Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Firefox werkt traag

Abraham54
33 antwoorden
  • Sinds een week werkt Firefox beduidend trager.
    De volgende bewerkingen al uitgevoerd:

    TFC als Administrator uitgevoerd
    Defragmentatie met O en O defrag uitgevoerd
    Firefox versie = 12.0
    Secunia uitgevoerd –> alles is bijgewerkt

    Hieronder een MBAM-log:

    Malwarebytes Anti-Malware 1.61.0.1400
    www.malwarebytes.org

    Databaseversie: v2012.06.02.02

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Gebruiker :: GEBRUIKER-PC [administrator]

    2-6-2012 7:55:56
    mbam-log-2012-06-02 (07-55-56).txt

    Scantype: Snelle scan
    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 203748
    Verstreken tijd: 2 minuut/minuten, 58 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)

    Is er sprake van Malware?
    Zo niet hoe kan ik weer snel internet krijgen?
  • Hallo Jos, ik heb meer gegevens nodig.
    Doe daarom nu eerst onderstaande:

    [b:94ce6030bc]Welk programma[/b:94ce6030bc]: [b:94ce6030bc]OTL.com[/b:94ce6030bc][/color:94ce6030bc]
    [b:94ce6030bc]Waarvoor/waarom[/b:94ce6030bc]: multifunktioneel tool - analyse en fix
    [b:94ce6030bc]Moeilijkheidsgraad[/b:94ce6030bc]: geen.
    [b:94ce6030bc]Download[/b:94ce6030bc]: [b:94ce6030bc]OTL[/color:94ce6030bc][/b:94ce6030bc] en plaats het bestand op het bureaublad.

    [b:94ce6030bc]OTL.com[/color:94ce6030bc] gebruiken[/b:94ce6030bc]:
    [list:94ce6030bc][*:94ce6030bc] [b:94ce6030bc]Sluit nu eerst alle nog openstaande programmavensters![/color:94ce6030bc][/b:94ce6030bc]
    [list:94ce6030bc][*:94ce6030bc]Dubblklik op [img:94ce6030bc]http://www.imgdumper.nl/uploads5/4f91108799372/4f91108798ba0-OTL-1.png[/img:94ce6030bc]
    [/list:u:94ce6030bc][/list:u:94ce6030bc]
    [list:94ce6030bc][*:94ce6030bc]Zet een vinkje bij [b:94ce6030bc]Scan All Users[/b:94ce6030bc][/color:94ce6030bc].
    [*:94ce6030bc]Klik op [img:94ce6030bc]http://www.imgdumper.nl/uploads5/4f9112fd1172c/4f9112fd11340-OTL-3.png[/img:94ce6030bc].
    [*:94ce6030bc]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef.
    [*:94ce6030bc]De scan zal niet heel erg lang duren.
    [list:94ce6030bc][*:94ce6030bc]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:94ce6030bc]OTL.Txt[/b:94ce6030bc] en [b:94ce6030bc]Extras.txt[/b:94ce6030bc].
    [*:94ce6030bc]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:94ce6030bc]
    [*:94ce6030bc][b:94ce6030bc]Notabene:[/b:94ce6030bc][/color:94ce6030bc] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:94ce6030bc]
  • Hierbij OTL.txt bestand:

    OTL logfile created on: 2-6-2012 10:53:53 - Run 1
    OTL by OldTimer - Version 3.2.45.0 Folder = C:\Users\Gebruiker\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    3,00 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,71% Memory free
    5,99 Gb Paging File | 4,75 Gb Available in Paging File | 79,24% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 93,06 Gb Total Space | 43,67 Gb Free Space | 46,93% Space Free | Partition Type: NTFS

    Computer Name: GEBRUIKER-PC | User Name: Gebruiker | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========[/color:8b27344293]

    PRC - [2012-06-02 10:49:13 | 000,595,968 | —- | M] (OldTimer Tools) – C:\Users\Gebruiker\Desktop\OTL.com
    PRC - [2012-05-31 22:06:51 | 002,346,592 | —- | M] (Emsi Software GmbH) – C:\Program Files (x86)\Online Armor\oaui.exe
    PRC - [2012-05-31 22:06:19 | 004,382,968 | —- | M] (Emsi Software GmbH) – C:\Program Files (x86)\Online Armor\OAsrv.exe
    PRC - [2012-05-31 22:05:06 | 001,168,296 | —- | M] (Emsi Software GmbH) – C:\Program Files (x86)\Online Armor\oahlp.exe
    PRC - [2012-05-31 22:04:48 | 000,210,920 | —- | M] (Emsi Software GmbH) – C:\Program Files (x86)\Online Armor\oacat.exe
    PRC - [2012-04-04 07:53:50 | 000,063,928 | —- | M] (Adobe Systems Incorporated) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2012-03-07 02:15:17 | 004,241,512 | —- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2012-03-07 02:15:14 | 000,044,768 | —- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2011-10-01 09:30:22 | 000,219,496 | —- | M] (Microsoft Corporation) – C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    PRC - [2011-10-01 09:30:18 | 000,508,776 | —- | M] (Microsoft Corporation) – C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    PRC - [2011-09-15 12:06:04 | 000,088,576 | —- | M] () – C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    PRC - [2011-04-19 08:44:40 | 000,399,416 | —- | M] (Secunia) – C:\Program Files (x86)\Secunia\PSI\sua.exe


    ========== Modules (No Company Name) ==========[/color:8b27344293]


    ========== Win32 Services (SafeList) ==========[/color:8b27344293]

