Mozilla Firefox werkt plots niet meer

[Monoceros]

Ik krijg plots geen toegang meer tot internet via Firefox : "Unable to connect".

Heb Firefox verwijderd, gedownload en opnieuw geïnstalleerd, maar nog steeds hetzelfde probleem.

Met Internet Explorer geen probleem.

Windows Firewall gecontroleerd en daar staat Firefox tussen de toegelaten programma's.

Wat kan er aan de hand zijn ?

[clarkie]

Ben geen gebruiker van Firefox maar probeer de mogelijke oplossingen in deze link (klik erop) eens.

[Monoceros]

Geprobeerd, maar niets lukt.

[Asus]

We zullen eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis. (klik er op)

Klik op HijackThis.msi en de download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map.

De logjes kan je dan ook in die map terugvinden.

---

2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

---

3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

[Monoceros]

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:15:15, on 8/02/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe

C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Users\Marc\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Official Site - The Power To Do More | Dell

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IPS\IPSBHO.DLL

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coIEPlg.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

O4 - Global Startup: Spyder3Utility.lnk = C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe

O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{6F26C1D4-78BD-483C-ADBB-B79799001B3C}: NameServer = 10.0.1.4,10.0.1.2

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 14432 bytes

[juisterr]

Hallo, we gaan de volgende tool inzetten. zoek.exe ®by smeenk

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

  startupall;
  filesrcm;
  emptyclsid;
  

  
  

• Vink nu de onderstaande opties aan.
  
  • 
    
    
  • Firefox Look
    
  • Firefox Defaults
    
  • Standaard Search
    
  • Auto Clean
    
  • Running processes
    
  • Empty All Temp
    
  • IE Defaults
    
    

  [*] Klik nu op de knop "Run script".

  [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  [*] Post nu de inhoud van het geopende logje in het volgende bericht.

[Monoceros]

Zoek.exe Version 4.0.0.1 Updated 04-February-2013

Tool run by Marc on vr 08/02/2013 at 21:04:36,95.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64

Running in: Normal Mode No Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\ShrewSoft\VPN Client\dtpd.exe

C:\Program Files\ShrewSoft\VPN Client\iked.exe

C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe

C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Users\Marc\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files (x86)\Firestorm-Release\Firestorm-Release.exe

C:\Program Files (x86)\Firestorm-Release\SLPlugin.exe

C:\Program Files (x86)\Firestorm-Release\SLPlugin.exe

C:\Program Files (x86)\Firestorm-Release\SLVoice.exe

C:\Program Files\Microsoft Office\Office14\EXCEL.EXE

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Firestorm-Release\SLPlugin.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskhost.exe

C:\Users\Marc\AppData\Local\Temp\Temp1_zoek.zip\zoek.exe

C:\Users\Marc\AppData\Local\Temp\RarSFX0\zoek.com

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\mshta.exe

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1469895408-1050253506-2644504703-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-1469895408-1050253506-2644504703-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_USERS\S-1-5-21-1469895408-1050253506-2644504703-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\12y7ck12.default-1360262548365\prefs.js:

Added to C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\12y7ck12.default-1360262548365\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

"C:\user.js" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted

"C:\user.js" deleted

"C:\Windows\syswow64\appdata" deleted

"C:\Program Files (x86)\BabylonToolbar" deleted

"C:\Users\Marc\AppData\Roaming\Babylon" deleted

"C:\ProgramData\Babylon" deleted

"C:\Users\Marc\AppData\Local\Babylon" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-02-07 11:02:25 2A66E81AE941E54A237490FC35D387C8 1945 ----a-w- C:\Windows\epplauncher.mif

====== C:\Users\Marc\AppData\Local\Temp ====

2013-01-30 23:58:57 F655170EB3DC3CBB3F564077C670A7E1 897448 ----a-w- C:\Users\Marc\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\Program Files (x86) =====

2013-02-08 17:12:29 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-02-07 09:15:11 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2013-01-26 13:25:07 -------- d-----w- C:\Program Files (x86)\Common Files\Skype

2013-01-26 13:25:07 -------- d-----r- C:\Program Files (x86)\Skype

======= C: =====

====== C:\Users\Marc\AppData\Roaming ======

====== C:\Users\Marc ======

====== C: exe-files ==

2013-02-07 10:59:03 B2FB415A7171B20E127AB4EB2EDB12B4 13541864 ----a-w- C:\Users\Marc\Downloads\mseinstall.exe

2013-02-07 09:15:13 F59814FBEF50A58BFC0E0F14B2805245 105758 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe

2013-02-07 09:15:11 51A84B690DF519DCF656F780243D953E 115608 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

2013-02-07 09:14:49 E2F3451289DDFF1A474A3EC7958A50AA 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1469895408-1050253506-2644504703-1000\$IWN9396.exe

2013-02-07 09:14:28 181AC7211DB54E793845E8C7216C1A8B 20300952 ----a-w- C:\Users\Marc\Downloads\Firefox Setup 18.0.2.exe

2013-02-06 23:08:28 F9B44C27FD2E8B5BB4099E5958769FFF 271768 ----a-w- C:\Users\Marc\AppData\Local\Temp\MozUpdater-5\updater.exe

2013-02-01 22:26:52 3BB272D71D7E168D9350F277B5D78C4D 150024 ----a-w- C:\Users\Marc\AppData\Local\Google\Google Talk Plugin\reporter.exe

