Ga naar inhoud

computer loopt vast in normale modus, alles werkt in veilige modus


Aanbevolen berichten

Computer met Windows 7 loopt vast, CTRL+ALT+DEL helpt ook niet, taakbeheer start vaak wel op, maar proces stoppen werkt niet. Daarna loopt er steeds meer vast en uiteindelijk een pijltje met een cirkeltje (nieuwe zandloper). MBAM, Spybot, CCleaner, Hitman-Pro laten draaien. In veilige modus gaat alles goed, in normale modus loopt alles vrijwel direct vast. McAffee Total Protection als virusscanner.

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 22:34:02, on 20-5-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16576)

Boot mode: Safe mode with network support

Running processes:

C:\Windows\Explorer.EXE

C:\Windows\system32\ctfmon.exe

C:\Windows\system32\DllHost.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Program Files\McAfee\MAT\McPvTray.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\System32\MsSpellCheckingFacility.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

D:\download\Install\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20130515115732.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKCU\..\Run: [skyDrive] "C:\Users\Familie de Geus\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Koppelingsdoel converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Koppelingsdoel converteren naar bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Toevoegen aan bestaand PDF-bestand - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.caminova.net/en/downloads/getmodule.aspx?lang=en

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll acaptuser32.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 9925 bytes

Link naar reactie
Delen op andere sites

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O20 - AppInit_DLLs: c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll acaptuser32.dll

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

Download AdwCleaner by Xplode naar je bureaublad.

Sluit alle openstaande vensters.

  • Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  • Voor XP: Gewoon dubbelklikken op AdwCleaner.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Informatie op OK
  • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht.

Link naar reactie
Delen op andere sites

Probleem is er nog, onderstaande posten is gelukt via veilige modus.

# AdwCleaner v2.301 - Verslag gemaakt op 21/05/2013 om 08:02:33

# Geactualiseerd op 16/05/2013 door Xplode

# Besturingssysteem : Windows 7 Enterprise Service Pack 1 (32 bits)

# Gebruiker : Familie de Geus - LAPTOP2

# Opstarten Modus : Veillige modus met netwerk

# Gelanceerd vanaf : C:\Users\Familie de Geus\Desktop\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

File Verwijdert : C:\END

Map Verwijdert : C:\ProgramData\BrowserProtect

Map Verwijdert : C:\ProgramData\Tarma Installer

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\5f4dddcb23de443

Sleutel Verwijdert : HKCU\Software\AVG Secure Search

Sleutel Verwijdert : HKCU\Software\ilivid

Sleutel Verwijdert : HKCU\Software\InstallCore

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com

Sleutel Verwijdert : HKLM\SOFTWARE\5f4dddcb23de443

Sleutel Verwijdert : HKLM\Software\AVG Secure Search

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS

Sleutel Verwijdert : HKLM\SOFTWARE\Software

Sleutel Verwijdert : HKLM\Software\Tarma Installer

***** [browsers] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Familie de Geus\AppData\Local\Google\Chrome\User Data\Default\Preferences

Verwijdert [l.2065] : homepage = "hxxp://www1.delta-search.com/?affID=119556&tt=gc_170513_181616&babsrc=HP_ss&mntrId=4[...]

*************************

AdwCleaner[R1].txt - [2766 octets] - [21/05/2013 08:01:46]

AdwCleaner[s1].txt - [2438 octets] - [21/05/2013 08:02:33]

########## EOF - C:\AdwCleaner[s1].txt - [2498 octets] ##########

Link naar reactie
Delen op andere sites

Download zoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
startupall; 
filesrcm; 

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
    • Running processes
    • Firefox Look
    • Chrome Look
    • Firefox Defaults
    • Reset Chrome
    • Shortcut Fix
    • IE Defaults
    • Auto Clean

    [*] Klik daarna op de knop "Run script".

    [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    [*] Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.2 Updated 20-May-2013

Tool run by Familie de Geus on di 21-05-2013 at 9:58:29,07.

Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 x86

Running in: Safe Mode NETWORK Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\mfevtps.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\Explorer.EXE

C:\Windows\system32\ctfmon.exe

C:\Windows\system32\DllHost.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Program Files\McAfee\MAT\McPvTray.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Familie de Geus\Desktop\zoek.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Files \ Folders ======================

"C:\Users\Familie de Geus\AppData\Roaming\DSite" deleted

"C:\Windows\System32\searchplugins" deleted

"C:\Windows\System32\Extensions" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\FAMILI~1\AppData\Local\Temp ====

====== C:\Windows\system32 =====

2013-05-20 12:58:41 CE5FCA53BEB1D0B4D3DDCFE243DD3D69 372 ----a-w- C:\Windows\System32\.crusader

2013-05-18 05:27:23 EB02C18DE7A07056FE51F19D5FBB8216 22872 ----a-r- C:\Windows\System32\AdobePDFUI.dll

2013-05-18 05:23:24 6DE3113DDA7A7FDA20F2E92434108438 114280 ----a-w- C:\Windows\System32\acaptuser32.dll

