Ga naar inhoud

links werken niet meer in firefox (en in LIVEMAIL)

rudy52

Door rudy52
in Archief Internet & Netwerk

 Delen

Aanbevolen berichten

rudy52 Leerling

rudy52

Geplaatst:
Geplaatst:

Hallo,

na mijn recente onoplosbare problemen met het geluid op mijn PC heb ik onlangs toch een volledige herinstallatie gedaan van W7. Het geluid is ermee terug, maar bij de herinstallatie van firefox kreeg ik

toch weer te maken met ongewenste zoekmachines als (onder andere) Delta. Die zijn intussen verwijderd, maar ik vrees dat nieuwe problemen een gevolg zijn van deze indringers. Ik kan namelijk niet meer geldig klikken op links in websites die bijvoorbeeld een bevestiging vragen van iets. Een ander voorbeeld is de site van de openbare bibliotheek (Ovinob) : de laatste stap in hun catalogus ( = "waar staat het boek ?") werkt NIET meer. Ook als een site me een link stuurt via LIVEMAIL om iets te bevestigen, werkt die link NIET. Intussen heb ik al verscheidene mogelijke oplossingen voor firefox geprobeerd (o.a. volledige her-initialisatie), zonder resultaat. Opvallend : Google werkt WEL normaal.

Kan iemand me helpen ?

Beste Groeten,

Rudy

Link naar reactie
Delen op andere sites
rudy52 Leerling

rudy52

Geplaatst:
  • Auteur
Geplaatst:

Hallo nogmaals,

zend jullie hieronder alvast het resultaat van een Hijackthis-scan !

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:09:03, on 27-8-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9431.0000)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe

C:\Program Files\Expat Shield\bin\openvpntray.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Expat Shield Toolbar - {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files\Expat_Shield\prxtbExpa.dll

O2 - BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files\Expat Shield\HssIE\ExpatIE.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll

O2 - BHO: Expat Shield - {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files\Expat_Shield\prxtbExpa.dll

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: Expat Shield Toolbar - {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files\Expat_Shield\prxtbExpa.dll

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKCU\..\Run: [sRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: Afbeelding knippen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4

O8 - Extra context menu item: Kopieer selectie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3

O8 - Extra context menu item: Kopieer URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0

O8 - Extra context menu item: Nieuwe notitie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html

O8 - Extra context menu item: Pagina opemen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1

O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html

O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe

O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Expat Shield Service (ExpatShieldService) - Unknown owner - C:\Program Files\Expat Shield\bin\openvpnas.exe

O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files\Expat Shield\HssWPR\hsssrv.exe

O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files\Expat Shield\bin\ExpatTrayService.EXE

O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files\Expat Shield\bin\hsswd.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe

--

End of file - 6545 bytes

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download 5217db3eb6d8b-AdwCleaner3.pngAdwCleaner by Xplode naar je bureaublad.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op Scan.
  • Klik vervolgens op Clean als er items zijn gevonden.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt.

Post aansluitend de inhoud van dit log in je volgende bericht.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download 51a5bf3d99e8a-ComboFixlogo16.pngComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

  • Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  • Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  • Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  • Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  • Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  • Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  • Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  • Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  • Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Illegal operation attempted on a registry key that has been marked for deletion.

Link naar reactie
Delen op andere sites
rudy52 Leerling

rudy52

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 13-08-28.02 - rudy 28-08-2013 21:04:43.1.4 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3063.2064 [GMT 2:00]

Gestart vanuit: c:\users\rudy\Downloads\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\rudy\AppData\Roaming\Microsoft\Windows\Recent\desktop_81378533.ico

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-07-28 to 2013-08-28 ))))))))))))))))))))))))))))))

.

.

2013-08-28 19:10 . 2013-08-28 19:10 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-08-28 19:08 . 2013-08-28 19:08 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{42028B9F-816C-4419-ADE8-1D60436BB1C9}\offreg.dll

2013-08-28 10:27 . 2013-08-28 10:28 -------- d-----w- C:\AdwCleaner

2013-08-27 09:55 . 2013-08-27 09:56 -------- d-----w- c:\program files\Common Files\DVDVideoSoft

2013-08-27 09:55 . 2013-08-27 09:56 -------- d-----w- c:\program files\DVDVideoSoft

2013-08-27 09:45 . 2013-08-27 10:00 -------- d-----w- C:\muziek-mp3

2013-08-27 08:05 . 2013-08-27 08:05 -------- d-----w- c:\program files\Trend Micro