2013-02-01 21:40:12 09E411E1DC92D813F49DFEEB4039CBCA 79384 ----a-w- C:\Users\Marc\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

=== C: other files ==

2013-02-08 14:12:28 FF13BC0EAD656E2DE88BD245BA3D2BF7 1214976 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\wxmsw293u_adv_vc.dll

2013-02-08 14:12:28 D4E7C1546CF3131B7D84B39F8DA9E321 59904 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\mfcm90.dll

2013-02-08 14:12:28 B9030D821E099C79DE1C9125B790E2DA 1162744 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\mfc90u.dll

2013-02-08 14:12:28 699EFC4D6FE0A2FE24D7049608F2D543 593408 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\wxmsw293u_html_vc.dll

2013-02-08 14:12:28 462DDCC5EB88F34AED991416F8E354B2 1156600 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\mfc90.dll

2013-02-08 14:12:28 3D01C7F884349A6170A1E0D3CF812333 81920 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\wxmsw293u_webview_vc.dll

2013-02-08 14:12:28 371226B8346F29011137C7AA9E93F2F6 59904 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\mfcm90u.dll

2013-02-08 14:12:28 2B9A6B7B7A3997C12841A5D869F022A4 4555264 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\wxmsw293u_core_vc.dll

2013-02-08 14:12:28 29CD1F3E9148FCD542DEC355A41776AF 152576 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\wxbase293u_net_vc.dll

2013-02-08 14:12:27 9E6AD2917D6FD7730FF37B50F7053183 1972224 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\wxbase293u_vc.dll

2013-02-08 14:12:27 30F3D3E322C5339004415D7BC8BF246E 2149888 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\python26.dll

2013-02-08 14:12:26 ABC5DCAC962AE8AF7AF214DD0D6D4FF6 110592 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\PyWinTypes26.dll

2013-02-08 14:12:26 9CFCB3CA3D83B4EAA133F0644A2C6F31 23040 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\psapi.dll

2013-02-08 14:12:26 65EE7A7C20134DED91485AEF23C882D4 354304 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\pythoncom26.dll

2013-02-08 14:12:25 B921FB870C9AC0D509B2CCABBBBE95F3 989696 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\kernel32.dll

2013-02-08 14:12:25 08B99916C98E15F6C28D24D73E53B45A 8461312 ----a-w- C:\Users\Marc\AppData\Local\Temp\_MEI34962\shell32.dll

2013-02-01 22:26:50 3679D1D208D98AD2DC38F0747C7FD026 4734984 ----a-w- C:\Users\Marc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

2013-02-01 22:26:50 295F4D938E73290B95C95204E9B12608 202248 ----a-w- C:\Users\Marc\AppData\Local\Google\Google Talk Plugin\gtpo3d_host.dll

2013-02-01 22:26:46 BB08208DAF66A6BF01A9B1E68C820BC3 320520 ----a-w- C:\Users\Marc\AppData\Local\Google\Google Talk Plugin\googletalkax.dll

2013-02-01 22:26:46 9D3C4180BDB7D8C7AFC0861BF24360F0 324616 ----a-w- C:\Users\Marc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

2013-02-01 22:26:46 7003564D5EE047C04E4B2494098EC6B5 148488 ----a-w- C:\Users\Marc\AppData\Local\Google\Google Talk Plugin\googletalkremoting.dll

2013-02-01 22:26:44 AF62DA72F956AA698947199C0832E54B 10138632 ----a-w- C:\Users\Marc\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll

2013-02-01 21:40:00 44BFEC5C9C82A2EE9871D88FD3B9A0E2 3734536 ----a-w- C:\Users\Marc\AppData\Roaming\Mozilla\plugins\Google Talk Plugin Extras\d3dx9_36.dll

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1469895408-1050253506-2644504703-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"

"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

"com.apple.dav.bookmarks.daemon"="C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe"

"Google Update"="C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe /c"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"

"AdobeCS4ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"

"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

"com.apple.dav.bookmarks.daemon"="C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe"

"Google Update"="C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe /c"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Startup Folders ======================

2012-06-15 17:50:14 1050 ----a-w- C:\users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2012-06-10 18:11:29 1131 ----a-w- C:\users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

2011-12-26 16:26:25 1333 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08/02/2013 15:51]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27/12/2011 19:55]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27/12/2011 19:55]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1469895408-1050253506-2644504703-1000Core.job --a------ C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [16/09/2012 12:15]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1469895408-1050253506-2644504703-1000UA.job --a------ C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [16/09/2012 12:15]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Exts\Chrome.crx[]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

"Default_Page_URL"="Dell Official Site - The Power To Do More | Dell"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL"

"Start Page"="Google"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1469895408-1050253506-2644504703-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully

HKEY_USERS\S-1-5-21-1469895408-1050253506-2644504703-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully

HKEY_USERS\S-1-5-21-1469895408-1050253506-2644504703-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully

HKEY_USERS\S-1-5-21-1469895408-1050253506-2644504703-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IPS\IPSBHO.DLL

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coIEPlg.dll

O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{6F26C1D4-78BD-483C-ADBB-B79799001B3C}: NameServer = 10.0.1.4,10.0.1.2

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Marc\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Marc\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Marc\AppData\Local\Mozilla\Firefox\Profiles\12y7ck12.default-1360262548365\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Marc\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

[juisterr]

Heb je na deze opruiming nog ergens last van ?

[Monoceros]

Ja, geen enkele verandering.

[juisterr]

Gaan we verder zoeken.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.

>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

* (hier of hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.