2013-05-15 22:06:29 49834B94A8E8383B700EDDEF46C2AE6A 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-05-15 22:06:28 0142341520F0A0F2B0E312335B96705B 690688 ----a-w- C:\Windows\System32\jscript.dll

2013-05-15 22:06:27 C9A062F32FF600C96795B43CD9A53151 2877440 ----a-w- C:\Windows\System32\jscript9.dll

2013-05-15 22:06:26 DFDBC397D0DDBD1AFA3CB400D4C003A9 61440 ----a-w- C:\Windows\System32\iesetup.dll

2013-05-15 22:06:26 28AEB03752D716BF149DBC93A9ACC17E 391168 ----a-w- C:\Windows\System32\ieui.dll

2013-05-15 22:06:26 03180AFD271BFD88813F428421BC4A1A 39424 ----a-w- C:\Windows\System32\jsproxy.dll

2013-05-15 22:06:25 CABEB999311516EAFF8CFCB17B7A0812 42496 ----a-w- C:\Windows\System32\ie4uinit.exe

2013-05-15 22:06:25 5915AA67DECA289F7B4AFB686CDB09E9 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-05-15 22:06:25 52AA8A8DA4175580F365D275EB53DBE3 493056 ----a-w- C:\Windows\System32\msfeeds.dll

2013-05-15 22:06:25 3CC9825BFFE7B7429C8B79B0395ACDA8 33280 ----a-w- C:\Windows\System32\iernonce.dll

2013-05-15 22:06:24 65C95886E1B17001ADDF163AC18C5525 1130496 ----a-w- C:\Windows\System32\urlmon.dll

2013-05-15 22:06:24 366D8EA2ADCBA228C9487BC6D2427DDC 109056 ----a-w- C:\Windows\System32\iesysprep.dll

2013-05-15 22:06:23 F59A16A9418044C1D505C53DA370B099 2046976 ----a-w- C:\Windows\System32\iertutil.dll

2013-05-15 22:06:21 5ABB3F36AF17007F33FA275E96A2C95E 1767424 ----a-w- C:\Windows\System32\wininet.dll

2013-05-15 22:06:20 D5E5A86F49ACC11768D8339094C3AFD8 13760512 ----a-w- C:\Windows\System32\ieframe.dll

2013-05-15 22:06:14 7A468BC721C1D34E60389D3F2F87BBEA 14323712 ----a-w- C:\Windows\System32\mshtml.dll

2013-05-15 01:41:00 52948A58E4E64427DC399A409EF1CAB5 2347520 ----a-w- C:\Windows\System32\win32k.sys

2013-05-15 01:40:47 DA8AAF7E56F698608A89542131F74818 40960 ----a-w- C:\Windows\System32\wwanprotdim.dll

2013-05-15 01:40:47 3C5E51C05BE9B56EAFF4E388C3AB25E4 186368 ----a-w- C:\Windows\System32\wwansvc.dll

2013-05-15 01:40:24 565D78187494FB5F08B5A52DEB2AEA7A 12872704 ----a-w- C:\Windows\System32\shell32.dll

2013-05-15 01:40:22 EACFDF31921F51C097629F1F3C9129B4 47104 ----a-w- C:\Windows\System32\appinfo.dll

2013-05-15 01:40:22 E904178851A6A44BFA97E064EF779E9D 1796096 ----a-w- C:\Windows\System32\authui.dll

2013-05-15 01:40:22 B0BC447C758FF055D53FC6831FDB0344 101720 ----a-w- C:\Windows\System32\consent.exe

2013-05-15 01:40:22 1F05F5A16881CD928C82D53CEFCF4477 180224 ----a-w- C:\Windows\System32\shdocvw.dll

2013-05-10 11:32:53 C0D44791C969D65E63F250BC8BA0DC57 46928 ----a-w- C:\Windows\System32\AdobePDF.dll

2013-05-07 21:15:47 4417377CEDABD9BD161FA7EDEDA175D4 745472 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2013-05-07 21:15:47 0402BFC25AB49E02256BC24E32829773 185344 ----a-w- C:\Windows\System32\elshyph.dll

2013-05-07 21:15:46 F0D4AE074D9BC0741DC6E91C741F2F8C 23040 ----a-w- C:\Windows\System32\licmgr10.dll

2013-05-07 21:15:46 E14A07B768EC49D382CABCE2F078D576 232960 ----a-w- C:\Windows\System32\url.dll

2013-05-07 21:15:46 DEFB55D4FF094673DF31FA89A8A8A2F0 226816 ----a-w- C:\Windows\System32\dxtrans.dll

2013-05-07 21:15:46 C68FBBF01E86CB6CF0B797748FBD6C1A 357888 ----a-w- C:\Windows\System32\dxtmsft.dll

2013-05-07 21:15:46 C28A634CF127DA67D566B5E14D0A0170 719360 ----a-w- C:\Windows\System32\mshtmlmedia.dll

2013-05-07 21:15:46 C225E5307D8D4982A1687F2702C37C78 158720 ----a-w- C:\Windows\System32\msls31.dll

2013-05-07 21:15:46 B96C13B5C85AC4240FE95DE115945D59 38400 ----a-w- C:\Windows\System32\imgutil.dll