    SRV:[b:8b27344293]64bit:[/b:8b27344293] - File not found [Disabled | Unknown] – C:\Program Files\AVAST Software\Avast\afwServ.exe – (avast! Firewall)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:15:14 | 000,044,768 | —- | M] (AVAST Software) [Auto | Running] – C:\Program Files\AVAST Software\Avast\AvastSvc.exe – (avast! Antivirus)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-03 10:57:04 | 001,085,216 | —- | M] (Broadcom Corporation.) [Disabled | Stopped] – c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe – (btwdins)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-05-04 07:19:28 | 000,591,872 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\SysNative\SearchIndexer.exe – (WSearch)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-01-25 11:45:08 | 003,051,848 | —- | M] (O&O Software GmbH) [Auto | Running] – C:\Program Files\OO Software\Defrag\oodag.exe – (OODefragAgent)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 15:27:28 | 000,258,560 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\SysNative\WebClnt.dll – (WebClient)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 15:26:59 | 000,828,416 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\SysNative\MPSSVC.dll – (MpsSvc)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 15:25:18 | 000,049,664 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\snmp.exe – (SNMP)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-01-19 17:26:58 | 001,420,560 | —- | M] (Intel(R) Corporation) [Auto | Running] – C:\Program Files\Intel\WiFi\bin\EvtEng.exe – (EvtEng) Intel(R)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-01-19 17:05:22 | 000,831,760 | —- | M] (Intel(R) Corporation) [Auto | Running] – C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe – (RegSrvc) Intel(R)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:41:27 | 001,011,712 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:41:27 | 000,097,792 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\SysNative\mprdim.dll – (RemoteAccess)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:41:10 | 000,035,328 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\iprip.dll – (iprip)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:40:28 | 000,291,328 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\SysNative\defragsvc.dll – (defragsvc)
    SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:39:47 | 000,010,240 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\TCPSVCS.EXE – (simptcp)
    SRV - [2012-06-01 02:13:51 | 000,257,696 | —- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe – (AdobeFlashPlayerUpdateSvc)
    SRV - [2012-05-31 22:06:19 | 004,382,968 | —- | M] (Emsi Software GmbH) [Auto | Running] – C:\Program Files (x86)\Online Armor\OAsrv.exe – (SvcOnlineArmor)
    SRV - [2012-05-31 22:04:48 | 000,210,920 | —- | M] (Emsi Software GmbH) [Auto | Running] – C:\Program Files (x86)\Online Armor\oacat.exe – (OAcat)
    SRV - [2012-04-21 03:16:42 | 000,129,976 | —- | M] (Mozilla Foundation) [On_Demand | Stopped] – C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe – (MozillaMaintenance)
    SRV - [2012-04-04 07:53:50 | 000,063,928 | —- | M] (Adobe Systems Incorporated) [Auto | Running] – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe – (AdobeARMservice)
    SRV - [2011-10-01 09:30:22 | 000,219,496 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe – (sftvsa)
    SRV - [2011-10-01 09:30:18 | 000,508,776 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe – (sftlist)
    SRV - [2011-09-15 12:06:04 | 000,088,576 | —- | M] () [Auto | Running] – C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe – (PassThru Service)
    SRV - [2011-05-04 06:28:31 | 000,427,520 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\SysWow64\SearchIndexer.exe – (WSearch)
    SRV - [2011-04-19 08:44:40 | 000,993,848 | —- | M] (Secunia) [On_Demand | Stopped] – C:\Program Files (x86)\Secunia\PSI\psia.exe – (Secunia PSI Agent)
    SRV - [2011-04-19 08:44:40 | 000,399,416 | —- | M] (Secunia) [Auto | Running] – C:\Program Files (x86)\Secunia\PSI\sua.exe – (Secunia Update Agent)
    SRV - [2010-11-20 14:21:35 | 000,204,800 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\SysWOW64\WebClnt.dll – (WebClient)
    SRV - [2010-11-20 14:19:20 | 000,397,824 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysWOW64\inetsrv\iisw3adm.dll – (WAS)
    SRV - [2010-11-20 14:19:20 | 000,397,824 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\inetsrv\iisw3adm.dll – (W3SVC)
    SRV - [2010-11-20 14:18:03 | 000,061,440 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\inetsrv\apphostsvc.dll – (AppHostSvc)
    SRV - [2010-11-20 14:17:42 | 000,047,616 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\snmp.exe – (SNMP)
    SRV - [2010-03-18 13:16:28 | 000,130,384 | —- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe – (clr_optimization_v4.0.30319_32)
    SRV - [2009-07-14 03:15:41 | 000,075,264 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\SysWOW64\mprdim.dll – (RemoteAccess)
    SRV - [2009-07-14 03:14:42 | 000,009,216 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\TCPSVCS.EXE – (simptcp)
    SRV - [2009-06-10 23:23:09 | 000,066,384 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe – (clr_optimization_v2.0.50727_32)
    SRV - [2009-06-10 22:39:58 | 000,089,920 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe – (clr_optimization_v2.0.50727_64)


    ========== Driver Services (SafeList) ==========[/color:8b27344293]

