Ga naar inhoud

problemen DNS

pietervdb

Door pietervdb
19 juni 2011 in Archief Internet & Netwerk

Delen

Aanbevolen berichten

jv9090

Grootmeester

jv9090

Geplaatst: 29 juni 2011

- Delen

Geplaatst: 29 juni 2011

Voer toch eerst maar eens de instructies uit die in bericht 26 worden beschreven. Daarna zien we wel verder.

Link naar reactie

Delen op andere sites

Beste reacties in dit topic

21
6
6
3

Populaire dagen

Beste reacties in dit topic

pietervdb 21 berichten
kweezie wabbit 6 berichten
kape 6 berichten
jv9090 3 berichten

Populaire dagen

pietervdb

Enthousiasteling

pietervdb

Geplaatst: 29 juni 2011

Auteur

- Delen

Geplaatst: 29 juni 2011

ComboFix 11-06-29.02 - Admin 29/06/2011 13:00:26.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.3948.2467 [GMT 2:00]

Gestart vanuit: c:\users\Admin\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Admin\Desktop\CFScript.txt

AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

/wow section - STAGE 50

Het proces heeft geen toegang tot het bestand omdat het door een ander

proces wordt gebruikt.

Het proces heeft geen toegang tot het bestand omdat het door een ander

proces wordt gebruikt.

Het proces heeft geen toegang tot het bestand omdat het door een ander

proces wordt gebruikt.

Het proces heeft geen toegang tot het bestand omdat het door een ander

proces wordt gebruikt.

Het proces heeft geen toegang tot het bestand omdat het door een ander

proces wordt gebruikt.

Het proces heeft geen toegang tot het bestand omdat het door een ander

proces wordt gebruikt.

Kan bestand LockedB niet vinden.

Kan bestand lockedB niet vinden.

.d.a.1.a.3.f.f. wordt niet herkend als een interne

of externe opdracht, programma of batchbestand.

.0.\\. wordt niet herkend als een interne

of externe opdracht, programma of batchbestand.

Kan bestand LockedB niet vinden.

Kan bestand LockedB niet vinden.

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\FullRemove.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-05-28 to 2011-06-29 ))))))))))))))))))))))))))))))

.

.

2011-06-29 09:21 . 2011-06-29 09:21 -------- d-----w- c:\program files (x86)\Microsoft Works

2011-06-29 09:18 . 2011-06-29 09:22 -------- d-----w- c:\programdata\Microsoft Help

2011-06-29 09:18 . 2011-06-29 09:18 -------- d-----r- C:\MSOCache

2011-06-29 08:11 . 2011-06-29 08:11 -------- d-----w- c:\program files (x86)\Google

2011-06-29 08:07 . 2011-06-29 08:07 -------- d-----w- c:\program files (x86)\SystemRequirementsLab

2011-06-29 08:07 . 2011-06-29 08:07 -------- d-----w- c:\windows\Sun

2011-06-29 08:06 . 2011-06-29 08:06 -------- d-----w- c:\program files (x86)\Common Files\Java

2011-06-29 08:06 . 2011-06-29 08:06 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-06-29 08:06 . 2011-06-29 08:06 -------- d-----w- c:\program files (x86)\Java

2011-06-29 08:05 . 2011-06-29 08:05 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2011-06-29 08:00 . 2011-06-29 08:00 -------- d--h--w- c:\programdata\CanonBJ

2011-06-29 08:00 . 2009-07-14 01:40 83968 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNBPP3.DLL

2011-06-28 08:11 . 2011-06-28 08:11 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-06-28 06:45 . 2011-06-29 09:21 -------- d-----w- c:\program files (x86)\Microsoft.NET

2011-06-27 16:19 . 2011-06-27 16:19 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared

2011-06-27 15:50 . 2011-06-27 15:50 -------- dc----w- c:\windows\system32\DRVSTORE

2011-06-27 15:50 . 2010-08-21 03:59 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2011-06-27 15:50 . 2011-06-27 15:50 174200 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS

2011-06-27 15:50 . 2011-06-27 15:50 -------- d-----w- c:\program files\Symantec

2011-06-27 15:50 . 2011-06-27 15:50 -------- d-----w- c:\program files\Common Files\Symantec Shared

2011-06-27 15:49 . 2010-08-21 03:59 125872 ----a-w- c:\windows\system32\GEARAspi64.dll

2011-06-27 15:49 . 2010-08-21 03:59 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll

2011-06-27 15:49 . 2011-06-27 15:49 -------- d-----w- c:\windows\system32\drivers\N360x64

2011-06-27 15:49 . 2011-06-27 15:49 -------- d-----w- c:\program files (x86)\Norton 360

2011-06-27 15:45 . 2011-06-27 15:45 -------- d-----w- c:\program files (x86)\NortonInstaller

2011-06-27 15:44 . 2011-06-27 15:51 -------- d-----w- c:\programdata\Norton

2011-06-16 13:58 . 2011-04-27 02:57 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys

2011-06-10 19:07 . 2011-06-10 19:07 -------- d-----w- C:\003508781f61aaf9a0

2011-06-10 19:05 . 2011-06-10 19:05 -------- d-----w- c:\windows\SysWow64\Wat

2011-06-10 19:05 . 2011-06-10 19:05 -------- d-----w- c:\windows\system32\Wat

2011-06-10 18:20 . 2011-06-10 18:20 -------- d-----w- c:\windows\SysWow64\wbem\en-US

2011-06-10 18:20 . 2011-06-10 18:20 -------- d-----w- c:\windows\system32\wbem\en-US

2011-06-10 17:48 . 2011-06-28 06:41 -------- d-----w- c:\programdata\clear.fi

2011-06-10 17:08 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll

2011-06-10 17:08 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll

2011-06-10 17:02 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll

2011-06-10 17:02 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll

2011-06-10 17:02 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll

2011-06-10 17:02 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll

2011-06-10 17:02 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe

2011-06-10 17:02 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll

2011-06-10 17:02 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2011-06-10 17:02 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll

2011-06-10 17:02 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe

2011-06-10 17:02 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll

2011-06-10 17:01 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe

2011-06-10 16:57 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe

2011-06-10 16:57 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe

2011-06-10 16:57 . 2011-02-19 06:36 902656 ----a-w- c:\windows\system32\d2d1.dll

2011-06-10 16:57 . 2011-02-19 05:32 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2011-06-10 16:57 . 2011-02-19 06:37 1135104 ----a-w- c:\windows\system32\FntCache.dll

2011-06-10 16:57 . 2011-02-19 06:37 1540608 ----a-w- c:\windows\system32\DWrite.dll

2011-06-10 16:57 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll

2011-06-10 16:57 . 2011-02-18 06:33 31232 ----a-w- c:\windows\system32\prevhost.exe

2011-06-10 16:57 . 2011-02-18 05:33 31232 ----a-w- c:\windows\SysWow64\prevhost.exe

2011-06-10 16:57 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll

2011-06-10 16:57 . 2010-12-18 05:29 541184 ----a-w- c:\windows\SysWow64\kerberos.dll

2011-06-10 16:55 . 2011-03-11 06:19 1395712 ----a-w- c:\windows\system32\mfc42.dll

2011-06-10 16:54 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe

2011-06-10 16:54 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll

2011-06-10 16:54 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll

2011-06-10 16:54 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll

2011-06-10 16:54 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2011-06-10 16:54 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll

2011-06-10 16:54 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll

2011-06-10 16:54 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll

2011-06-10 16:54 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll

2011-06-10 16:54 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll

2011-06-10 16:54 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll

2011-06-10 16:53 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys

2011-06-10 16:35 . 2011-06-10 16:35 -------- d---a-w- C:\book

2011-06-10 16:34 . 2011-06-10 16:34 -------- d-----w- c:\windows\nl

2011-06-10 16:34 . 2011-06-10 16:34 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition

2011-06-10 16:33 . 2011-06-27 21:09 -------- d-----w- c:\program files (x86)\Windows Live

2011-06-10 16:33 . 2011-06-10 16:33 -------- d-----w- c:\windows\PCHEALTH

2011-06-10 16:33 . 2011-06-10 16:33 -------- d-----w- c:\program files\Windows Live

2011-06-10 16:32 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll

2011-06-10 16:32 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll

2011-06-10 16:32 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll

2011-06-10 16:32 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll

2011-06-10 16:32 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll

2011-06-10 16:32 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll

2011-06-10 16:31 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll

2011-06-10 16:31 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll

2011-06-10 16:31 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll

2011-06-10 16:31 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll

2011-06-10 16:30 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL

2011-06-10 16:30 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll

2011-06-10 16:30 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL

2011-06-10 16:30 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll

2011-06-10 16:30 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll

2011-06-10 16:30 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll

2011-06-10 16:30 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll

2011-06-10 16:29 . 2011-06-10 16:29 -------- d-----w- c:\program files (x86)\Common Files\Windows Live

2011-06-10 16:27 . 2010-03-30 16:18 1803264 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\PowerPoint.nl-nl\PowerPointMUI.msi

2011-06-10 16:12 . 2011-06-10 16:12 -------- d-----w- c:\program files\Acer Accessory Store

2011-06-10 16:12 . 2011-06-10 16:21 -------- d-----w- c:\users\Admin

2011-06-10 16:10 . 2011-06-10 16:10 -------- d-----w- C:\Recovery

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-06-10 16:33 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]

"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]

"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-18 407920]

"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-18 201584]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2010-11-12 296768]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-01-18 1028688]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]

"MDS_Menu"="c:\program files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2010-12-10 177448]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe" [2009-07-14 73216]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [x]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [x]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20110616.003\BHDrvx64.sys [2011-05-19 1143416]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20110628.050\IDSvia64.sys [2011-06-03 488056]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [x]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-01-18 313424]

S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-29 868224]

S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]

S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-04-17 130008]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-12-12 1997416]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]

S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]

S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [x]

S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [x]

S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [x]

S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [x]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-06-25 136824]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-10 2186856]

"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-10-29 860040]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-30 167960]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-30 391704]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-30 418328]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://acer.msn.com

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://acer.msn.com

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\umugsncg.default\

FF - prefs.js: browser.startup.homepage - hxxp://acer.msn.com/

FF - prefs.js: network.proxy.type - 0

FF - user.js: general.useragent.extra.brc -

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

Toolbar-Locked - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]

"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\5.1.0.29\diMaster.dll\" /prefetch:1"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1761514740-3234673199-2318220368-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-1761514740-3234673199-2318220368-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_USERS\S-1-5-21-1761514740-3234673199-2318220368-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{74F66B09-BC15-92B1-C2BF-D74ED8680E6E}*]

"hakgjbcgmnjokhmi"=hex:6a,61,69,62,6c,65,62,63,6d,61,62,6f,62,68,65,61,6e,69,

6b,68,00,d4

"iaeghbndhdkppganjl"=hex:6a,61,69,62,6c,65,62,63,6d,61,62,6f,62,68,65,61,6e,69,

6b,68,00,69

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

c:\program files (x86)\Launch Manager\LMworker.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\program files (x86)\Launch Manager\LMworker.exe

c:\program files (x86)\Mozilla Firefox\firefox.exe

c:\program files (x86)\Mozilla Firefox\plugin-container.exe

.

**************************************************************************

.

Voltooingstijd: 2011-06-29 13:10:56 - machine werd herstart

ComboFix-quarantined-files.txt 2011-06-29 11:10

.

Pre-Run: 437.000.212.480 bytes beschikbaar

Post-Run: 436.823.445.504 bytes beschikbaar

.