2013-08-26 12:39 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{42028B9F-816C-4419-ADE8-1D60436BB1C9}\mpengine.dll

2013-08-22 09:21 . 2013-08-22 09:23 -------- d-----w- c:\windows\system32\MRT

2013-08-22 09:10 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll

2013-08-22 09:10 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll

2013-08-22 09:10 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll

2013-08-22 09:10 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll

2013-08-22 09:10 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll

2013-08-22 09:10 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll

2013-08-22 09:10 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll

2013-08-22 09:10 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll

2013-08-22 09:10 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll

2013-08-22 09:10 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2013-08-22 09:10 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll

2013-08-22 09:09 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll

2013-08-22 09:09 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2013-08-22 09:09 . 2013-04-10 05:03 988672 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2013-08-22 09:09 . 2013-04-10 05:03 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2013-08-22 09:09 . 2013-04-10 05:04 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2013-08-22 09:09 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe

2013-08-22 09:09 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll

2013-08-22 09:09 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-08-22 09:09 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-08-22 09:07 . 2013-06-05 03:05 2347520 ----a-w- c:\windows\system32\win32k.sys

2013-08-22 09:07 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe

2013-08-22 09:07 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll

2013-08-22 09:07 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll

2013-08-22 09:07 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll

2013-08-22 09:07 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll

2013-08-22 09:07 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll

2013-08-22 09:07 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe

2013-08-22 09:06 . 2013-05-27 04:57 680960 ----a-w- c:\program files\Windows Defender\MpSvc.dll

2013-08-22 09:06 . 2013-05-27 04:57 392704 ----a-w- c:\program files\Windows Defender\MpClient.dll

2013-08-22 09:06 . 2013-05-27 04:57 224768 ----a-w- c:\program files\Windows Defender\MpCommu.dll

2013-08-22 08:46 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys

2013-08-22 08:15 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2013-08-21 17:37 . 2013-08-21 17:37 -------- d-----w- c:\program files\Mozilla Maintenance Service

2013-08-19 18:24 . 2013-08-19 18:24 -------- d-----w- C:\Expat Shield

2013-08-19 18:24 . 2013-08-19 18:24 -------- d-----w- c:\program files\Expat Shield

2013-08-19 17:56 . 2013-08-19 17:56 -------- d-----w- C:\temp

2013-08-19 16:09 . 2013-08-19 16:09 -------- d-----w- c:\program files\Conduit

2013-08-19 16:09 . 2013-08-19 18:14 -------- d-----w- c:\program files\Expat_Shield

2013-08-15 11:35 . 2013-03-07 07:49 19840 ----a-w- c:\windows\system32\EuEpmGdi.dll

2013-08-15 11:35 . 2013-04-11 12:10 2498216 ----a-w- c:\windows\system32\BootMan.exe

2013-08-15 11:35 . 2013-03-07 07:49 9160 ----a-w- c:\windows\system32\EuGdiDrv.sys

2013-08-15 11:35 . 2013-03-07 07:49 87112 ----a-w- c:\windows\system32\setupempdrv03.exe

2013-08-15 11:35 . 2013-03-07 07:49 14920 ----a-w- c:\windows\system32\epmntdrv.sys

2013-08-15 11:35 . 2013-08-15 11:35 -------- d-----w- c:\program files\EaseUS

2013-08-15 08:03 . 2013-08-15 08:03 -------- d-----w- c:\program files\Common Files\Adobe

2013-08-15 07:57 . 2013-08-15 07:57 -------- d-----w- c:\program files\Mediafour

2013-08-15 07:56 . 2013-08-15 07:56 -------- d-----w- c:\windows\Downloaded Installations

2013-08-15 07:55 . 2013-08-15 07:55 -------- d-----w- c:\windows\system32\URTTEMP

2013-08-14 10:31 . 2013-08-14 10:31 -------- d-----w- c:\programdata\Freemake

2013-08-14 10:30 . 2013-08-14 10:31 -------- d-----w- c:\program files\Freemake

2013-08-14 09:24 . 2013-08-14 09:24 -------- d-----w- c:\program files\Microsoft Expression

2013-08-14 09:11 . 2013-08-14 09:11 -------- d-----w- c:\program files\Exact Audio Copy