2013-05-07 21:15:46 AF0332E09DDBE0172237D1958A7DADB8 79872 ----a-w- C:\Windows\System32\mshtmled.dll

2013-05-07 21:15:46 A7E8E3A9F92D9B0D495F636A1D282883 48640 ----a-w- C:\Windows\System32\mshtmler.dll

2013-05-07 21:15:46 9DF7A7C74D8632CB5EBD37E3A374825E 204800 ----a-w- C:\Windows\System32\webcheck.dll

2013-05-07 21:15:46 9D9AC6CE9A9D951AC40DE91CD6F0A620 1441280 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-05-07 21:15:46 96E0F0BED5D9EBABB899D8CA83C36A7E 523264 ----a-w- C:\Windows\System32\vbscript.dll

2013-05-07 21:15:46 932571EFF79B93F94E84ADF4989A277F 69120 ----a-w- C:\Windows\System32\icardie.dll

2013-05-07 21:15:46 8C3D32A4A46326031309A43C52539D7F 1400416 ----a-w- C:\Windows\System32\ieapfltr.dat

2013-05-07 21:15:46 8A45166CD9874463AB76B552C9C2D3AD 110592 ----a-w- C:\Windows\System32\IEAdvpack.dll

2013-05-07 21:15:46 87E71F2A83681F41B796CA685818EF2D 163840 ----a-w- C:\Windows\System32\msrating.dll

2013-05-07 21:15:46 828B4A41BE891A7AEC07E693422B4A3A 117248 ----a-w- C:\Windows\System32\iepeers.dll

2013-05-07 21:15:46 81C4D657D37C3A5418B54BFECE821B84 57344 ----a-w- C:\Windows\System32\pngfilt.dll

2013-05-07 21:15:46 80B47F0F45C3EBF41C30E0BA367D25D3 125440 ----a-w- C:\Windows\System32\occache.dll

2013-05-07 21:15:46 6DF2C6438CFF6EFCBBB88AEE01795501 73728 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe

2013-05-07 21:15:46 56E51C26745FF7413514EA4DDF33BC6C 11776 ----a-w- C:\Windows\System32\msfeedssync.exe

2013-05-07 21:15:46 52A7D73D5570F757D865DDECD087FB41 138752 ----a-w- C:\Windows\System32\wextract.exe

2013-05-07 21:15:46 4A47CAEA8D3B82DE439A79771ECED4B1 361984 ----a-w- C:\Windows\System32\html.iec

2013-05-07 21:15:46 414A3D9AAE072CDEFE0B64C2EBEE18D2 61952 ----a-w- C:\Windows\System32\tdc.ocx

2013-05-07 21:15:46 404FAD93ABFBD86D1AAAB47D5DFA6505 242200 ----a-w- C:\Windows\System32\iedkcs32.dll

2013-05-07 21:15:46 3AB2A38F7EA9E62D176A78FB58761E24 12800 ----a-w- C:\Windows\System32\mshta.exe

2013-05-07 21:15:46 338520304B99471BD0ED121954FE7863 82432 ----a-w- C:\Windows\System32\inseng.dll

2013-05-07 21:15:46 2D7A29C35D0894481A69FA3AC45F18F0 41984 ----a-w- C:\Windows\System32\msfeedsbs.dll

2013-05-07 21:15:46 260D83B1B3696DFA30E33E015C30E12C 137216 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-05-07 21:15:46 1FF56AC32B38A94C3C88497BD6E00C96 25185 ----a-w- C:\Windows\System32\ieuinit.inf

2013-05-07 21:15:46 0F44172A5B34E8F208CD0F209EDD4A73 629248 ----a-w- C:\Windows\System32\ieapfltr.dll

2013-05-07 21:15:46 038F76279EC64878A072D988DE13C7B2 150528 ----a-w- C:\Windows\System32\iexpress.exe

2013-05-07 21:14:48 FB3F036EF6A467F7AF46C821FF5D198D 220160 ----a-w- C:\Windows\System32\d3d10core.dll

2013-05-07 21:14:48 E12C4928B32ACE04610259647F072635 906240 ----a-w- C:\Windows\System32\FntCache.dll

2013-05-07 21:14:48 D4F264FE23F8953D840904418220C15E 293376 ----a-w- C:\Windows\System32\dxgi.dll

2013-05-07 21:14:48 D4212AB475A3B25EC4DF574536C3EDC5 249856 ----a-w- C:\Windows\System32\d3d10_1core.dll

2013-05-07 21:14:48 C7A730AFB80B11F93EFC81B1D6F920D7 364544 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2013-05-07 21:14:48 B3170CCC779B682C3341873EA60CF084 1988096 ----a-w- C:\Windows\System32\d3d10warp.dll

2013-05-07 21:14:48 9FF8F684BACF326082E5562F7C104A79 3419136 ----a-w- C:\Windows\System32\d2d1.dll

2013-05-07 21:14:48 8B285BDAB7735FDFB18E6F7122923B77 187392 ----a-w- C:\Windows\System32\UIAnimation.dll

2013-05-07 21:14:48 8504944851DF6175CC489A8F3328459E 1080832 ----a-w- C:\Windows\System32\d3d10.dll