- - End Of File - - A3A2B3F9AC13850EF0A3C055FF07C2DD

Link naar reactie

Delen op andere sites

pietervdb

Enthousiasteling

pietervdb

Geplaatst: 29 juni 2011

Auteur

- Delen

Geplaatst: 29 juni 2011

heeft er iemand nog andere suggesties, want het is een zeer storend probleem, het rare is da mijn broer zijn laptop geen problemen ondervind

Link naar reactie

Delen op andere sites

Grootmeester

kweezie wabbit

Geplaatst: 2 juli 2011

- Delen

Geplaatst: 2 juli 2011

Sorry voor de late reactie maar dit onderwerp was ik even uit het oog verloeren.

Combofix geeft foutmeldingen bij het verwijderen.

Sluit alle toepassingen, zeker firefox, en voer dan combofix nogmaals uit door het bestandje CFScript op de snelkoppeling te slepen. Plaats na uitvoering het nieuwe logje.

Link naar reactie

Delen op andere sites

pietervdb

Enthousiasteling

pietervdb

Geplaatst: 2 juli 2011

Auteur

- Delen

Geplaatst: 2 juli 2011

Ik kan even niet goed op het internet, omdat de downloadlimiet overschreden is, dus daarom kan ik pas de 11 juli terug normaal op het internet

Link naar reactie

Delen op andere sites

Grootmeester

kweezie wabbit

Geplaatst: 3 juli 2011

- Delen

Geplaatst: 3 juli 2011

Voor het uitvoeren van combofix heb je niet persé internet nodig.

Voor het plaatsen van het logje wel maar ik denk dat dat nog zal lukken op een "vertraagde" verbinding.

Link naar reactie

Delen op andere sites

pietervdb

Enthousiasteling

pietervdb

Geplaatst: 3 juli 2011

Auteur

- Delen

Geplaatst: 3 juli 2011

ComboFix 11-07-02.03 - Admin 03/07/2011 9:24.2.4 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.3948.2790 [GMT 2:00]

Gestart vanuit: c:\users\Admin\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Admin\Desktop\CFScript.txt

AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-06-03 to 2011-07-03 ))))))))))))))))))))))))))))))

.

.

2011-07-03 07:29 . 2011-07-03 07:29 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2011-07-03 07:29 . 2011-07-03 07:29 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-06-29 12:23 . 2011-06-29 12:23 -------- d-----w- c:\users\AppData

2011-06-29 12:23 . 2011-06-29 12:23 -------- d-----w- c:\program files (x86)\free-downloads.net

2011-06-29 12:23 . 2011-06-29 12:23 -------- d-----w- c:\program files (x86)\Conduit

2011-06-29 12:23 . 2011-06-29 12:23 -------- d-----w- c:\program files (x86)\Alcohol Soft

2011-06-29 12:20 . 2011-06-29 12:20 834544 ----a-w- c:\windows\system32\drivers\sptd.sys

2011-06-29 12:11 . 2006-09-28 14:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll

2011-06-29 12:11 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll

2011-06-29 11:50 . 2011-06-29 12:28 -------- d-----w- c:\program files (x86)\Electronic Arts

2011-06-29 11:08 . 2011-06-29 11:08 -------- d-----w- c:\users\Gast

2011-06-29 09:21 . 2011-06-29 09:21 -------- d-----w- c:\program files (x86)\Microsoft Works

2011-06-29 09:18 . 2011-06-29 09:22 -------- d-----w- c:\programdata\Microsoft Help

2011-06-29 09:18 . 2011-06-29 09:18 -------- d-----r- C:\MSOCache

2011-06-29 08:11 . 2011-06-29 08:11 -------- d-----w- c:\program files (x86)\Google

2011-06-29 08:07 . 2011-06-29 08:07 -------- d-----w- c:\program files (x86)\SystemRequirementsLab