2013-08-13 17:19 . 2013-08-13 17:19 -------- d-----w- c:\program files\Griffith

2013-08-13 16:10 . 2013-08-15 15:06 -------- d-----w- C:\Muziek-bib

2013-08-13 15:46 . 2013-08-13 15:46 -------- d-----w- c:\programdata\FileOpen

2013-08-13 15:45 . 2013-07-26 05:35 27152 ----a-w- c:\windows\system32\nitrolocalmon2.dll

2013-08-13 15:45 . 2013-07-26 05:35 18448 ----a-w- c:\windows\system32\nitrolocalui2.dll

2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\programdata\Nitro

2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\program files\Nitro

2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\program files\Common Files\Nitro

2013-08-13 13:50 . 2013-08-13 13:50 -------- d-----w- C:\Soulseek

2013-08-13 13:46 . 2013-08-13 13:46 -------- d-----w- c:\programdata\Soulseek

2013-08-13 13:45 . 2013-08-13 13:45 -------- d-----w- c:\program files\SoulseekQt

2013-08-13 13:44 . 2013-08-13 13:44 -------- d-----w- c:\program files\SoulseekNS

2013-08-13 13:13 . 2013-08-13 13:13 -------- d-----w- c:\programdata\MediaMonkey

2013-08-13 13:13 . 2013-08-13 13:13 -------- d-----w- c:\program files\MediaMonkey

2013-08-13 12:38 . 2013-08-13 16:21 -------- d--h--w- c:\windows\Icons

2013-08-13 10:29 . 2013-08-13 10:29 -------- d-----w- c:\programdata\Canneverbe Limited

2013-08-13 10:29 . 2013-08-13 12:17 -------- d-----w- c:\program files\CDBurnerXP

2013-08-13 10:03 . 2013-08-13 10:03 -------- d-----w- c:\program files\ImgBurn

2013-08-13 09:45 . 2013-08-13 09:45 -------- d-----w- c:\program files\Speccy

2013-08-13 09:43 . 2013-08-13 09:43 -------- d-----w- c:\program files\LopeSoft

2013-08-13 09:32 . 2013-08-13 09:32 -------- d-----w- c:\program files\Common Files\Innovative Solutions

2013-08-13 09:32 . 2013-08-13 09:57 -------- d-----w- c:\programdata\Innovative Solutions

2013-08-13 09:32 . 2013-08-13 09:56 -------- d-----w- c:\program files\Innovative Solutions

2013-08-13 09:27 . 2013-08-13 09:27 -------- d-----w- c:\program files\PrivaZer

2013-08-13 09:22 . 2013-08-13 09:22 -------- d-----w- c:\program files\FileHippo.com

2013-08-13 09:20 . 2013-08-13 09:20 -------- d-----w- c:\program files\Magical Jelly Bean

2013-08-13 09:19 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll

2013-08-13 09:18 . 2013-08-13 09:19 -------- d-----w- c:\program files\K-Lite Codec Pack

2013-08-13 09:18 . 2013-08-13 09:18 -------- d-----w- c:\program files\Free Opener

2013-08-13 09:17 . 2013-08-13 09:17 -------- d-----w- c:\programdata\APN

2013-08-13 09:16 . 2013-08-13 09:16 -------- d-----w- c:\program files\Glary Utilities

2013-08-13 07:57 . 2013-08-13 07:57 -------- d-----w- c:\windows\system32\SPReview

2013-08-13 07:55 . 2013-08-13 07:55 -------- d-----w- c:\windows\system32\EventProviders

2013-08-13 07:40 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\system32\dfshim.dll

2013-08-13 07:40 . 2010-11-20 12:21 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2013-08-13 07:40 . 2010-11-20 10:24 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys

2013-08-13 07:38 . 2010-11-20 12:24 271664 ----a-w- c:\windows\system32\fveapi.dll

2013-08-13 07:37 . 2010-11-20 12:21 410112 ----a-w- c:\windows\system32\wlanui.dll

2013-08-13 07:36 . 2010-11-20 12:20 427520 ----a-w- c:\windows\system32\PortableDeviceStatus.dll

2013-08-13 07:35 . 2010-11-20 12:00 6656 ----a-w- c:\windows\system32\KBDSF.DLL

2013-08-13 07:30 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll

2013-08-13 07:29 . 2010-11-20 12:21 189952 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll

2013-08-13 07:29 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll

2013-08-13 07:29 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll

2013-08-13 07:28 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\sqmapi.dll

2013-08-13 07:26 . 2013-04-17 18:20 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2013-08-13 07:12 . 2013-08-13 07:12 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}

