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]2012-11-01 15:25 244696 ----a-w- c:\users\Winie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]2012-11-01 15:25 244696 ----a-w- c:\users\Winie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-09 206208]"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-13 417560]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-06-11 861216].------- Bijkomende Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://www.google.nl/mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&m=easynote_tk85&r=273612111235l0494z115f47m2h36smLocal Page = c:\windows\SysWOW64\blank.htmuSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sTCP: DhcpNameServer = 192.168.1.254FF - ProfilePath - c:\users\Winie\AppData\Roaming\Mozilla\Firefox\Profiles\0qzcv7zr.default\FF - ExtSQL: 2012-11-20 19:03; litmus-ff@f-secure.com; c:\program files (x86)\PC Veilig\NRS\litmus-ff@f-secure.comFF - ExtSQL: !HIDDEN! 2011-12-09 23:59; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3.- - - - ORPHANS VERWIJDERD - - - -.Toolbar-Locked - (no file)Toolbar-10 - (no file)Toolbar-!{07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)...--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------.[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]@Denied: (2) (LocalSystem)"{99079A25-328F-4BD4-BE04-00955ACAA0A7}"=hex:51,66,7a,6c,4c,1d,38,12,4b,99,14, 9d,bd,7c,ba,0e,c1,12,43,d5,5f,94,e4,b3"{28387537-E3F9-4ED7-860C-11E69AF4A8A0}"=hex:51,66,7a,6c,4c,1d,38,12,59,76,2b, 2c,cb,ad,b9,0b,f9,1a,52,a6,9f,aa,ec,b4"{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}"=hex:51,66,7a,6c,4c,1d,38,12,99,4c,c5, c6,8a,44,0d,07,f6,df,a9,7b,0a,d1,41,18"{07B18EA9-A523-4961-B6BB-170DE4475CCA}"=hex:51,66,7a,6c,4c,1d,38,12,c7,8d,a2, 03,11,eb,0f,0c,c9,ad,54,4d,e1,19,18,de"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4, 91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27"{87775FDB-6972-41F9-AE51-8326E38CB206}"=hex:51,66,7a,6c,4c,1d,38,12,b5,5c,64, 83,40,27,97,04,d1,47,c0,66,e6,d2,f6,12"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b, 27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8, 89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b"{00A6FAF1-072E-44CF-8957-5838F569A31D}"=hex:51,66,7a,6c,4c,1d,38,12,9f,f9,b5, 04,1c,49,a1,01,f6,41,1b,78,f0,37,e7,09"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54, 07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75"{07B18EA1-A523-4961-B6BB-170DE4475CCA}"=hex:51,66,7a,6c,4c,1d,38,12,cf,8d,a2, 03,11,eb,0f,0c,c9,ad,54,4d,e1,19,18,de"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1, 38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4"{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}"=hex:51,66,7a,6c,4c,1d,38,12,9a,83,ec, 87,46,c2,ee,0e,ca,ac,8b,9d,d1,6a,a1,d0"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b, ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd, d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec, fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e, 51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11.[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]@Denied: (2) (LocalSystem)"Timestamp"=hex:f6,9f,ac,e0,3e,26,cd,01.[HKEY_USERS\S-1-5-21-3447960757-339270444-3093424101-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.Email.1".[HKEY_USERS\S-1-5-21-3447960757-339270444-3093424101-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.VCard.1".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Voltooingstijd: 2012-12-18 17:06:08ComboFix-quarantined-files.txt 2012-12-18 16:06ComboFix2.txt 2012-12-14 16:10ComboFix3.txt 2012-12-14 12:55ComboFix4.txt 2012-12-14 08:44.Pre-Run: 248.504.049.664 bytes beschikbaarPost-Run: 248.462.127.104 bytes beschikbaar.- - End Of File - - D7E71AE2657C88F727C0D63924A52E1A