    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-05-31 22:07:27 | 000,035,368 | —- | M] (Emsisoft) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\OAnet.sys – (OAnet)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:04:06 | 000,819,032 | —- | M] (AVAST Software) [File_System | System | Running] – C:\Windows\SysNative\drivers\aswSnx.sys – (aswSnx)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:04:04 | 000,337,240 | —- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\SysNative\drivers\aswSP.sys – (aswSP)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:02:45 | 000,028,504 | —- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\SysNative\drivers\aswKbd.sys – (aswKbd)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:02:20 | 000,053,080 | —- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\SysNative\drivers\aswRdr2.sys – (aswRdr)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:01:57 | 000,059,224 | —- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\SysNative\drivers\aswTdi.sys – (aswTdi)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:01:52 | 000,069,976 | —- | M] (AVAST Software) [File_System | Auto | Running] – C:\Windows\SysNative\drivers\aswMonFlt.sys – (aswMonFlt)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:01:32 | 000,024,408 | —- | M] (AVAST Software) [File_System | Auto | Running] – C:\Windows\SysNative\drivers\aswFsBlk.sys – (aswFsBlk)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-01 08:46:16 | 000,023,408 | —- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] – C:\Windows\SysNative\drivers\fs_rec.sys – (Fs_Rec)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-02-15 12:01:50 | 000,052,736 | —- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\usbaapl64.sys – (USBAAPL64)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-10-01 09:30:22 | 000,022,376 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\Sftvollh.sys – (Sftvol)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-10-01 09:30:18 | 000,268,648 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\Sftplaylh.sys – (Sftplay)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-10-01 09:30:18 | 000,025,960 | —- | M] (Microsoft Corporation) [File_System | On_Demand | Running] – C:\Windows\SysNative\drivers\Sftredirlh.sys – (Sftredir)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-10-01 09:30:10 | 000,764,264 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\Sftfslh.sys – (Sftfs)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-04 19:19:50 | 000,620,072 | —- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\btwampfl.sys – (btwampfl)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-04 19:19:50 | 000,089,640 | —- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\btwdpan.sys – (BTWDPAN)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-04 19:19:44 | 000,178,728 | —- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\btwavdt.sys – (btwavdt)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-04 19:19:44 | 000,167,976 | —- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\btwaudio.sys – (btwaudio)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-04 19:19:44 | 000,039,976 | —- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\btwl2cap.sys – (btwl2cap)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-04 19:19:44 | 000,021,544 | —- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\btwrchid.sys – (btwrchid)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-06-10 06:34:52 | 000,539,240 | —- | M] (Realtek ) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\Rt64win7.sys – (RTL8167)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-03-11 08:41:12 | 000,107,904 | —- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsata.sys – (amdsata)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-03-11 08:41:12 | 000,027,008 | —- | M] (Advanced Micro Devices) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\amdxata.sys – (amdxata)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 15:33:35 | 000,078,720 | —- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\HpSAMD.sys – (HpSAMD)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 13:07:05 | 000,059,392 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbFlt.sys – (TsUsbFlt)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 11:37:42 | 000,109,056 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\sdbus.sys – (sdbus)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 11:26:11 | 000,328,192 | —- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] – C:\Windows\SysNative\drivers\udfs.sys – (udfs)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-09-01 10:30:58 | 000,017,976 | —- | M] (Secunia) [File_System | On_Demand | Stopped] – C:\Windows\SysNative\drivers\psi_mf.sys – (PSI)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-06-25 16:08:10 | 000,036,928 | —- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\htcnprot.sys – (htcnprot)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-01-13 08:30:30 | 007,520,256 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\NETw5v64.sys – (netw5v64) Intel(R)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-11-02 18:16:50 | 000,033,736 | —- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\ANDROIDUSB.sys – (HTCAND64)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:52:20 | 000,194,128 | —- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsbs.sys – (amdsbs)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:48:04 | 000,065,600 | —- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\lsi_sas2.sys – (LSI_SAS2)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:47:48 | 000,024,144 | —- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] – C:\Windows\SysNative\drivers\crcdisk.sys – (crcdisk)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:45:55 | 000,024,656 | —- | M] (Promise Technology) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\stexstor.sys – (stexstor)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 02:10:33 | 000,021,504 | —- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] – C:\Windows\SysNative\drivers\ws2ifsl.sys – (ws2ifsl)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 01:21:48 | 000,038,400 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\tpm.sys – (TPM)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 01:19:47 | 000,092,160 | —- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] – C:\Windows\SysNative\drivers\cdfs.sys – (cdfs)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-06-10 23:01:06 | 001,146,880 | —- | M] (LSI Corp) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\agrsm64.sys – (AgereSoftModem)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-06-10 22:34:33 | 003,286,016 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\evbda.sys – (ebdrv)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-06-10 22:34:28 | 000,468,480 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\bxvbda.sys – (b06bdrv)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-06-10 22:34:23 | 000,270,848 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\b57nd60a.sys – (b57nd60a)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-06-10 22:31:59 | 000,031,232 | —- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hcw85cir.sys – (hcw85cir)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-05-18 13:17:08 | 000,034,152 | —- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\GEARAspiWDM.sys – (GEARAspiWDM)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-01-09 19:44:30 | 000,223,792 | —- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\Apfiltr.sys – (ApfiltrService)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2008-02-13 12:35:46 | 012,379,136 | —- | M] () [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\snp2sxp.sys – (SNP2STD) USB2.0 PC Camera (SNP2STD)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2007-08-28 15:46:46 | 000,217,088 | —- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\atswpdrv.sys – (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2007-08-16 05:20:22 | 000,088,064 | —- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\EMS7SK.sys – (EMSCR)
    DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2007-08-16 05:20:06 | 000,059,392 | —- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\ESD7SK.sys – (ESDCR)
    DRV - [2012-05-31 22:07:27 | 000,061,624 | —- | M] () [File_System | System | Running] – C:\Windows\SysWOW64\drivers\OADriver.sys – (OADevice)
    DRV - [2012-05-31 22:07:27 | 000,040,512 | —- | M] (Emsisoft) [Kernel | System | Running] – C:\Windows\SysWOW64\drivers\OAmon.sys – (OAmon)
    DRV - [2012-05-31 22:05:22 | 000,061,624 | —- | M] () [Kernel | System | Running] – C:\Windows\SysWOW64\drivers\oahlp64.sys – (oahlpXX)
    DRV - [2009-07-14 03:19:10 | 000,019,008 | —- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysWOW64\drivers\wimmount.sys – (WIMMount)
    DRV - [2008-02-13 12:34:50 | 012,067,328 | —- | M] () [Kernel | On_Demand | Running] – C:\Windows\SysWOW64\drivers\snp2sxp.sys – (SNP2STD) USB2.0 PC Camera (SNP2STD)