2013-08-13 06:52 . 2013-08-13 06:52 -------- d-----w- c:\programdata\Malwarebytes

2013-08-13 06:52 . 2013-08-13 06:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-08-13 06:52 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-08-13 06:51 . 2013-08-13 07:13 -------- d-----w- c:\programdata\IObit

2013-08-13 06:51 . 2013-08-13 12:12 -------- d-----w- c:\program files\IObit

2013-08-12 17:59 . 2013-08-12 17:59 -------- d-----w- c:\program files\CCleaner

2013-08-12 17:54 . 2013-08-12 17:54 -------- d-----w- c:\program files\Recuva

2013-08-12 10:13 . 2013-08-12 17:51 -------- d-----w- c:\program files\Calibre2

2013-08-12 08:21 . 2013-08-12 08:21 -------- d-----w- c:\windows\system32\Wat

2013-08-12 06:22 . 2013-08-26 17:48 -------- d-----w- c:\windows\Panther

2013-08-12 05:38 . 2013-08-13 10:54 -------- d-----w- C:\Windows.old

2013-08-12 02:05 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll

2013-08-12 02:05 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll

2013-08-12 02:05 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll

2013-08-12 01:19 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2013-08-12 01:19 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-08-13 08:20 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll

2013-08-11 22:22 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{a060276a-53be-45ec-8ebe-b94b1e803179}"= "c:\program files\Expat_Shield\prxtbExpa.dll" [2013-07-17 226592]

.

[HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]

2012-01-04 23:02 233288 ----a-w- c:\program files\Expat Shield\HssIE\ExpatIE.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{a060276a-53be-45ec-8ebe-b94b1e803179}]

2013-07-17 08:53 226592 ----a-w- c:\program files\Expat_Shield\prxtbExpa.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{a060276a-53be-45ec-8ebe-b94b1e803179}"= "c:\program files\Expat_Shield\prxtbExpa.dll" [2013-07-17 226592]

.

[HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{A060276A-53BE-45EC-8EBE-B94B1E803179}"= "c:\program files\Expat_Shield\prxtbExpa.dll" [2013-07-17 226592]

.

[HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2010-01-07 3216664]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-06-14 9288296]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

@="Service"

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"IAStorIcon"=c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"EaseUS EPM tray"=c:\program files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe

"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" /autostart

.

R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2013-03-07 14920]

R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2013-03-07 9160]

R3 ExpatTrayService;Expat Shield Tray Service;c:\program files\Expat Shield\bin\ExpatTrayService.EXE [2012-01-17 77520]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-08-26 108032]

R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2013-03-26 31752]

R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]

R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2013-03-26 20944]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-08-12 1343400]

R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272]

R4 ExpatShieldService;Expat Shield Service;c:\program files\Expat Shield\bin\openvpnas.exe [2012-01-17 331608]

R4 ExpatSrv;Expat Shield Routing Service;c:\program files\Expat Shield\HssWPR\hsssrv.exe [2012-01-04 363336]

R4 ExpatWd;Expat Shield Monitoring Service;c:\program files\Expat Shield\bin\hsswd.exe [2012-01-04 329544]

R4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2013-03-23 21480]

R4 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [2013-04-25 335168]

S0 aswRvrt;aswRvrt; [x]

S0 aswVmm;aswVmm; [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 176128]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]

S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-07-26 196624]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 64904]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 146568]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880]

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2009-09-22 579072]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-08-22 07:52 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-08-27 c:\windows\Tasks\GlaryInitialize.job

- c:\program files\Glary Utilities\initialize.exe [2013-08-13 13:39]

.

2013-08-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 00:39]

.

2013-08-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 00:39]

.

.

------- Bijkomende Scan -------

.

IE: Afbeelding knippen - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4

IE: Kopieer selectie - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3

IE: Kopieer URL - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0

IE: Nieuwe notitie - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.html

IE: Pagina opemen - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1

TCP: DhcpNameServer = 195.130.131.2 195.130.130.130

FF - ProfilePath - c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\

FF - prefs.js: browser.startup.homepage - HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag

FF - ExtSQL: 2013-08-12 02:37; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF

FF - ExtSQL: 2013-08-21 20:29; {64161300-e22b-11db-8314-0800200c9a66}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi

FF - ExtSQL: 2013-08-21 20:31; readable@evernote.com; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\readable@evernote.com.xpi

FF - ExtSQL: 2013-08-21 20:52; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi

FF - ExtSQL: 2013-08-22 09:37; tiletabs@DW-dev; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\tiletabs@DW-dev.xpi

FF - ExtSQL: 2013-08-22 10:17; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF - ExtSQL: 2013-08-22 10:43; searchy@searchy; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\searchy@searchy.xpi

FF - ExtSQL: 2013-08-22 10:58; savedpasswordeditor@daniel.dawson; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\savedpasswordeditor@daniel.dawson.xpi

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\windows\system32\atieclxx.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\taskhost.exe

c:\windows\System32\WUDFHost.exe

c:\windows\system32\conhost.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\windows\system32\DllHost.exe

c:\windows\system32\sppsvc.exe

.