2013-05-07 21:14:48 7ACDFB4CC67F4993DF0E0731576309B2 1504768 ----a-w- C:\Windows\System32\d3d11.dll

2013-05-07 21:14:48 6A7B5A3EFCCDB53DA41CF6838056990F 1158144 ----a-w- C:\Windows\System32\XpsPrint.dll

2013-05-07 21:14:48 6A13B4F3B3F575F1E24B877B9359AABA 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-05-07 21:14:48 6951562DC4625EEFC6EACD52AD165866 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-07 21:14:48 62A6EB5771580CAE445804389F3F7432 207872 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll

2013-05-07 21:14:48 60F4AEFA103D421EA4A40E31409B4756 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-05-07 21:14:48 600A65F922CCDCBB2D11467914241556 2284544 ----a-w- C:\Windows\System32\msmpeg2vdec.dll

2013-05-07 21:14:48 589CBC4989F750E1DA35625AB481CF43 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-05-07 21:14:48 545F1BAAADD0BF1F4FE4586293FCA07D 417792 ----a-w- C:\Windows\System32\WMPhoto.dll

2013-05-07 21:14:48 4FF3EC04CD47DD62181894B71B004E40 604160 ----a-w- C:\Windows\System32\d3d10level9.dll

2013-05-07 21:14:48 49ACA548B2423F1C67898E6AC719A9A6 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-05-07 21:14:48 4277F5164DE9B7C665BB928B9145BEE0 1247744 ----a-w- C:\Windows\System32\DWrite.dll

2013-05-07 21:14:48 3C1936A12C62254F914A01BBC6A8DC69 161792 ----a-w- C:\Windows\System32\d3d10_1.dll

2013-05-07 21:14:48 3BE0D923AA45A4DBE091C2D84F0B4FE7 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

2013-05-07 21:14:48 3BCECD87AB4E6743BFB45B352AD1A529 1230336 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2013-05-07 21:14:48 2E33DFD10F28F86C3FC40EE123CC3904 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-05-07 21:14:48 1C60E09CA1C3A045BC4D367F67C915B7 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-05-07 21:14:48 007863E45F25AA47A4C30D0930BBFD85 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

====== C:\Windows\system32\drivers =====

2013-05-20 08:03:09 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-05-15 01:40:31 16498EBC04AE9DD07049A8884B205C05 728424 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-05-15 01:40:30 E405328A0E38BF823E2361C413283F6D 218984 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-04-24 14:59:10 5E43D2B0EE64123D4880DFA6626DEFDE 1211752 ----a-w- C:\Windows\System32\drivers\ntfs.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-05-20 14:06:54 -------- d-----w- C:\Program Files\Spybot - Search & Destroy

2013-05-20 10:39:38 -------- d-----w- C:\Program Files\HitmanPro

2013-05-15 14:23:27 -------- d-----w- C:\Program Files\supra IPCam

2013-04-27 20:35:25 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared

2013-04-27 15:13:29 -------- d-----w- C:\Program Files\Common Files\Nero

2013-04-27 15:11:40 -------- d-----w- C:\Program Files\Common Files\LightScribe

2013-04-26 20:24:44 -------- d-----w- C:\Program Files\RapidTyping

======= C: =====

2013-05-21 06:49:10 51ED647656FC0A5FDB99A41E15B489F8 1038 ----a-w- C:\AdwCleaner[R2].txt

2013-05-21 06:02:33 3FB99BD0BC9D52B386F27D2FE5175048 2567 ----a-w- C:\AdwCleaner[s1].txt

2013-05-21 06:01:46 596F0E4C6AE7761BD9E873BC440715A0 2766 ----a-w- C:\AdwCleaner[R1].txt

====== C:\Users\Familie de Geus\AppData\Roaming ======

2013-05-17 12:18:34 -------- d-----w- C:\users\Familie de Geus\AppData\Roaming\Google

2013-05-10 20:26:56 -------- d-----w- C:\users\Familie de Geus\AppData\Roaming\CouchPotato

2013-05-04 16:18:46 -------- d-----w- C:\users\Default\AppData\Local\Google

2013-05-04 16:18:46 -------- d-----w- C:\users\Default User\AppData\Local\Google

2013-05-03 20:59:23 -------- d-----w- C:\users\Familie de Geus\AppData\Roaming\Nero

2013-04-27 19:41:47 -------- d-----w- C:\users\Familie de Geus\AppData\Roaming\YCanPDF

2013-04-27 19:39:52 -------- d-----w- C:\users\Familie de Geus\AppData\Local\Programs

2013-04-27 18:56:35 -------- d-----w- C:\users\Familie de Geus\AppData\Local\Nero_AG

2013-04-27 18:51:43 -------- d-----w- C:\users\Familie de Geus\AppData\Local\Nero

2013-04-26 21:15:40 23B0AB53A64CE85732645F7C5491836E 3584 ----a-w- C:\users\Familie de Geus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2013-04-26 20:45:32 -------- d-----w- C:\users\Familie de Geus\AppData\Roaming\RapidTyping

2013-04-26 20:14:00 -------- d-----w- C:\users\Familie de Geus\AppData\Roaming\calibre