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\SysWow64\sho674F.tmp

Folder::

c:\program files (x86)\SweetIM

c:\programdata\SweetIM

c:\program files (x86)\Yontoo

c:\programdata\Tarma Installer

c:\users\Winie\AppData\Local\Wajam

c:\programdata\Search Protection

c:\program files (x86)\Softonic

c:\windows\system32\EventProviders

C:\32d0d171ca2c7c55116101

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites
luwina Bijdrager

luwina

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 12-12-17.02 - Winie 18-12-2012 19:35:30.7.2 - x64Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.2807.1634 [GMT 1:00]Gestart vanuit: c:\users\Winie\Desktop\ComboFix.exegebruikte Opdracht switches :: c:\users\Winie\Desktop\CFScript.txtAV: PC Veilig 9.12 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}FW: PC Veilig 9.12 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}SP: PC Veilig 9.12 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt.FILE ::"c:\windows\SysWow64\sho674F.tmp"..(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\SysWow64\sho674F.tmp..(((((((((((((((((((( Bestanden Gemaakt van 2012-11-18 to 2012-12-18 ))))))))))))))))))))))))))))))..2012-12-18 18:48 . 2012-12-18 18:48 -------- d-----w- c:\users\Default\AppData\Local\temp2012-12-14 20:24 . 2012-12-14 20:24 388096 ----a-r- c:\users\Winie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe2012-12-14 19:12 . 2012-12-14 19:12 -------- d-----w- c:\program files\CCleaner2012-12-14 18:59 . 2012-12-14 18:59 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-12-14 18:59 . 2012-12-14 18:59 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2012-12-14 13:50 . 2012-12-14 13:50 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys2012-12-14 13:41 . 2012-12-14 13:41 33408 ----a-w- c:\windows\SysWow64\drivers\fsbts.sys2012-12-14 13:41 . 2012-12-14 14:11 50384 ----a-w- c:\windows\system32\drivers\fses.sys2012-12-14 13:41 . 2009-11-18 16:07 94024 ----a-w- c:\windows\system32\drivers\fsdfw.sys2012-12-14 08:02 . 2012-12-18 16:06 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A5320E4-7038-4711-B0C4-B872D6D1B42C}\offreg.dll2012-12-14 07:58 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A5320E4-7038-4711-B0C4-B872D6D1B42C}\mpengine.dll2012-12-13 20:30 . 2012-12-13 20:30 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service2012-12-13 20:18 . 2012-12-13 20:18 -------- d-----w- c:\program files\Microsoft Silverlight2012-12-13 19:16 . 2012-12-13 19:16 -------- d-----w- c:\programdata\Ad-Aware Antivirus2012-12-13 19:16 . 2012-12-13 19:16 -------- d-----w- c:\users\Winie\AppData\Roaming\LavasoftStatistics2012-12-13 19:14 . 2012-12-13 19:18 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus2012-12-13 19:14 . 2012-12-13 19:14 -------- d-----w- c:\programdata\Lavasoft2012-12-13 19:14 . 2012-12-13 19:14 -------- d-----w- c:\users\Winie\AppData\Local\Downloaded Installations2012-12-13 19:13 . 2012-12-13 19:13 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys2012-12-13 19:13 . 2012-12-13 19:13 -------- d-----w- c:\users\Winie\AppData\Local\adawarebp2012-12-13 19:13 . 2012-12-13 19:13 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection2012-12-13 19:12 . 2012-12-13 19:18 -------- d-----w- c:\users\Winie\AppData\Roaming\Ad-Aware Antivirus2012-12-12 14:26 . 2012-12-12 14:26 -------- d-----w- c:\users\Winie\AppData\Local\Mozilla2012-12-12 08:16 . 2011-02-19 06:37 1135104 ----a-w- c:\windows\system32\FntCache.dll2012-12-10 16:34 . 2012-12-10 16:34 -------- d-----w- c:\program files (x86)\VS Revo Group2012-12-08 19:28 . 2012-12-12 07:58 -------- d-----w- c:\windows\system32\SPReview2012-12-08 19:25 . 2012-12-08 19:25 -------- d-----w- c:\windows\system32\EventProviders2012-11-28 20:53 . 2012-11-28 20:53 -------- d-----w- c:\users\Winie\AppData\Local\CRE2012-11-27 12:48 . 2012-11-27 12:48 -------- d-----w- c:\programdata\34323...((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-12-18 18:19 . 2010-06-24 09:33 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2012-11-16 01:56 . 2011-12-08 15:53 66395536 ----a-w- c:\windows\system32\MRT.exe2012-11-01 16:31 . 2005-10-10 08:28 181824 ----a-w- c:\program files\MSSP3NL.DLL2012-10-18 18:18 . 2012-11-16 00:12 3147264 ----a-w- c:\windows\system32\win32k.sys2012-10-16 21:20 . 2012-11-28 14:28 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll2012-10-16 21:20 . 2012-11-28 14:28 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll2012-10-16 20:34 . 2012-11-28 14:28 559104 ----a-w- c:\windows\apppatch\AcLayers.dll2012-10-08 12:19 . 2012-11-16 01:58 17811968 ----a-w- c:\windows\system32\mshtml.dll2012-10-08 11:42 . 