**************************************************************************

.

Voltooingstijd: 2013-08-28 21:18:01 - machine werd herstart

ComboFix-quarantined-files.txt 2013-08-28 19:18

ComboFix2.txt 2013-05-04 09:03

.

Pre-Run: 982.846.136.320 bytes beschikbaar

Post-Run: 983.001.673.728 bytes beschikbaar

.

- - End Of File - - C9729FA9FD555E4CF58911AFD98DC493

A36C5E4F47E84449FF07ED3517B43A31

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

Schakel alle antivirus- en antispywareprogramma's uit, want deze kunnen namelijk conflicteren met ComboFix.

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

Open een nieuw leeg Kladblok scherm, kopieer en plak hierin de volgende code. 

 
 Folder::
 c:\program files\Common Files\DVDVideoSoft
 c:\program files\DVDVideoSoft
 C:\Expat Shield
 c:\program files\Expat Shield
 c:\program files\Conduit
 c:\program files\Expat_Shield
 c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}

 Registry::
 [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
 [-HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}]
 [-HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]
 [-HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{a060276a-53be-45ec-8ebe-b94b1e803179}]
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
 [-HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}]
 [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
 [-HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}]

Sla dit op op je Bureaublad als CFScript.txt

Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld:

CFScript.gif

Nu zal ComboFix vanzelf worden gestart.

Start opnieuw op als daarom gevraagd wordt, en post de inhoud van de Combofix.txt in je volgende antwoord.

Link naar reactie
Delen op andere sites
rudy52 Leerling

rudy52

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 13-08-29.01 - rudy 29-08-2013 15:05:14.3.4 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3063.1784 [GMT 2:00]

Gestart vanuit: c:\users\rudy\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\rudy\Desktop\cfscript - Snelkoppeling.lnk

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-07-28 to 2013-08-29 ))))))))))))))))))))))))))))))

.

.

2013-08-29 13:10 . 2013-08-29 13:10 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-08-28 10:27 . 2013-08-28 10:28 -------- d-----w- C:\AdwCleaner

2013-08-27 09:55 . 2013-08-27 09:56 -------- d-----w- c:\program files\Common Files\DVDVideoSoft

2013-08-27 09:55 . 2013-08-27 09:56 -------- d-----w- c:\program files\DVDVideoSoft

2013-08-27 09:45 . 2013-08-27 10:00 -------- d-----w- C:\muziek-mp3

2013-08-27 08:05 . 2013-08-27 08:05 -------- d-----w- c:\program files\Trend Micro

2013-08-26 12:39 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{42028B9F-816C-4419-ADE8-1D60436BB1C9}\mpengine.dll

2013-08-22 09:21 . 2013-08-22 09:23 -------- d-----w- c:\windows\system32\MRT

2013-08-22 09:10 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll

2013-08-22 09:10 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll

2013-08-22 09:10 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll

2013-08-22 09:10 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll

2013-08-22 09:10 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll

2013-08-22 09:10 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll

2013-08-22 09:10 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll

2013-08-22 09:10 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll

2013-08-22 09:10 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll

2013-08-22 09:10 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2013-08-22 09:10 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll

2013-08-22 09:09 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll

2013-08-22 09:09 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2013-08-22 09:09 . 2013-04-10 05:03 988672 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

2013-08-22 09:09 . 2013-04-10 05:03 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

2013-08-22 09:09 . 2013-04-10 05:04 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

2013-08-22 09:09 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe

2013-08-22 09:09 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll

2013-08-22 09:09 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-08-22 09:09 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-08-22 09:07 . 2013-06-05 03:05 2347520 ----a-w- c:\windows\system32\win32k.sys