====== C:\Users\Familie de Geus ======

2013-05-20 14:07:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

2013-05-20 14:06:54 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-05-20 10:38:28 -------- d-----w- C:\ProgramData\HitmanPro

2013-05-03 19:18:32 -------- d-----w- C:\Users\Public\Nieuwe map

2013-04-27 20:47:10 -------- d-----w- C:\ProgramData\FLEXnet

2013-04-27 15:13:04 -------- d-----w- C:\ProgramData\Nero

2013-04-26 20:45:32 -------- d-----w- C:\ProgramData\RapidTyping

2013-04-26 20:24:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RapidTyping

2013-04-26 20:16:36 -------- d-----w- C:\Users\Familie de Geus\Mijn Boeken

====== C: exe-files ==

2013-05-21 06:01:05 0A90C8A3F94564E7EAF541981EAFA52A 632031 ----a-w- C:\Users\Familie de Geus\Desktop\adwcleaner.exe

2013-05-20 15:08:00 F459953910C6FABABDFCD15A301A6FD9 774592 ----a-w- C:\Users\Familie de Geus\Downloads\ZipOpenerSetup.exe

2013-05-20 14:29:44 ECDBAF92029E281D5395E529EBFA4E0C 698320 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\advcheck165.exe

2013-05-20 14:06:57 896A1DB9A972AD2339C2E8569EC926D1 2144088 --sha-r- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

2013-05-20 14:06:57 794D4B48DFB6E999537C7C3947863463 1153368 ----a-w- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

2013-05-20 14:06:57 4CD08EEAC08BA53A38E48AF4813E1968 2005504 ----a-w- C:\Program Files\Spybot - Search & Destroy\SDShred.exe

2013-05-20 14:06:56 7C616AD7AE8F75278A069641ECFCDC06 1740632 --sha-r- C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe

2013-05-20 14:06:56 0477C2F9171599CA5BC3307FDFBA8D89 5365592 --sha-r- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

2013-05-20 14:06:55 8F70F2CCE1DEF20016B53A8D217FA3B5 1757696 ----a-w- C:\Program Files\Spybot - Search & Destroy\SDFiles.exe

2013-05-20 14:06:55 6B44700917F45B19B96B46B345B6F0E7 414552 ----a-w- C:\Program Files\Spybot - Search & Destroy\SDMain.exe

2013-05-20 14:06:55 00071AF6D95C1002E5F9B63EA00A37A3 464728 ----a-w- C:\Program Files\Spybot - Search & Destroy\Update.exe

2013-05-20 14:06:54 8C9740A3B7603B0A746213DAE8C89526 428888 ----a-w- C:\Program Files\Spybot - Search & Destroy\blindman.exe

2013-05-20 14:06:54 0BA1ACFEE0532249412F53EE6374EE93 696200 ----a-w- C:\Program Files\Spybot - Search & Destroy\unins000.exe

2013-05-20 14:03:03 54ACBA9CFD7154C02CEACF6310CF3CFA 16409960 ----a-w- C:\Users\Familie de Geus\Downloads\spybotsd162.exe

2013-05-20 13:07:06 55A65D7370AD0EADCAC97181539A8F08 25406864 ----a-w- C:\Program Files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-7.1.1.1580.exe

2013-05-20 13:06:31 0F3E3BA41C8051BA939734C8A415D225 781768 ----a-w- C:\Users\Familie de Geus\Downloads\GoogleEarthSetup.exe

2013-05-20 10:51:45 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Familie de Geus\Downloads\qszqy6qsw.exe

2013-05-20 10:39:38 FA734675C96D038C4FFAF273D3291B92 9096848 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe

2013-05-20 10:38:36 1A376514C110528EE7FC0C99CDA1D1F9 55088 ----a-w- C:\Users\Familie de Geus\Documents\PCSU_Update.exe

2013-05-20 10:38:12 FAEC969501113433B3F38891F3B77A26 9097384 ----a-w- C:\Users\Familie de Geus\Desktop\hitman-pro.exe

2013-05-20 10:36:17 8D4BCAA48D269026E98F5FB6B7A6BEF4 199080 ----a-w- C:\Users\Familie de Geus\Downloads\Hitman.exe

2013-05-18 05:24:11 A6FE9F1CD374205DE0A510079B3FC13F 2641520 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\Acrobat Elements.exe

2013-05-18 05:24:08 7B419EDC80661E7DC0A1FD89B7E0C868 7370320 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins3d\prc\A3DReviewer.exe

2013-05-18 05:24:05 7A33B69FD8D616F75E2A8F88D9278BA5 179840 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\Scan\AcroScanBroker.exe

2013-05-18 05:24:02 7A0D77BB7C30DF2256BE2307C9EFBF07 69232 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTranscoder.exe

2013-05-18 05:24:01 BBE8AC52195A540D536C62896AA535E7 29264 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroTextExtractor.exe

2013-05-18 05:24:00 F42DFCE80FE238CFBC5682D2A13F0534 253512 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\A3DUtility.exe

2013-05-18 05:23:58 88F161F0976B37F3FF0EDF9FFFC93837 353912 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe

2013-05-18 05:23:57 5ED9B78B308D302C702D44F4505B3F46 319400 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\ReaderUpdater.exe

2013-05-18 05:23:57 48BE298F7FD1BEF4D8FBACB04D8D95C4 958576 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

2013-05-18 05:23:56 0E9DEE95FDF47D6195DA804A0DEEDA5B 319400 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AcrobatUpdater.exe

2013-05-18 05:23:53 25DB8AB613EDA31FCD71D29B0D042312 19048 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcrobatInfo.exe

2013-05-18 05:23:52 A7DBC65E3132A2569AE5B428D2AA5273 282248 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AcroBroker.exe

2013-05-18 05:23:49 9319D59BE964B4CBE90B5487F20B7012 347728 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins3d\prc\A3DConverter.exe

2013-05-18 05:23:24 6504B8D0204169AEFA54CC026140C038 18512 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\Capture3D\U3D\r3du3dExe.exe

2013-05-18 05:23:24 528C405CF518FE427BD0D8F17FF4772D 491096 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins3d\prc\r3dprcExe.exe

2013-05-18 05:23:23 16E2B304C13B8DE760844539D84A1225 25176 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\Capture3D\acro3dcapt32.exe

2013-05-18 05:21:29 B07CD640028F7D3190A89551D94A0960 560768 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AdobeCollabSync.exe

2013-05-18 05:21:18 DBE470A368A7887DA8F4FBE06ED252A4 364128 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe

2013-05-18 05:20:59 77F0C6C68FE917A10B56CADF6D57CDA0 151152 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrodist.exe

2013-05-18 05:20:52 B41D1BDB8673873AB25B7540E9B433F1 642664 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

2013-05-18 05:20:31 AEB3E8A6308604C3490A36D06D6685DC 44128 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

2013-05-18 05:20:17 3D0DF6DFFB177D6747653F30A8AAC8B0 118360 ----a-w- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\Capture3D\acro3dcapt64.exe

2013-05-15 22:06:25 CABEB999311516EAFF8CFCB17B7A0812 42496 ----a-w- C:\Windows\System32\ie4uinit.exe

2013-05-15 22:06:25 5915AA67DECA289F7B4AFB686CDB09E9 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-05-15 22:06:21 AAD90795E84E710543C6C7C2F7048E30 770608 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-05-15 01:40:22 B0BC447C758FF055D53FC6831FDB0344 101720 ----a-w- C:\Windows\System32\consent.exe

=== C: other files ==

2013-05-20 15:34:57 8F62A7798DB55987C7621A9C8135A2CA 307 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar.zip

2013-05-20 15:34:57 8C423E62A8D33D51225531AE0C7C7B33 529 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\ilividToolbar.zip

2013-05-20 14:30:05 762084B2AE9CD878ED74E37C330C6974 31852 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\lang.nederlands.zip

2013-05-20 14:29:55 D804878E27E7A9F43EEA8D8BFB08CB1F 541903 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\clsid.zip

2013-05-20 14:29:44 991A8696DDAF1AD5C68924BE2CA6BD7B 667628 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\advcheck165.zip

2013-05-20 08:03:09 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-05-15 01:41:00 52948A58E4E64427DC399A409EF1CAB5 2347520 ----a-w- C:\Windows\System32\win32k.sys

2013-05-15 01:40:31 16498EBC04AE9DD07049A8884B205C05 728424 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-05-15 01:40:30 E405328A0E38BF823E2361C413283F6D 218984 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-541944505-1732167295-3726420910-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"SkyDrive"="C:\Users\Familie de Geus\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"

"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"Adobe Acrobat Speed Launcher"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"SkyDrive"="C:\Users\Familie de Geus\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaSuite.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NokiaSuite.exe"

"hkey"="HKCU"

"command"="C:\\Program Files\\Nokia\\Nokia Suite\\NokiaSuite.exe -tray"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undertermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [20-11-2012 21:20]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [20-11-2012 21:20]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[04-12-2012 11:47]

omaonpoimgkmbllpdihbnmgphjoipdhf - C:\Program Files\Logitech\Harmony Remote Driver\harmony_chrome.crx[01-05-2012 21:45]

SiteAdvisor - Familie de Geus - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

MyHarmony Chrome Plugin - Familie de Geus - Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"

{593EEEC3-6B0A-4765-ACCC-5ECB87A1EAEA} Secure-zoeken Url="http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\users\Familie de Geus\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Familie de Geus\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Familie de Geus\Desktop\Spybot - Search & Destroy.lnk - C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Acrobat 9 Pro Extended.lnk - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe

C:\Users\Public\Desktop\Lightroom 4.4.lnk - C:\Program Files\Adobe\Adobe Photoshop Lightroom 4.4\lightroom.exe