2011-06-29 08:07 . 2011-06-29 08:07 -------- d-----w- c:\windows\Sun

2011-06-29 08:06 . 2011-06-29 08:06 -------- d-----w- c:\program files (x86)\Common Files\Java

2011-06-29 08:06 . 2011-06-29 08:06 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-06-29 08:06 . 2011-06-29 08:06 -------- d-----w- c:\program files (x86)\Java

2011-06-29 08:05 . 2011-06-29 08:05 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2011-06-29 08:00 . 2011-06-29 08:00 -------- d--h--w- c:\programdata\CanonBJ

2011-06-29 08:00 . 2009-07-14 01:40 83968 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNBPP3.DLL

2011-06-28 08:11 . 2011-06-28 08:11 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-06-28 06:45 . 2011-06-29 09:21 -------- d-----w- c:\program files (x86)\Microsoft.NET

2011-06-27 16:19 . 2011-06-27 16:19 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared

2011-06-27 15:50 . 2011-06-27 15:50 -------- dc----w- c:\windows\system32\DRVSTORE

2011-06-27 15:50 . 2010-08-21 03:59 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2011-06-27 15:50 . 2011-06-27 15:50 174200 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS

2011-06-27 15:50 . 2011-06-27 15:50 -------- d-----w- c:\program files\Symantec

2011-06-27 15:50 . 2011-06-27 15:50 -------- d-----w- c:\program files\Common Files\Symantec Shared

2011-06-27 15:49 . 2010-08-21 03:59 125872 ----a-w- c:\windows\system32\GEARAspi64.dll

2011-06-27 15:49 . 2010-08-21 03:59 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll

2011-06-27 15:49 . 2011-06-27 15:49 -------- d-----w- c:\windows\system32\drivers\N360x64

2011-06-27 15:49 . 2011-06-27 15:49 -------- d-----w- c:\program files (x86)\Norton 360

2011-06-27 15:45 . 2011-06-27 15:45 -------- d-----w- c:\program files (x86)\NortonInstaller

2011-06-27 15:44 . 2011-06-27 15:51 -------- d-----w- c:\programdata\Norton

2011-06-16 13:58 . 2011-04-27 02:57 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys

2011-06-10 19:07 . 2011-06-10 19:07 -------- d-----w- C:\003508781f61aaf9a0

2011-06-10 19:05 . 2011-06-10 19:05 -------- d-----w- c:\windows\SysWow64\Wat

2011-06-10 19:05 . 2011-06-10 19:05 -------- d-----w- c:\windows\system32\Wat

2011-06-10 18:20 . 2011-06-10 18:20 -------- d-----w- c:\windows\SysWow64\wbem\en-US

2011-06-10 18:20 . 2011-06-10 18:20 -------- d-----w- c:\windows\system32\wbem\en-US

2011-06-10 17:48 . 2011-06-29 19:08 -------- d-----w- c:\programdata\clear.fi

2011-06-10 17:08 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll

2011-06-10 17:08 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll

2011-06-10 17:02 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll

2011-06-10 17:02 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll

2011-06-10 17:02 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll

2011-06-10 17:02 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll

2011-06-10 17:02 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe

2011-06-10 17:02 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll

2011-06-10 17:02 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2011-06-10 17:02 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll

2011-06-10 17:02 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe

2011-06-10 17:02 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll

2011-06-10 17:01 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe

2011-06-10 16:57 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe

2011-06-10 16:57 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe

2011-06-10 16:57 . 2011-02-19 06:36 902656 ----a-w- c:\windows\system32\d2d1.dll

2011-06-10 16:57 . 2011-02-19 05:32 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2011-06-10 16:57 . 2011-02-19 06:37 1135104 ----a-w- c:\windows\system32\FntCache.dll

2011-06-10 16:57 . 2011-02-19 06:37 1540608 ----a-w- c:\windows\system32\DWrite.dll