2012-11-16 01:58 10925568 ----a-w- c:\windows\system32\ieframe.dll2012-10-08 11:31 . 2012-11-16 01:58 2312704 ----a-w- c:\windows\system32\jscript9.dll2012-10-08 11:24 . 2012-11-16 01:58 1346048 ----a-w- c:\windows\system32\urlmon.dll2012-10-08 11:23 . 2012-11-16 01:58 1392128 ----a-w- c:\windows\system32\wininet.dll2012-10-08 11:22 . 2012-11-16 01:58 1494528 ----a-w- c:\windows\system32\inetcpl.cpl2012-10-08 11:22 . 2012-11-16 01:58 237056 ----a-w- c:\windows\system32\url.dll2012-10-08 11:20 . 2012-11-16 01:58 85504 ----a-w- c:\windows\system32\jsproxy.dll2012-10-08 11:18 . 2012-11-16 01:58 173056 ----a-w- c:\windows\system32\ieUnatt.exe2012-10-08 11:17 . 2012-11-16 01:58 599040 ----a-w- c:\windows\system32\vbscript.dll2012-10-08 11:17 . 2012-11-16 01:58 816640 ----a-w- c:\windows\system32\jscript.dll2012-10-08 11:15 . 2012-11-16 01:58 729088 ----a-w- c:\windows\system32\msfeeds.dll2012-10-08 11:15 . 2012-11-16 01:58 2144768 ----a-w- c:\windows\system32\iertutil.dll2012-10-08 11:13 . 2012-11-16 01:58 96768 ----a-w- c:\windows\system32\mshtmled.dll2012-10-08 11:13 . 2012-11-16 01:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-10-08 11:09 . 2012-11-16 01:58 248320 ----a-w- c:\windows\system32\ieui.dll2012-10-08 07:56 . 2012-11-16 01:58 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll2012-10-08 07:48 . 2012-11-16 01:58 1129472 ----a-w- c:\windows\SysWow64\wininet.dll2012-10-08 07:47 . 2012-11-16 01:58 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl2012-10-08 07:44 . 2012-11-16 01:58 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe2012-10-08 07:43 . 2012-11-16 01:58 420864 ----a-w- c:\windows\SysWow64\vbscript.dll2012-10-08 07:40 . 2012-11-16 01:58 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb2012-09-25 22:39 . 2012-11-16 00:12 95744 ----a-w- c:\windows\system32\synceng.dll2012-09-25 21:55 . 2012-11-16 00:12 78336 ----a-w- c:\windows\SysWow64\synceng.dll..((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))..*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]2012-11-01 15:25 220632 ----a-w- c:\users\Winie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]2012-11-01 15:25 220632 ----a-w- c:\users\Winie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]2012-11-01 15:25 220632 ----a-w- c:\users\Winie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-06-08 880528]"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-10-19 17875120]"GoogleChromeAutoLaunch_C391B160A9461A1047C28399CD4694DC"="c:\users\Winie\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-11-28 1242728].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2010-05-26 1545568]"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]"F-Secure TNB"="c:\program files (x86)\PC Veilig\FSGUI\TNBUtil.exe" [2012-12-14 1655464]"F-Secure Manager"="c:\program files (x86)\PC Veilig\Common\FSM32.EXE" [2009-11-18 201128]"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-05-25 263936]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-11-16 542104].c:\users\Winie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk - c:\users\Winie\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe [N/A].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2012-12-14 50384]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944]R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 246376]R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-08 1255736]R4 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [x]R4 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [x]R4 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\PC Veilig\Anti-Virus\Win2K\FSfilter.sys [2009-11-18 41640]R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\PC Veilig\Anti-Virus\Win2K\FSrec.sys [2009-11-18 27048]S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-12-14 56016]S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2012-12-13 14456]S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-09-13 31080]S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\PC Veilig\HIPS\drivers\fshs.sys [2009-11-18 59784]S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-11-18 94024]S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\PC Veilig\Anti-Virus\minifilter\fsvista.sys [2009-11-18 16768]S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-06-11 868896]S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-05-25 255744]S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-28 243232]S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-09-13 722528]S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\PC Veilig\Anti-Virus\minifilter\fsgk.sys [2012-12-14 