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Public\Desktop\RapidTyping.lnk - C:\Program Files\RapidTyping\RapidTyping.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk - C:\Windows\Installer\{AC76BA86-1040-7D70-7761-000000000004}\_SC_Distiller.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 3D Reviewer.lnk - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins3d\prc\A3DReviewer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Pro Extended.lnk - C:\Windows\Installer\{AC76BA86-1040-7D70-7761-000000000004}\_SC_Acrobat_3D.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer ES 8.2.lnk - C:\Program Files\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4.4.lnk - C:\Program Files\Adobe\Adobe Photoshop Lightroom 4.4\lightroom.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\supra IPCam Config.lnk - C:\Program Files\supra IPCam\IPCConfig.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files\Google\Drive\googledrivesync.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee Total Protection.lnk - C:\Program Files\McAfee.com\Agent\mcagent.exe /desktopicon

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RapidTyping\License.lnk - C:\Program Files\RapidTyping\License.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RapidTyping\Manual.lnk - C:\Program Files\RapidTyping\RapidTyping.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RapidTyping\RapidTyping.lnk - C:\Program Files\RapidTyping\RapidTyping.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RapidTyping\ReadMe.lnk - C:\Program Files\RapidTyping\ReadMe.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RapidTyping\Uninstall.lnk - C:\Program Files\RapidTyping\Uninstall.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\File Shredder.lnk - C:\Program Files\Spybot - Search & Destroy\SDShred.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Spybot - Search & Destroy.lnk - C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Tutorial.lnk - C:\Program Files\Spybot - Search & Destroy\Help\English.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Uninstall Spybot-S&D.lnk - C:\Program Files\Spybot - Search & Destroy\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Update Spybot-S&D.lnk - C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe

==== Empty IE Cache ======================

C:\Users\Familie de Geus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Familie de Geus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\users\Familie de Geus\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\FAMILI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on di 21-05-2013 at 10:06:21,19 ======================

Link naar reactie
Delen op andere sites

Lijkt goed te gaan, IE start op, outlook start op en gaat berichten binnenhalen, maar dan slaat hij weer vast na een paar minuten. Harde poweroff en weer aan in normale modus en outlook opstarten. Proces start wel in taakbeheer, maar niets op het scherm te zien. IE start zowel als toepassing als proces, maar balken en scherm blijven leeg. Er loopt nog een proces IEXPLORE.EXE, maar die krijg ik .niet weg, ook niet door proces te beeindigen. Outlook proces verdwijnt wel na Proces beeindigen. Chrome start wel op, niet in beeld, niet in toepassingen, wel in processen. Word blijft hangen na opstarten. Computer is opnieuw vastgelopen.

Helaas, nog geen succes.

Link naar reactie
Delen op andere sites

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Hier kan je lezen hoe je Combofix moet gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: klik hier of hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registry key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

Probleem nog niet opgelost, opgestart in veilige modus.

ComboFix 13-05-21.01 - Familie de Geus 21-05-2013 18:57:43.1.4 - x86 NETWORK

Microsoft Windows 7 Enterprise 6.1.7601.1.1252.31.1043.18.3445.2863 [GMT 2:00]

Gestart vanuit: c:\users\Familie de Geus\Desktop\ComboFix.exe

AV: McAfee Antivirus en antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Antivirus en antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

ADS - Windows: deleted 192 bytes in 1 streams.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\drivers\etc\hosts.ics

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-04-21 to 2013-05-21 ))))))))))))))))))))))))))))))

.

.

2013-05-21 17:04 . 2013-05-21 17:04 -------- d-----w- c:\users\Familie de Geus\AppData\Local\temp

2013-05-21 08:04 . 2013-05-21 07:58 24064 ----a-w- c:\windows\zoek-delete.exe

2013-05-20 14:06 . 2013-05-20 18:48 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2013-05-20 14:06 . 2013-05-20 14:30 -------- d-----w- c:\program files\Spybot - Search & Destroy

2013-05-20 10:39 . 2013-05-20 10:39 -------- d-----w- c:\program files\HitmanPro

2013-05-20 10:38 . 2013-05-20 11:54 -------- d-----w- c:\programdata\HitmanPro

2013-05-20 08:59 . 2013-05-20 08:59 -------- d-----w- c:\program files\CCleaner

2013-05-20 08:03 . 2013-05-20 08:03 -------- d-----w- c:\users\Familie de Geus\AppData\Roaming\Malwarebytes

2013-05-20 08:03 . 2013-05-20 08:03 -------- d-----w- c:\programdata\Malwarebytes

2013-05-20 08:03 . 2013-05-20 12:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-05-20 08:03 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-05-18 05:27 . 2009-08-19 21:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll

2013-05-18 05:23 . 2013-05-08 05:23 114280 ----a-w- c:\windows\system32\acaptuser32.dll

2013-05-15 14:23 . 2013-05-15 14:23 -------- d-----w- c:\program files\supra IPCam

2013-05-15 01:41 . 2013-04-10 03:14 2347520 ----a-w- c:\windows\system32\win32k.sys

2013-05-15 01:40 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll

2013-05-15 01:40 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll

2013-05-15 01:40 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-05-15 01:40 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2013-05-15 01:40 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe

2013-05-15 01:40 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll

2013-05-15 01:40 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll

2013-05-13 18:32 . 2013-05-18 05:32 -------- d-----w- C:\_AcroTemp

2013-05-10 20:26 . 2013-05-17 12:15 -------- d-----w- c:\users\Familie de Geus\AppData\Roaming\CouchPotato