2011-06-10 16:57 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll

2011-06-10 16:57 . 2011-02-18 06:33 31232 ----a-w- c:\windows\system32\prevhost.exe

2011-06-10 16:57 . 2011-02-18 05:33 31232 ----a-w- c:\windows\SysWow64\prevhost.exe

2011-06-10 16:57 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll

2011-06-10 16:57 . 2010-12-18 05:29 541184 ----a-w- c:\windows\SysWow64\kerberos.dll

2011-06-10 16:55 . 2011-03-11 06:19 1395712 ----a-w- c:\windows\system32\mfc42.dll

2011-06-10 16:54 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe

2011-06-10 16:54 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll

2011-06-10 16:54 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll

2011-06-10 16:54 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll

2011-06-10 16:54 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2011-06-10 16:54 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll

2011-06-10 16:54 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll

2011-06-10 16:54 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll

2011-06-10 16:54 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll

2011-06-10 16:54 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll

2011-06-10 16:54 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll

2011-06-10 16:53 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys

2011-06-10 16:35 . 2011-06-10 16:35 -------- d---a-w- C:\book

2011-06-10 16:34 . 2011-06-10 16:34 -------- d-----w- c:\windows\nl

2011-06-10 16:34 . 2011-06-10 16:34 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition

2011-06-10 16:33 . 2011-06-27 21:09 -------- d-----w- c:\program files (x86)\Windows Live

2011-06-10 16:33 . 2011-06-10 16:33 -------- d-----w- c:\windows\PCHEALTH

2011-06-10 16:33 . 2011-06-10 16:33 -------- d-----w- c:\program files\Windows Live

2011-06-10 16:32 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll

2011-06-10 16:32 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll

2011-06-10 16:32 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll

2011-06-10 16:32 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll

2011-06-10 16:32 . 2006-11-29 11:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll

2011-06-10 16:32 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll

2011-06-10 16:31 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll

2011-06-10 16:31 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll

2011-06-10 16:31 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll

2011-06-10 16:31 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll

2011-06-10 16:30 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL

2011-06-10 16:30 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll

2011-06-10 16:30 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL

2011-06-10 16:30 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll

2011-06-10 16:30 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll

2011-06-10 16:30 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll

2011-06-10 16:30 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll

2011-06-10 16:29 . 2011-06-10 16:29 -------- d-----w- c:\program files (x86)\Common Files\Windows Live

2011-06-10 16:27 . 2010-03-30 16:18 1803264 ----a-w- c:\programdata\Microsoft\OEMOffice14\Office14\PowerPoint.nl-nl\PowerPointMUI.msi

2011-06-10 16:12 . 2011-06-10 16:12 -------- d-----w- c:\program files\Acer Accessory Store

2011-06-10 16:12 . 2011-06-10 16:21 -------- d-----w- c:\users\Admin

2011-06-10 16:10 . 2011-06-10 16:10 -------- d-----w- C:\Recovery

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-06-10 16:33 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr

.

.

((((((((((((((((((((((((((((( SnapShot@2011-06-29_11.06.35 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54 . 2011-06-27 15:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2011-06-29 19:08 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2011-06-27 15:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2011-06-29 19:08 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2011-06-27 15:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2011-06-29 19:08 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-01-27 03:59 . 2011-06-29 19:05 36640 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2011-06-29 19:09 29960 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

- 2011-03-03 08:09 . 2011-06-29 08:26 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-03-03 08:09 . 2011-06-29 11:10 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-03-03 08:09 . 2011-06-29 08:26 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-03-03 08:09 . 2011-06-29 11:10 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2011-06-29 08:26 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2011-06-29 11:10 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:46 . 2011-06-30 05:14 80352 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

- 2009-07-14 04:46 . 2011-06-29 07:36 80352 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

+ 2011-06-10 16:13 . 2011-06-29 19:09 5020 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1761514740-3234673199-2318220368-1001_UserData.bin