    ========== Standard Registry (SafeList) ==========[/color:8b27344293]


    ========== Internet Explorer ==========[/color:8b27344293]

    IE:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=nl&t=0
    IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
    IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 65 66 B5 FE 4A 32 CC 01 [binary data]
    IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========[/color:8b27344293]

    FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?source=gama&hl=nl"
    FF - user.js - File not found

    FF:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
    FF:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0
    pctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director
    p32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins
    pitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin
    pgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3
    pPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0
    pctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111
    pGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111
    pGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR
    ppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-09 09:59:52 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-30 09:25:01 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-05-13 07:59:40 | 000,000,000 | —D | M]

    [2011-09-16 06:36:59 | 000,000,000 | —D | M] (No name found) – C:\Users\Gebruiker\AppData\Roaming\mozilla\Extensions
    [2012-06-02 06:42:11 | 000,000,000 | —D | M] (No name found) – C:\Users\Gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\c37ppq9a.default\extensions
    [2012-06-02 06:42:11 | 000,000,000 | —D | M] (Greasemonkey) – C:\Users\Gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\c37ppq9a.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2012-04-30 09:25:01 | 000,000,000 | —D | M] (No name found) – C:\Program Files (x86)\Mozilla Firefox\extensions
    [2012-04-21 03:18:00 | 000,097,208 | —- | M] (Mozilla Foundation) – C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2012-04-21 03:41:53 | 000,002,252 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2012-04-21 03:41:53 | 000,001,892 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
    [2012-04-21 03:41:53 | 000,004,558 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
    [2012-04-21 03:41:53 | 000,001,049 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml

    O1 HOSTS File: ([2011-10-02 21:57:46 | 000,000,027 | —- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:[b:8b27344293]64bit:[/b:8b27344293] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2:[b:8b27344293]64bit:[/b:8b27344293] - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O4:[b:8b27344293]64bit:[/b:8b27344293] - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files (x86)\Online Armor\oaui.exe (Emsi Software GmbH)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8:[b:8b27344293]64bit:[/b:8b27344293] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
    O8:[b:8b27344293]64bit:[/b:8b27344293] - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat… - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8:[b:8b27344293]64bit:[/b:8b27344293] - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat… - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat… - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat… - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:[b:8b27344293]64bit:[/b:8b27344293] - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:[b:8b27344293]64bit:[/b:8b27344293] - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra Button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : Verzenden naar &Bluetooth-apparaat… - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O10:[b:8b27344293]64bit:[/b:8b27344293] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.109.104.104 194.109.6.66
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB0814EA-BB8B-4E53-A0A5-E546798FDC2A}: DhcpNameServer = 194.109.104.104 194.109.6.66
    O20:[b:8b27344293]64bit:[/b:8b27344293] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:[b:8b27344293]64bit:[/b:8b27344293] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:[b:8b27344293]64bit:[/b:8b27344293] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:[b:8b27344293]64bit:[/b:8b27344293] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\..comfile [open] – "%1" %*
    O35:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\..exefile [open] – "%1" %*
    O35 - HKLM\..comfile [open] – "%1" %*
    O35 - HKLM\..exefile [open] – "%1" %*
    O37:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\…com [@ = comfile] – "%1" %*
    O37:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\…exe [@ = exefile] – "%1" %*
    O37 - HKLM\…com [@ = comfile] – "%1" %*
    O37 - HKLM\…exe [@ = exefile] – "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========[/color:8b27344293]

    [2012-06-02 10:48:59 | 000,595,968 | —- | C] (OldTimer Tools) – C:\Users\Gebruiker\Desktop\OTL.com
    [2012-05-31 05:05:48 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
    [2012-05-31 04:54:02 | 000,028,504 | —- | C] (AVAST Software) – C:\Windows\SysNative\drivers\aswKbd.sys
    [2012-05-22 22:33:24 | 000,000,000 | —D | C] – C:\Users\Gebruiker\AppData\Roaming\OnlineArmor
    [2012-05-22 22:33:24 | 000,000,000 | —D | C] – C:\ProgramData\OnlineArmor
    [2012-05-22 22:32:22 | 000,040,512 | —- | C] (Emsisoft) – C:\Windows\SysWow64\drivers\OAmon.sys
    [2012-05-22 22:32:22 | 000,035,368 | —- | C] (Emsisoft) – C:\Windows\SysNative\drivers\OAnet.sys
    [2012-05-22 22:32:22 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Armor
    [2012-05-22 22:32:18 | 000,000,000 | —D | C] – C:\Program Files (x86)\Online Armor
    [2012-05-22 22:05:24 | 000,000,000 | —D | C] – C:\Program Files (x86)\Emsisoft Anti-Malware
    [2012-05-13 07:58:57 | 000,000,000 | -HSD | C] – C:\Config.Msi
    [2012-05-13 07:42:35 | 000,000,000 | —D | C] – C:\Windows\SysWow64\Adobe
    [2012-05-13 07:41:48 | 000,000,000 | —D | C] – C:\Program Files (x86)\Common Files\Adobe AIR
    [2012-05-13 07:39:44 | 000,000,000 | —D | C] – C:\Program Files (x86)\Common Files\Adobe