2013-08-22 09:07 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe

2013-08-22 09:07 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll

2013-08-22 09:07 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll

2013-08-22 09:07 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll

2013-08-22 09:07 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll

2013-08-22 09:07 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll

2013-08-22 09:07 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe

2013-08-22 09:06 . 2013-05-27 04:57 680960 ----a-w- c:\program files\Windows Defender\MpSvc.dll

2013-08-22 09:06 . 2013-05-27 04:57 392704 ----a-w- c:\program files\Windows Defender\MpClient.dll

2013-08-22 09:06 . 2013-05-27 04:57 224768 ----a-w- c:\program files\Windows Defender\MpCommu.dll

2013-08-22 08:46 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys

2013-08-22 08:15 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2013-08-21 17:37 . 2013-08-21 17:37 -------- d-----w- c:\program files\Mozilla Maintenance Service

2013-08-19 18:24 . 2013-08-19 18:24 -------- d-----w- C:\Expat Shield

2013-08-19 18:24 . 2013-08-19 18:24 -------- d-----w- c:\program files\Expat Shield

2013-08-19 17:56 . 2013-08-19 17:56 -------- d-----w- C:\temp

2013-08-19 16:09 . 2013-08-19 16:09 -------- d-----w- c:\program files\Conduit

2013-08-19 16:09 . 2013-08-19 18:14 -------- d-----w- c:\program files\Expat_Shield

2013-08-15 11:35 . 2013-03-07 07:49 19840 ----a-w- c:\windows\system32\EuEpmGdi.dll

2013-08-15 11:35 . 2013-04-11 12:10 2498216 ----a-w- c:\windows\system32\BootMan.exe

2013-08-15 11:35 . 2013-03-07 07:49 9160 ----a-w- c:\windows\system32\EuGdiDrv.sys

2013-08-15 11:35 . 2013-03-07 07:49 87112 ----a-w- c:\windows\system32\setupempdrv03.exe

2013-08-15 11:35 . 2013-03-07 07:49 14920 ----a-w- c:\windows\system32\epmntdrv.sys

2013-08-15 11:35 . 2013-08-15 11:35 -------- d-----w- c:\program files\EaseUS

2013-08-15 08:03 . 2013-08-15 08:03 -------- d-----w- c:\program files\Common Files\Adobe

2013-08-15 07:57 . 2013-08-15 07:57 -------- d-----w- c:\program files\Mediafour

2013-08-15 07:56 . 2013-08-15 07:56 -------- d-----w- c:\windows\Downloaded Installations

2013-08-15 07:55 . 2013-08-15 07:55 -------- d-----w- c:\windows\system32\URTTEMP

2013-08-14 10:31 . 2013-08-14 10:31 -------- d-----w- c:\programdata\Freemake

2013-08-14 10:30 . 2013-08-14 10:31 -------- d-----w- c:\program files\Freemake

2013-08-14 09:24 . 2013-08-14 09:24 -------- d-----w- c:\program files\Microsoft Expression

2013-08-14 09:11 . 2013-08-14 09:11 -------- d-----w- c:\program files\Exact Audio Copy

2013-08-13 17:19 . 2013-08-13 17:19 -------- d-----w- c:\program files\Griffith

2013-08-13 16:10 . 2013-08-15 15:06 -------- d-----w- C:\Muziek-bib

2013-08-13 15:46 . 2013-08-13 15:46 -------- d-----w- c:\programdata\FileOpen

2013-08-13 15:45 . 2013-07-26 05:35 27152 ----a-w- c:\windows\system32\nitrolocalmon2.dll

2013-08-13 15:45 . 2013-07-26 05:35 18448 ----a-w- c:\windows\system32\nitrolocalui2.dll

2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\programdata\Nitro

2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\program files\Nitro

2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\program files\Common Files\Nitro

2013-08-13 13:50 . 2013-08-13 13:50 -------- d-----w- C:\Soulseek

2013-08-13 13:46 . 2013-08-28 19:48 -------- d-----w- c:\programdata\Soulseek

2013-08-13 13:45 . 2013-08-13 13:45 -------- d-----w- c:\program files\SoulseekQt

2013-08-13 13:44 . 2013-08-13 13:44 -------- d-----w- c:\program files\SoulseekNS

2013-08-13 13:13 . 2013-08-13 13:13 -------- d-----w- c:\programdata\MediaMonkey

2013-08-13 13:13 . 2013-08-13 13:13 -------- d-----w- c:\program files\MediaMonkey

2013-08-13 12:38 . 2013-08-13 16:21 -------- d--h--w- c:\windows\Icons

2013-08-13 10:29 . 2013-08-13 10:29 -------- d-----w- c:\programdata\Canneverbe Limited

