Ga naar inhoud

Regelmatig krijg ik de melding dat "window live mail" niet meer werkt

jade01

Door jade01
in Archief Windows Algemeen

 Delen

Aanbevolen berichten

kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Firefox::

FF - ProfilePath - c:\users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\krl48z5a.default\

FF - prefs.js: browser.search.selectedEngine -

FF - prefs.js: keyword.URL -

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in de rode snelkoppeling van ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites
jade01 Enthousiasteling

jade01

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 13-05-04.01 - jan 04/05/2013 11:03:56.6.4 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3326.2199 [GMT 2:00]

Gestart vanuit: c:\users\jan\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\jan\Desktop\CFScript.txt

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-04-04 to 2013-05-04 ))))))))))))))))))))))))))))))

.

.

2013-05-04 09:12 . 2013-05-04 09:12 -------- d-----w- c:\users\Public\AppData\Local\temp

2013-05-04 09:12 . 2013-05-04 09:12 -------- d-----w- c:\users\hilde\AppData\Local\temp

2013-05-04 09:12 . 2013-05-04 09:12 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-05-04 09:12 . 2013-05-04 09:12 -------- d-----w- c:\users\Charlotte\AppData\Local\temp

2013-05-03 20:01 . 2013-05-03 20:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-05-03 20:01 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-05-03 20:01 . 2013-05-03 20:01 -------- d-----w- c:\users\jan\AppData\Local\Programs

2013-05-01 08:53 . 2013-05-01 08:53 -------- d-----w- c:\users\jan\AppData\Local\APN

2013-05-01 08:42 . 2013-05-01 08:42 -------- d-----w- c:\program files\Common Files\Java

2013-05-01 08:41 . 2013-05-01 08:41 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-04-24 20:09 . 2013-04-12 13:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-09 20:29 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys

2013-04-09 20:29 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys

2013-04-09 20:28 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-04-09 20:28 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-04-09 20:28 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll

2013-04-09 20:28 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe

2013-04-09 20:28 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\system32\mstscax.dll

2013-04-09 20:28 . 2013-02-15 04:34 131584 ----a-w- c:\windows\system32\aaclient.dll

2013-04-09 20:28 . 2013-02-15 03:25 36864 ----a-w- c:\windows\system32\tsgqec.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-01 08:41 . 2012-10-01 06:21 866720 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-05-01 08:41 . 2012-01-10 21:05 788896 ----a-w- c:\windows\system32\deployJava1.dll

2013-04-13 17:15 . 2012-04-13 06:21 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-04-13 17:15 . 2011-12-25 08:34 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-01 08:32 . 2013-03-01 08:32 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys

2013-02-26 21:40 . 2013-02-26 21:40 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2013-02-14 01:52 . 2013-02-14 01:52 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2013-02-12 04:48 . 2013-03-14 20:09 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2013-02-12 04:48 . 2013-03-14 20:09 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

2013-02-12 03:32 . 2013-03-21 18:51 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-02-08 02:37 . 2013-02-08 02:37 96568 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2013-02-08 02:37 . 2013-02-08 02:37 245048 ----a-w- c:\windows\system32\drivers\avglogx.sys

2013-02-08 02:37 . 2013-02-08 02:37 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys

2013-02-08 02:37 . 2013-02-08 02:37 170808 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2013-02-08 02:37 . 2013-02-08 02:37 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2012-05-25 14:22 . 2011-12-29 14:10 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-10 39408]

"Facebook Update"="c:\users\jan\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-08 98304]

"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-12-03 8120864]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]

"ExtraFilmHemmaAgent"="c:\program files\Spector Photo Software\Agent.exe" [2006-10-03 323584]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]

"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]

"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984]

"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368]

"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]

"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]

"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]

"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-03-13 4394032]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

.

c:\users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]

OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2013-1-8 228448]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Personal.lnk - c:\program files\Personal\bin\Personal.exe [N/A]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x]

R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]

R3 Tdsshbecr;Handelsbanken card reader;c:\windows\system32\DRIVERS\shbecr.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]

S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]

S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [x]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

FontCache

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-12 16:31 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 17:15]

.

2013-05-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001Core.job

- c:\users\jan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-18 12:29]

.

2013-05-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001UA.job

- c:\users\jan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-18 12:29]

.

2013-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-10 12:30]

.

2013-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-10 12:30]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 195.130.130.129 195.130.131.129

FF - ProfilePath - c:\users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\krl48z5a.default\

FF - prefs.js: browser.startup.homepage - hxxp://search.myheritage.com/

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2578272341-3324075177-2043743870-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D12802C1-4886-D570-A2CB-44DAE2703B4C}*]

"iagdjpcehcigigdpfn"=hex:66,61,61,69,70,6a,6c,70,6b,6d,70,6f,00,f9

.

[HKEY_USERS\S-1-5-21-2578272341-3324075177-2043743870-1001\Software\SecuROM\License information*]

@Allowed: (Read) (RestrictedCode)

"datasecu"=hex:1d,e5,7b,19,9c,8b,a1,b5,44,91,56,c2,bf,77,49,75,31,ed,9a,ad,3b,

22,f6,12,b2,6d,d6,5e,8a,39,09,7a,e2,e2,8d,33,d5,81,be,ff,82,cb,32,8a,5e,24,\

"rkeysecu"=hex:2f,8b,94,93,f3,a5,48,a4,74,4f,0f,49,da,56,88,70

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'Explorer.exe'(2384)

c:\users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

Voltooingstijd: 2013-05-04 11:14:12

ComboFix-quarantined-files.txt 2013-05-04 09:14

ComboFix2.txt 2013-05-04 06:17

.

Pre-Run: 1.376.189.206.528 bytes beschikbaar

Post-Run: 1.375.903.617.024 bytes beschikbaar

.

- - End Of File - - 1E84D4F69B4DA494E46E8DC6D1E49A4C

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.