    ========== Files - Modified Within 30 Days ==========[/color:8b27344293]

    [2012-06-02 10:49:13 | 000,595,968 | —- | M] (OldTimer Tools) – C:\Users\Gebruiker\Desktop\OTL.com
    [2012-06-02 10:13:00 | 000,000,940 | —- | M] () – C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012-06-02 10:00:00 | 000,001,062 | —- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012-06-02 07:11:49 | 000,013,440 | -H– | M] () – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012-06-02 07:11:49 | 000,013,440 | -H– | M] () – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012-06-02 07:09:10 | 001,743,760 | —- | M] () – C:\Windows\SysNative\PerfStringBackup.INI
    [2012-06-02 07:09:10 | 000,775,754 | —- | M] () – C:\Windows\SysNative\perfh013.dat
    [2012-06-02 07:09:10 | 000,678,648 | —- | M] () – C:\Windows\SysNative\perfh009.dat
    [2012-06-02 07:09:10 | 000,164,648 | —- | M] () – C:\Windows\SysNative\perfc013.dat
    [2012-06-02 07:09:10 | 000,129,696 | —- | M] () – C:\Windows\SysNative\perfc009.dat
    [2012-06-02 07:04:11 | 000,001,058 | —- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012-06-02 07:03:50 | 000,067,584 | –S- | M] () – C:\Windows\bootstat.dat
    [2012-06-02 07:03:43 | 2414,436,352 | -HS- | M] () – C:\hiberfil.sys
    [2012-06-01 06:59:25 | 000,000,000 | —- | M] () – C:\Windows\SysWow64\config.nt
    [2012-05-31 22:07:27 | 000,061,624 | —- | M] () – C:\Windows\SysWow64\drivers\OADriver.sys
    [2012-05-31 22:07:27 | 000,040,512 | —- | M] (Emsisoft) – C:\Windows\SysWow64\drivers\OAmon.sys
    [2012-05-31 22:07:27 | 000,035,368 | —- | M] (Emsisoft) – C:\Windows\SysNative\drivers\OAnet.sys
    [2012-05-31 22:05:22 | 000,061,624 | —- | M] () – C:\Windows\SysWow64\drivers\oahlp64.sys
    [2012-05-20 08:24:56 | 000,004,343 | —- | M] () – C:\WirelessDiagLog.csv
    [2012-05-09 17:22:01 | 000,291,816 | —- | M] () – C:\Windows\SysNative\FNTCACHE.DAT

    ========== Files Created - No Company Name ==========[/color:8b27344293]

    [2012-05-22 22:32:22 | 000,061,624 | —- | C] () – C:\Windows\SysWow64\drivers\oahlp64.sys
    [2012-05-22 22:32:22 | 000,061,624 | —- | C] () – C:\Windows\SysWow64\drivers\OADriver.sys
    [2012-05-13 07:45:45 | 000,000,940 | —- | C] () – C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012-05-13 07:39:50 | 000,002,441 | —- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk
    [2012-02-11 08:50:14 | 000,015,497 | —- | C] () – C:\Windows\snp2std.ini
    [2012-02-11 08:50:13 | 000,025,472 | —- | C] () – C:\Windows\SysWow64\drivers\sncamd.sys
    [2012-02-11 08:50:12 | 012,067,328 | —- | C] () – C:\Windows\SysWow64\drivers\snp2sxp.sys
    [2012-02-11 08:50:12 | 000,151,552 | —- | C] ( ) – C:\Windows\SysWow64\rsnp2std.dll
    [2011-12-26 09:29:02 | 000,004,608 | —- | C] () – C:\Users\Gebruiker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011-11-11 09:51:45 | 001,764,134 | —- | C] () – C:\Windows\SysWow64\PerfStringBackup.INI
    [2011-07-02 09:08:58 | 000,007,668 | —- | C] () – C:\Users\Gebruiker\AppData\Local\resmon.resmoncfg
    [2011-06-25 11:41:41 | 000,356,352 | —- | C] () – C:\Windows\EMCRI.dll

    ========== LOP Check ==========[/color:8b27344293]

    [2011-09-24 06:45:59 | 000,000,000 | —D | M] – C:\Users\Gebruiker\AppData\Roaming\aignes
    [2011-06-26 10:03:17 | 000,000,000 | —D | M] – C:\Users\Gebruiker\AppData\Roaming\Auslogics
    [2011-10-10 06:32:52 | 000,000,000 | —D | M] – C:\Users\Gebruiker\AppData\Roaming\AutoSizer
    [2012-04-30 10:17:01 | 000,000,000 | —D | M] – C:\Users\Gebruiker\AppData\Roaming\HTC
    [2012-04-30 10:27:43 | 000,000,000 | —D | M] – C:\Users\Gebruiker\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
    [2012-05-22 22:33:32 | 000,000,000 | —D | M] – C:\Users\Gebruiker\AppData\Roaming\OnlineArmor
    [2011-07-17 15:36:10 | 000,000,000 | —D | M] – C:\Users\Gebruiker\AppData\Roaming\OpenOffice.org
    [2012-04-06 07:02:11 | 000,000,000 | —D | M] – C:\Users\Gebruiker\AppData\Roaming\PCToolsFirewallPlus
    [2012-05-31 19:39:10 | 000,000,000 | —D | M] – C:\Users\Gebruiker\AppData\Roaming\SoftGrid Client
    [2012-02-27 11:00:08 | 000,000,000 | —D | M] – C:\Users\Gebruiker\AppData\Roaming\TP
    [2011-09-17 09:06:43 | 000,000,000 | —D | M] – C:\Users\Gebruiker\AppData\Roaming\WinBatch
    [2011-12-23 08:40:40 | 000,032,554 | —- | M] () – C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========[/color:8b27344293]