- 2011-06-29 11:06 . 2011-06-29 11:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-07-03 07:30 . 2011-07-03 07:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2011-06-29 11:06 . 2011-06-29 11:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2011-07-03 07:30 . 2011-07-03 07:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2008-09-05 00:22 . 2008-09-05 00:22 447752 c:\windows\SysWOW64\vp6vfw.dll

+ 2011-06-18 14:55 . 2011-07-03 06:58 137274 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin

+ 2011-06-10 19:04 . 2011-07-03 00:10 231132 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

- 2011-03-03 07:22 . 2011-06-29 08:01 706116 c:\windows\system32\perfh013.dat

+ 2011-03-03 07:22 . 2011-06-29 18:58 706116 c:\windows\system32\perfh013.dat

+ 2009-07-14 02:36 . 2011-06-29 18:58 620150 c:\windows\system32\perfh009.dat

- 2009-07-14 02:36 . 2011-06-29 08:01 620150 c:\windows\system32\perfh009.dat

+ 2011-03-03 07:22 . 2011-06-29 18:58 135886 c:\windows\system32\perfc013.dat

- 2011-03-03 07:22 . 2011-06-29 08:01 135886 c:\windows\system32\perfc013.dat

- 2009-07-14 02:36 . 2011-06-29 08:01 108332 c:\windows\system32\perfc009.dat

+ 2009-07-14 02:36 . 2011-06-29 18:58 108332 c:\windows\system32\perfc009.dat

- 2009-07-14 05:01 . 2011-06-29 11:05 286892 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2011-07-03 07:30 286892 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2011-06-29 12:21 . 2011-06-29 12:21 287660 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1761514740-3234673199-2318220368-501-8192.dat

+ 2011-06-27 15:48 . 2011-06-29 18:17 919772 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1761514740-3234673199-2318220368-1001-12288.dat

+ 2011-06-29 12:12 . 2011-06-29 12:12 884736 c:\windows\assembly\tmp\AYE2GWUB\Microsoft.Web.Services3.dll

- 2009-07-14 04:45 . 2011-06-28 06:42 3801160 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2009-07-14 04:45 . 2011-06-29 12:24 3801160 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2011-06-10 19:09 . 2011-07-03 07:30 6846512 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1761514740-3234673199-2318220368-1001-8192.dat

+ 2006-12-02 05:09 . 2006-12-02 05:09 2818048 c:\windows\Installer\3cb511.msi

- 2009-07-14 02:34 . 2011-06-29 09:20 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT

+ 2009-07-14 02:34 . 2011-07-03 09:22 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files (x86)\free-downloads.net\tbfree.dll" [2009-12-31 2349080]

.

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]

2009-12-31 09:53 2349080 ----a-w- c:\program files (x86)\free-downloads.net\tbfree.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files (x86)\free-downloads.net\tbfree.dll" [2009-12-31 2349080]

.

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]

"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]

"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-18 407920]

"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-18 201584]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2010-11-12 296768]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-01-18 1028688]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]

"MDS_Menu"="c:\program files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2010-12-10 177448]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe" [2009-07-14 73216]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [x]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [x]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20110616.003\BHDrvx64.sys [2011-05-19 1143416]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20110701.051\IDSvia64.sys [2011-06-03 488056]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [x]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-01-18 313424]

S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-29 868224]

S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]

S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-04-17 130008]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-12-12 1997416]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]

S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]

S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [x]

S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [x]

S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [x]

S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [x]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-06-25 136824]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-10 2186856]

"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-10-29 860040]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-30 167960]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-30 391704]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-30 418328]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1098640

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://acer.msn.com

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\umugsncg.default\

FF - prefs.js: browser.startup.homepage - hxxp://acer.msn.com/

FF - prefs.js: network.proxy.type - 0

FF - user.js: general.useragent.extra.brc -

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]