2013-08-13 10:29 . 2013-08-13 12:17 -------- d-----w- c:\program files\CDBurnerXP

2013-08-13 10:03 . 2013-08-13 10:03 -------- d-----w- c:\program files\ImgBurn

2013-08-13 09:45 . 2013-08-13 09:45 -------- d-----w- c:\program files\Speccy

2013-08-13 09:43 . 2013-08-13 09:43 -------- d-----w- c:\program files\LopeSoft

2013-08-13 09:32 . 2013-08-13 09:32 -------- d-----w- c:\program files\Common Files\Innovative Solutions

2013-08-13 09:32 . 2013-08-13 09:57 -------- d-----w- c:\programdata\Innovative Solutions

2013-08-13 09:32 . 2013-08-13 09:56 -------- d-----w- c:\program files\Innovative Solutions

2013-08-13 09:27 . 2013-08-13 09:27 -------- d-----w- c:\program files\PrivaZer

2013-08-13 09:22 . 2013-08-13 09:22 -------- d-----w- c:\program files\FileHippo.com

2013-08-13 09:20 . 2013-08-13 09:20 -------- d-----w- c:\program files\Magical Jelly Bean

2013-08-13 09:19 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll

2013-08-13 09:18 . 2013-08-13 09:19 -------- d-----w- c:\program files\K-Lite Codec Pack

2013-08-13 09:18 . 2013-08-13 09:18 -------- d-----w- c:\program files\Free Opener

2013-08-13 09:17 . 2013-08-13 09:17 -------- d-----w- c:\programdata\APN

2013-08-13 09:16 . 2013-08-13 09:16 -------- d-----w- c:\program files\Glary Utilities

2013-08-13 07:57 . 2013-08-13 07:57 -------- d-----w- c:\windows\system32\SPReview

2013-08-13 07:55 . 2013-08-13 07:55 -------- d-----w- c:\windows\system32\EventProviders

2013-08-13 07:40 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\system32\dfshim.dll

2013-08-13 07:40 . 2010-11-20 12:21 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2013-08-13 07:40 . 2010-11-20 10:24 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys

2013-08-13 07:38 . 2010-11-20 12:24 271664 ----a-w- c:\windows\system32\fveapi.dll

2013-08-13 07:37 . 2010-11-20 12:21 410112 ----a-w- c:\windows\system32\wlanui.dll

2013-08-13 07:36 . 2010-11-20 12:20 427520 ----a-w- c:\windows\system32\PortableDeviceStatus.dll

2013-08-13 07:35 . 2010-11-20 12:00 6656 ----a-w- c:\windows\system32\KBDSF.DLL

2013-08-13 07:30 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll

2013-08-13 07:29 . 2010-11-20 12:21 189952 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll

2013-08-13 07:29 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll

2013-08-13 07:29 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll

2013-08-13 07:28 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\sqmapi.dll

2013-08-13 07:26 . 2013-04-17 18:20 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2013-08-13 07:12 . 2013-08-13 07:12 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}

2013-08-13 06:52 . 2013-08-13 06:52 -------- d-----w- c:\programdata\Malwarebytes

2013-08-13 06:52 . 2013-08-13 06:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-08-13 06:52 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-08-13 06:51 . 2013-08-13 07:13 -------- d-----w- c:\programdata\IObit

2013-08-13 06:51 . 2013-08-13 12:12 -------- d-----w- c:\program files\IObit

2013-08-12 17:59 . 2013-08-12 17:59 -------- d-----w- c:\program files\CCleaner

2013-08-12 17:54 . 2013-08-12 17:54 -------- d-----w- c:\program files\Recuva

2013-08-12 10:13 . 2013-08-12 17:51 -------- d-----w- c:\program files\Calibre2

2013-08-12 08:21 . 2013-08-12 08:21 -------- d-----w- c:\windows\system32\Wat

2013-08-12 06:22 . 2013-08-26 17:48 -------- d-----w- c:\windows\Panther

2013-08-12 05:38 . 2013-08-13 10:54 -------- d-----w- C:\Windows.old

2013-08-12 02:05 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll

2013-08-12 02:05 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll

2013-08-12 02:05 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll

2013-08-12 01:19 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2013-08-12 01:19 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2013-08-12 01:19 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-08-13 08:20 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll

2013-08-11 22:22 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{a060276a-53be-45ec-8ebe-b94b1e803179}"= "c:\program files\Expat_Shield\prxtbExpa.dll" [2013-07-17 226592]

.

[HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]

2012-01-04 23:02 233288 ----a-w- c:\program files\Expat Shield\HssIE\ExpatIE.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{a060276a-53be-45ec-8ebe-b94b1e803179}]

2013-07-17 08:53 226592 ----a-w- c:\program files\Expat_Shield\prxtbExpa.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{a060276a-53be-45ec-8ebe-b94b1e803179}"= "c:\program files\Expat_Shield\prxtbExpa.dll" [2013-07-17 226592]

.

[HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{A060276A-53BE-45EC-8EBE-B94B1E803179}"= "c:\program files\Expat_Shield\prxtbExpa.dll" [2013-07-17 226592]

.

[HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2010-01-07 3216664]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-06-14 9288296]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

@="Service"

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"IAStorIcon"=c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"EaseUS EPM tray"=c:\program files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe

"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" /autostart

.

R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2013-03-07 14920]

R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2013-03-07 9160]

R3 ExpatTrayService;Expat Shield Tray Service;c:\program files\Expat Shield\bin\ExpatTrayService.EXE [2012-01-17 77520]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-08-26 108032]

R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2013-03-26 31752]

R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]

R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2013-03-26 20944]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-08-12 1343400]

R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272]

R4 ExpatShieldService;Expat Shield Service;c:\program files\Expat Shield\bin\openvpnas.exe [2012-01-17 331608]

R4 ExpatSrv;Expat Shield Routing Service;c:\program files\Expat Shield\HssWPR\hsssrv.exe [2012-01-04 363336]

R4 ExpatWd;Expat Shield Monitoring Service;c:\program files\Expat Shield\bin\hsswd.exe [2012-01-04 329544]

R4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2013-03-23 21480]

R4 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [2013-04-25 335168]

S0 aswRvrt;aswRvrt; [x]

S0 aswVmm;aswVmm; [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 176128]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]

S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-07-26 196624]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 64904]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 146568]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880]

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2009-09-22 579072]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-08-22 07:52 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-08-27 c:\windows\Tasks\GlaryInitialize.job

- c:\program files\Glary Utilities\initialize.exe [2013-08-13 13:39]

.

2013-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 00:39]

.

2013-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 00:39]

.

.

------- Bijkomende Scan -------

.

IE: Afbeelding knippen - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4

IE: Kopieer selectie - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3

IE: Kopieer URL - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0

IE: Nieuwe notitie - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.html

IE: Pagina opemen - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1

TCP: DhcpNameServer = 195.130.130.2 195.130.131.2

FF - ProfilePath - c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\

FF - prefs.js: browser.startup.homepage - HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag

FF - ExtSQL: 2013-08-12 02:37; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF

FF - ExtSQL: 2013-08-21 20:29; {64161300-e22b-11db-8314-0800200c9a66}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi

FF - ExtSQL: 2013-08-21 20:31; readable@evernote.com; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\readable@evernote.com.xpi

FF - ExtSQL: 2013-08-21 20:52; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi

FF - ExtSQL: 2013-08-22 09:37; tiletabs@DW-dev; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\tiletabs@DW-dev.xpi

FF - ExtSQL: 2013-08-22 10:17; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

FF - ExtSQL: 2013-08-22 10:43; searchy@searchy; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\searchy@searchy.xpi

FF - ExtSQL: 2013-08-22 10:58; savedpasswordeditor@daniel.dawson; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\savedpasswordeditor@daniel.dawson.xpi

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-08-29 15:11:33

ComboFix-quarantined-files.txt 2013-08-29 13:11

ComboFix2.txt 2013-08-29 12:59

ComboFix3.txt 2013-08-28 19:18

ComboFix4.txt 2013-05-04 09:03

.

Pre-Run: 987.190.497.280 bytes beschikbaar

Post-Run: 987.016.962.048 bytes beschikbaar

.

- - End Of File - - E38830C7F43E76FC50A91DD7AAB521E1

A36C5E4F47E84449FF07ED3517B43A31

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Dit is niet helemaal correct uitgevoerd. Bedoeling is dat je het bestand als een .txt-bestand opslaat (en niet als een link, zoals je gedaan hebt) en dan dit tekstbestand in de snelkoppeling van Combofix sleept. Dan start dit programma automatisch terug op en worden de aangeduide fouten pas verwijderd. Dat is nu nog niet het geval.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.