    ========== Alternate Data Streams ==========[/color:8b27344293]

    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:C31F31E6

    < End of report >

    En hier de Extras.txt:

    OTL Extras logfile created on: 2-6-2012 10:53:53 - Run 1
    OTL by OldTimer - Version 3.2.45.0 Folder = C:\Users\Gebruiker\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    3,00 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,71% Memory free
    5,99 Gb Paging File | 4,75 Gb Available in Paging File | 79,24% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 93,06 Gb Total Space | 43,67 Gb Free Space | 46,93% Space Free | Partition Type: NTFS

    Computer Name: GEBRUIKER-PC | User Name: Gebruiker | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========[/color:8b27344293]


    ========== File Associations ==========[/color:8b27344293]

    [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] – C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] – C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = Reg Error: Value error.] – Reg Error: Key error. File not found

    [HKEY_USERS\S-1-5-21-3085547568-1381025367-4261561674-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] – C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========[/color:8b27344293]

    [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    exefile [open] – "%1" %*
    helpfile [open] – Reg Error: Key error.
    htmlfile [edit] – Reg Error: Key error.
    htmlfile [open] – Reg Error: Key error.
    htmlfile [opennew] – Reg Error: Key error.
    htmlfile [print] – rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
    http [open] – "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
    https [open] – "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
    inffile [install] – %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    InternetShortcut [open] – "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] – "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] – "%1" /S
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] – cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] – Reg Error: Value error.
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] – Reg Error: Key error.
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] – Reg Error: Key error.

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    cplfile [cplopen] – %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] – "%1" %*
    helpfile [open] – Reg Error: Key error.
    htmlfile [edit] – Reg Error: Key error.
    htmlfile [open] – Reg Error: Key error.
    htmlfile [opennew] – Reg Error: Key error.
    http [open] – "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
    https [open] – "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] – "%1" /S
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] – cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] – Reg Error: Value error.
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] – Reg Error: Key error.
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] – Reg Error: Key error.

    ========== Security Center Settings ==========[/color:8b27344293]

    [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== System Restore Settings ==========[/color:8b27344293]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========[/color:8b27344293]

    [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    ========== Authorized Applications List ==========[/color:8b27344293]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========[/color:8b27344293]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{095F233E-7912-4B5B-B3B9-3CEBF68C0761}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{10110771-0F6D-4363-AE7A-4D71C8437163}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{16C807E4-3152-4411-AD52-F1420543614D}" = lport=138 | protocol=17 | dir=in | app=system |
    "{2C881D0B-F124-4503-A5DC-CC90B3FD1B0F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{2DD1AAA8-0451-496C-B7AD-8ABA0578AE28}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{49455B77-BF89-42F7-BFD8-58B9D5F33411}" = rport=138 | protocol=17 | dir=out | app=system |
    "{5F71762C-D068-4D09-A2B1-830651C6B5B1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{71D34AAC-A16B-44B8-AFE2-F35F3470ABF1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{7494A506-BE70-46E9-A038-1870E1E89171}" = lport=139 | protocol=6 | dir=in | app=system |
    "{76E8AFAB-963B-48B7-9B6C-E735650897F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{7E3EB504-B8CC-445F-A7E8-660A6D864B70}" = rport=445 | protocol=6 | dir=out | app=system |
    "{8609BB52-2AF2-4505-BF50-F844DD769A11}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{8B5824CB-0E43-480E-9950-4DFC0BDBA194}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{911B2588-DDBD-4EFC-91A9-17E92E35A3DF}" = lport=137 | protocol=17 | dir=in | app=system |
    "{9288EB76-8A85-4B0D-A8C1-28A87B49E129}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{928D9FB6-F213-4E2C-B280-1BBA959E0B4D}" = rport=137 | protocol=17 | dir=out | app=system |
    "{AB9C67E8-C388-4043-A7AF-4018716C87D2}" = lport=445 | protocol=6 | dir=in | app=system |
    "{B97A74A3-A5DE-4B7E-B222-088BFC99C287}" = rport=139 | protocol=6 | dir=out | app=system |
    "{D8711E85-7A0E-4AAA-B8EB-2D97CD6CDBF1}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{E9A6B277-0AA9-4E57-B2A0-94244D8B7F88}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{F1727AD7-EAEA-4D30-BC70-B3A0748A1A7C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========[/color:8b27344293]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0494C2C6-22F4-4C38-B779-63B3EE0A5936}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{1565F6FF-AF87-4EBD-87A8-AD84B1926CD3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{18153C6E-16F3-4E10-BCBE-F46A5AC63CE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{2222CA80-2056-46CA-B6D3-1B30614FF79E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{26FDECB5-EC03-4641-AE93-2797711EF300}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{3232F57B-E089-4BF7-9887-F5E87C953319}" = protocol=6 | dir=out | app=system |
    "{42B8261E-532B-494D-89D4-D48C8BAE6A8C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{692CD322-6991-4F98-BF5D-3A40E0F37503}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{6CB43AD5-70B6-4B16-903E-1AE63A720BA6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{6F0061F6-08A3-4A3F-90B4-61E602E4E5AC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{83CFD8B4-55F8-4DC3-B7AC-71BC00E260F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{889FFDDF-FE6B-41E3-84D9-6FD0E097DF2B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{8F5AB8BD-CD19-4197-B9AA-FB474504F41C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{9C6BE48C-93FA-4265-8951-FB93FAC69C76}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{9F424FAA-DAC5-4DF3-85A7-90FCF41636EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{AEE3D08B-F0C9-41C7-BD84-2D81C747C1C9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{D8533722-554D-454C-A0F0-657DCC4922D8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{DCFF8890-EA90-4CDF-A583-2E689FCCCE03}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E651C73E-EF54-4245-8B5D-510735126C50}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:8b27344293]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{4567EA14-6BCA-3EF9-859B-92CE48B1D704}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{57DD35E9-D9BB-4089-BB05-EF933C586CB3}" = Broadcom InConcert Maestro
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}" = Broadcom Bluetooth Software
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90140000-006D-0413-1000-0000000FF1CE}" = Microsoft Office Klik-en-Klaar 2010
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
    "{B90E5EBE-DF18-44D5-9D18-689ADEE9DA6C}" = Intel(R) PROSet/Wireless WiFi-software
    "{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}" = O&O Defrag Free Edition
    "{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
    "CCleaner" = CCleaner
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
    "NVIDIA Drivers" = NVIDIA Drivers
    "ProInst" = Intel PROSet Wireless