"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\5.1.0.29\diMaster.dll\" /prefetch:1"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1761514740-3234673199-2318220368-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-1761514740-3234673199-2318220368-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_USERS\S-1-5-21-1761514740-3234673199-2318220368-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{74F66B09-BC15-92B1-C2BF-D74ED8680E6E}*]

"hakgjbcgmnjokhmi"=hex:6a,61,69,62,6c,65,62,63,6d,61,62,6f,62,68,65,61,6e,69,

6b,68,00,d4

"iaeghbndhdkppganjl"=hex:6a,61,69,62,6c,65,62,63,6d,61,62,6f,62,68,65,61,6e,69,

6b,68,00,69

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\program files (x86)\Launch Manager\LMworker.exe

c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

.

**************************************************************************

.

Voltooingstijd: 2011-07-03 12:06:13 - machine werd herstart

ComboFix-quarantined-files.txt 2011-07-03 10:06

ComboFix2.txt 2011-06-29 11:10

.

Pre-Run: 413.233.303.552 bytes beschikbaar

Post-Run: 412.834.107.392 bytes beschikbaar

.

- - End Of File - - 68C5304914C1CFBF3F7174A7E631807D

Link naar reactie

Delen op andere sites

Grootmeester

kweezie wabbit

Geplaatst: 4 juli 2011

- Delen

Geplaatst: 4 juli 2011

En hoe staat het nu met de problemen?

Link naar reactie

Delen op andere sites

pietervdb

Enthousiasteling

pietervdb

Geplaatst: 4 juli 2011

Auteur

- Delen

Geplaatst: 4 juli 2011

momenteel heb ik geen problemen, alles werkt prima op het trage internet na (door overschrijding van downloadlimiet)

Link naar reactie

Delen op andere sites

Grootmeester

kweezie wabbit

Geplaatst: 4 juli 2011

- Delen

Geplaatst: 4 juli 2011

In afwachting van een terugkeer naar de normale "snelle" verbinding, kunnen we al wat opruimen.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /)

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner. (Als je het nog niet hebt)

Let op bij de installatie.

Haal beide vinkjes weg bij de vraag over de Chrome browser.

Installeer het en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Bevestigen met JA of OK

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, lees dan deze handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar kunnen besmette herstelpunten tussen zitten die je zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Configuratiescherm -> Systeem en Onderhoud -> Systeem -> tabblad "Systeembeveiliging" -> vinkje weghalen bij de schijf waarvan je de herstelpunten wil verwijderen -> klikken op "toepassen".

Dan krijg je de schermmelding “Weet u zeker dat u systeemherstel wil uitschakelen”. Klik hier op “Systeemherstel uitschakelen”. Dan zijn alle herstelpunten verwijderd op de aangeduide schijf.

Zet daarna opnieuw een vinkje bij de harde schijf. Maak meteen ook een nieuw herstelpunt, zodat je niet hoeft te wachten op een automatisch herstelpunt van het systeem.

Als je geen problemen meer hebt na de terugkeer van de normale snelheid, mag je dit onderwerp afsluiten door een klik op de knop +Markeer als opgelost.

Link naar reactie

Delen op andere sites

Delen

Ga naar topic overzicht

Beste reacties in dit topic

pietervdb 21 berichten
kweezie wabbit 6 berichten
kape 6 berichten
jv9090 3 berichten

Populaire dagen

Welkom op PC Helpforum
- 0
  
  Vriendelijk verzoek: whitelist www.pc-helpforum.be in je adblocker.
  
  Sarah · 4 september 2017
- 0
  
  Hoe vind ik mijn geplaatste berichten terug?
  
  Sarah · 9 december 2014
- 1
  
  Hoe stel ik mijn vraag ?
  
  Sarah · 29 mei 2014
- 0
  
  Hoe post ik een antwoord?
  
  Sarah · 31 mei 2014
Leden statistieken
- Aantal leden
  
  40.697
- Meeste online
  
  1.765
  15 januari 2020
Nieuwste lid
Jipka
Registratiedatum maandag om 20:38

×

×

Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.