2013-05-10 11:32 . 2009-08-19 21:50 46928 ----a-w- c:\windows\system32\AdobePDF.dll

2013-05-07 21:14 . 2013-05-07 21:14 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-04 16:18 . 2013-05-04 16:18 -------- d-----w- c:\users\Default\AppData\Local\Google

2013-05-03 20:59 . 2013-05-03 20:59 -------- d-----w- c:\users\Familie de Geus\AppData\Roaming\Nero

2013-05-03 19:18 . 2013-05-03 19:18 -------- d-----w- c:\users\Public\Nieuwe map

2013-04-27 20:47 . 2013-04-27 20:47 -------- d-----w- c:\programdata\FLEXnet

2013-04-27 20:35 . 2013-04-27 20:35 -------- d-----w- c:\program files\Common Files\Macrovision Shared

2013-04-27 19:41 . 2013-04-27 19:41 -------- d-----w- c:\users\Familie de Geus\AppData\Roaming\YCanPDF

2013-04-27 19:39 . 2013-04-27 19:39 -------- d-----w- c:\users\Familie de Geus\AppData\Local\Programs

2013-04-27 18:51 . 2013-05-19 12:01 -------- d-----w- c:\users\Familie de Geus\AppData\Local\Nero

2013-04-27 15:13 . 2013-05-20 11:15 -------- d-----w- c:\program files\Common Files\Nero

2013-04-27 15:13 . 2013-05-03 20:40 -------- d-----w- c:\programdata\Nero

2013-04-27 15:11 . 2013-05-03 19:34 -------- d-----w- c:\program files\Common Files\LightScribe

2013-04-27 15:10 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll

2013-04-27 15:10 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll

2013-04-27 15:09 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll

2013-04-26 20:45 . 2013-04-26 20:45 -------- d-----w- c:\users\Familie de Geus\AppData\Roaming\RapidTyping

2013-04-26 20:45 . 2013-04-26 20:45 -------- d-----w- c:\programdata\RapidTyping

2013-04-26 20:24 . 2013-04-26 20:24 -------- d-----w- c:\program files\RapidTyping

2013-04-26 20:16 . 2013-04-26 21:03 -------- d-----w- c:\users\Familie de Geus\Mijn Boeken

2013-04-26 20:14 . 2013-04-27 05:50 -------- d-----w- c:\users\Familie de Geus\AppData\Roaming\calibre

2013-04-26 11:45 . 2013-04-26 11:45 -------- d-----w- c:\program files\Common Files\Java

2013-04-26 11:45 . 2013-04-04 03:35 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-04-24 14:59 . 2013-04-12 13:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-15 11:45 . 2012-09-26 13:45 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-15 11:45 . 2012-09-26 13:45 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-04-13 04:45 . 2013-05-15 01:40 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45 . 2013-05-15 01:40 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

2013-03-19 05:04 . 2013-04-10 12:44 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-19 05:04 . 2013-04-10 12:44 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-19 04:48 . 2013-04-10 12:44 38912 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-19 02:49 . 2013-04-10 12:44 69632 ----a-w- c:\windows\system32\smss.exe

2013-03-07 16:37 . 2012-09-26 13:47 861088 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-03-07 16:37 . 2012-09-26 13:47 782240 ----a-w- c:\windows\system32\deployJava1.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-04-03 09:49 222808 ----a-w- c:\users\Familie de Geus\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-04-03 09:49 222808 ----a-w- c:\users\Familie de Geus\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-04-03 09:49 222808 ----a-w- c:\users\Familie de Geus\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2013-04-16 14:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]

2013-04-16 14:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2013-04-16 14:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2013-04-16 14:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SkyDrive"="c:\users\Familie de Geus\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2013-04-03 256600]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-01-14 1278064]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-10 13834856]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2013-05-08 44128]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2013-05-08 642664]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]

2012-12-21 16:56 1090040 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe

.

R0 RapportKELL;RapportKELL;c:\windows\System32\Drivers\RapportKELL.sys [x]

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

R1 MoboroboAssDriver;MoboroboAssDrive;SysWOW64\drivers\MoboroboAssDriver64.sys [x]

R1 RapportCerberus_50414;RapportCerberus_50414;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_50414.sys [x]

R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [x]

R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [x]

R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]

R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]

R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [x]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [x]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 Rockusb;Driver for Rockusb Device;c:\windows\system32\DRIVERS\rockusb.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

FontCache

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-11 14:07 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-26 11:45]

.

2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-20 19:20]

.

2013-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-20 19:20]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105

IE: Converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000

IE: Koppelingsdoel converteren naar Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Koppelingsdoel converteren naar bestaande PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Toevoegen aan bestaand PDF-bestand - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

TCP: DhcpNameServer = 192.168.2.254

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-05-21 19:06:03

ComboFix-quarantined-files.txt 2013-05-21 17:06

.

Pre-Run: 7.711.145.984 bytes beschikbaar

Post-Run: 7.559.405.568 bytes beschikbaar

.

- - End Of File - - F388FE819F49569BB7884FFD0D97BCB4

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.