199736]S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\PC Veilig\ORSP Client\fsorsp.exe [2012-12-14 61088]S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc.Inhoud van de 'Gedeelde Taken' map.2012-12-18 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-14 18:59].2012-12-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3447960757-339270444-3093424101-1001Core.job- c:\users\Winie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-20 13:48].2012-12-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3447960757-339270444-3093424101-1001UA.job- c:\users\Winie\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-20 13:48]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]2012-11-01 15:25 244696 ----a-w- c:\users\Winie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]2012-11-01 15:25 244696 ----a-w- c:\users\Winie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]2012-11-01 15:25 244696 ----a-w- c:\users\Winie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-09 206208]"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-13 417560]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-06-11 861216].------- Bijkomende Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://www.google.nl/mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&m=easynote_tk85&r=273612111235l0494z115f47m2h36smLocal Page = c:\windows\SysWOW64\blank.htmuSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sTCP: DhcpNameServer = 192.168.1.254FF - ProfilePath - c:\users\Winie\AppData\Roaming\Mozilla\Firefox\Profiles\0qzcv7zr.default\FF - ExtSQL: 2012-11-20 19:03; litmus-ff@f-secure.com; c:\program files (x86)\PC Veilig\NRS\litmus-ff@f-secure.comFF - ExtSQL: !HIDDEN! 2011-12-09 23:59; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3.- - - - ORPHANS VERWIJDERD - - - -.Toolbar-Locked - (no file)Toolbar-10 - (no file)Toolbar-!{07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)...--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------.[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]@Denied: (2) (LocalSystem)"{99079A25-328F-4BD4-BE04-00955ACAA0A7}"=hex:51,66,7a,6c,4c,1d,38,12,4b,99,14, 9d,bd,7c,ba,0e,c1,12,43,d5,5f,94,e4,b3"{28387537-E3F9-4ED7-860C-11E69AF4A8A0}"=hex:51,66,7a,6c,4c,1d,38,12,59,76,2b, 2c,cb,ad,b9,0b,f9,1a,52,a6,9f,aa,ec,b4"{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}"=hex:51,66,7a,6c,4c,1d,38,12,99,4c,c5, c6,8a,44,0d,07,f6,df,a9,7b,0a,d1,41,18"{07B18EA9-A523-4961-B6BB-170DE4475CCA}"=hex:51,66,7a,6c,4c,1d,38,12,c7,8d,a2, 03,11,eb,0f,0c,c9,ad,54,4d,e1,19,18,de"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4, 91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27"{87775FDB-6972-41F9-AE51-8326E38CB206}"=hex:51,66,7a,6c,4c,1d,38,12,b5,5c,64, 83,40,27,97,04,d1,47,c0,66,e6,d2,f6,12"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b, 27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8, 89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b"{00A6FAF1-072E-44CF-8957-5838F569A31D}"=hex:51,66,7a,6c,4c,1d,38,12,9f,f9,b5, 04,1c,49,a1,01,f6,41,1b,78,f0,37,e7,09"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54, 07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75"{07B18EA1-A523-4961-B6BB-170DE4475CCA}"=hex:51,66,7a,6c,4c,1d,38,12,cf,8d,a2, 03,11,eb,0f,0c,c9,ad,54,4d,e1,19,18,de"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1, 38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4"{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}"=hex:51,66,7a,6c,4c,1d,38,12,9a,83,ec, 87,46,c2,ee,0e,ca,ac,8b,9d,d1,6a,a1,d0"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b, ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd, d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec, fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e, 51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11.[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]@Denied: (2) (LocalSystem)"Timestamp"=hex:f6,9f,ac,e0,3e,26,cd,01.[HKEY_USERS\S-1-5-21-3447960757-339270444-3093424101-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.Email.1".[HKEY_USERS\S-1-5-21-3447960757-339270444-3093424101-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.VCard.1".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Voltooingstijd: 2012-12-18 19:55:46ComboFix-quarantined-files.txt 2012-12-18 18:55ComboFix2.txt 2012-12-18 18:14ComboFix3.txt 2012-12-18 16:06ComboFix4.txt 2012-12-14 16:10ComboFix5.txt 2012-12-18 18:32.Pre-Run: 248.222.437.376 bytes beschikbaarPost-Run: 248.163.438.592 bytes beschikbaar.- - End Of File - - 12D697C67C6D7344CEC5ED64904ACAB3

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.