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
    "{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
    "{4A423411-E28A-4A13-BDB0-8E8BC42FFA29}" = HTC Sync
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
    "{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7F362F06-A9A3-440F-8B19-6A01A72723C4}" = AuthenTec Fingerprint Sensor Minimum Install
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{90140011-0061-0413-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - Nederlands
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1043-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Nederlands
    "{D1BA1F1C-D88B-405D-953F-D7074B65453D}" = LifeView DTV
    "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "Adobe AIR" = Adobe AIR
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.6
    "avast" = avast! Free Antivirus
    "CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.3
    "ESET Online Scanner" = ESET Online Scanner v3
    "FileHippo.com" = FileHippo.com Update Checker
    "InstallShield_{D1BA1F1C-D88B-405D-953F-D7074B65453D}" = LifeView DTV
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.60.1.1000
    "Mozilla Firefox 12.0 (x86 nl)" = Mozilla Firefox 12.0 (x86 nl)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Office14.Click2Run" = Microsoft Office Klik-en-Klaar 2010
    "OnlineArmor_is1" = Online Armor 5.5
    "Picasa 3" = Picasa 3
    "Secunia PSI" = Secunia PSI (2.0.0.3003)

    ========== Last 10 Event Log Errors ==========[/color:8b27344293]

    [ Application Events ]
    Error - 12-5-2012 18:31:11 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832
    Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online
    scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand
    op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een
    andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel
    1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Onderdeel
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error - 13-5-2012 18:31:11 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832
    Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online
    scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand
    op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een
    andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel
    1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Onderdeel
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error - 18-5-2012 18:31:26 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832
    Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online
    scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand
    op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een
    andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel
    1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Onderdeel
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error - 19-5-2012 18:31:11 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832
    Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online
    scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand
    op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een
    andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel
    1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Onderdeel
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error - 28-5-2012 16:11:55 | Computer Name = Gebruiker-PC | Source = Application Error | ID = 1000
    Description = Naam van toepassing met fout: oasrv.exe, versie: 5.5.0.1557, tijdstempel:
    0x2a425e19 Naam van module met fout: oasrv.exe, versie: 5.5.0.1557, tijdstempel:
    0x2a425e19 Uitzonderingscode: 0xc0000005 Foutoffset: 0x00004a6f Id van proces met
    fout: 0x570 Starttijd van toepassing met fout: 0x01cd3d0a2bce3ed0 Pad naar toepassing
    met fout: C:\Program Files (x86)\Online Armor\oasrv.exe Pad naar module met fout:
    C:\Program Files (x86)\Online Armor\oasrv.exe Rapport-id: 5eaf04be-a901-11e1-9be8-0016cff7fe29

    Error - 28-5-2012 16:22:38 | Computer Name = Gebruiker-PC | Source = Application Error | ID = 1000
    Description = Naam van toepassing met fout: nvvsvc.exe, versie: 7.15.11.7967, tijdstempel:
    0x49b13057 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel:
    0x4ec4aa8e Uitzonderingscode: 0xc0000005 Foutoffset: 0x0000000000020a4a Id van proces
    met fout: 0x334 Starttijd van toepassing met fout: 0x01cd3d0e3fff5a3b Pad naar toepassing
    met fout: C:\Windows\system32
    vvsvc.exe Pad naar module met fout: C:\Windows\SYSTEM32
    tdll.dll
    Rapport-id:
    ddb7582a-a902-11e1-a57f-0016cff7fe29

    Error - 28-5-2012 17:02:56 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832
    Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online
    scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand
    op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een
    andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel
    1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Onderdeel
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error - 29-5-2012 18:31:11 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832
    Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online
    scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand
    op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een
    andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel
    1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Onderdeel
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    Error - 31-5-2012 13:51:14 | Computer Name = Gebruiker-PC | Source = CVHSVC | ID = 100
    Description = Alleen informatie. (Patch task for {90140011-0061-0413-0000-0000000FF1CE}):
    DownloadLatest Failed: De naam of het adres van de server kan niet worden omgezet


    Error - 31-5-2012 18:31:13 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832
    Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online
    scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand
    op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een
    andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel
    1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Onderdeel
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

    [ Media Center Events ]
    Error - 18-1-2012 22:17:11 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0
    Description = 3:17:11 - Fout bij verbinden met internet. 3:17:11 - Kan geen contact
    maken met server..

    Error - 18-1-2012 22:17:21 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0
    Description = 3:17:16 - Fout bij verbinden met internet. 3:17:16 - Kan geen contact
    maken met server..

    Error - 18-1-2012 23:17:25 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0
    Description = 4:17:25 - Fout bij verbinden met internet. 4:17:25 - Kan geen contact
    maken met server..

    Error - 18-1-2012 23:17:31 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0
    Description = 4:17:30 - Fout bij verbinden met internet. 4:17:30 - Kan geen contact
    maken met server..

    Error - 19-1-2012 0:17:36 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0
    Description = 5:17:36 - Fout bij verbinden met internet. 5:17:36 - Kan geen contact
    maken met server..

    Error - 19-1-2012 0:17:42 | Computer
  • Hierbij de rest van extra's.txt:

    Error - 19-1-2012 0:17:36 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0
    Description = 5:17:36 - Fout bij verbinden met internet. 5:17:36 - Kan geen contact
    maken met server..

    Error - 19-1-2012 0:17:42 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0
    Description = 5:17:41 - Fout bij verbinden met internet. 5:17:41 - Kan geen contact
    maken met server..

    Error - 19-1-2012 1:17:47 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0
    Description = 6:17:47 - Fout bij verbinden met internet. 6:17:47 - Kan geen contact
    maken met server..

    Error - 19-1-2012 1:17:54 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0
    Description = 6:17:52 - Fout bij verbinden met internet. 6:17:52 - Kan geen contact
    maken met server..

    Error - 31-3-2012 1:12:27 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0
    Description = 7:12:27 - Fout bij verbinden met internet. 7:12:27 - Kan geen contact
    maken met server..

    Error - 31-3-2012 1:12:33 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0
    Description = 7:12:32 - Fout bij verbinden met internet. 7:12:32 - Kan geen contact
    maken met server..

    [ System Events ]
    Error - 9-5-2012 11:17:46 | Computer Name = Gebruiker-PC | Source = Service Control Manager | ID = 7031
    Description = De Microsoft .NET Framework NGEN v4.0.30319_X64-service is onverwacht
    gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 120000 milliseconden
    worden uitgevoerd: Service opnieuw starten.

    Error - 9-5-2012 11:18:01 | Computer Name = Gebruiker-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installatiefout: de volgende update kan niet worden geïnstalleerd,
    foutcode 0x80070643: KB2656405: Beveiligingsupdate voor Microsoft .NET Framework
    4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server
    2008, Windows Server 2008 R2 voor x64-systemen.

    Error - 9-5-2012 11:19:46 | Computer Name = Gebruiker-PC | Source = Service Control Manager | ID = 7032
    Description = Servicebesturingsbeheer heeft na het onverwachte afsluiten van de
    Microsoft .NET Framework NGEN v4.0.30319_X64-service geprobeerd een herstelactie
    (Service opnieuw starten) uit te voeren, maar deze actie is met de volgende fout
    mislukt: %%1056

    Error - 9-5-2012 11:22:40 | Computer Name = Gebruiker-PC | Source = SNMP | ID = 16713180
    Description = De SNMP-service heeft een fout vastgesteld tijdens een poging toegang
    te krijgen tot de registersleutel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

    Error - 9-5-2012 11:23:34 | Computer Name = Gebruiker-PC | Source = Service Control Manager | ID = 7024
    Description = De HomeGroup Listener-service is gestopt met de specifieke servicefout
    %%-2147023143.

    Error - 9-5-2012 11:41:00 | Computer Name = Gebruiker-PC | Source = SNMP | ID = 16713180
    Description = De SNMP-service heeft een fout vastgesteld tijdens een poging toegang
    te krijgen tot de registersleutel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

    Error - 9-5-2012 11:41:35 | Computer Name = Gebruiker-PC | Source = DCOM | ID = 10010
    Description =

    Error - 9-5-2012 11:41:34 | Computer Name = Gebruiker-PC | Source = Service Control Manager | ID = 7024
    Description = De HomeGroup Listener-service is gestopt met de specifieke servicefout
    %%-2147023143.

    Error - 9-5-2012 12:01:55 | Computer Name = Gebruiker-PC | Source = bowser | ID = 8003
    Description =

    Error - 12-5-2012 0:37:57 | Computer Name = Gebruiker-PC | Source = Service Control Manager | ID = 7034
    Description = De Online Armor Helper Service-service is onverwacht beëindigd. Dit
    is nu 1 keer gebeurd.


    < End of report >
  • Hoi, verwijder handmatig de map [b:517a3c6e2c]c:\program files (x86)\ESET[/b:517a3c6e2c][/color:517a3c6e2c].
    Leeg daarna de prullenbak.

    Ik vermoed dat de Windows Firewall ook aktief is.
    Controleer dat; daarvoor ga je naar Start\Uitvoeren en de opdracht luidt: [b:517a3c6e2c]services.msc[/b:517a3c6e2c].
    Klik op de knop OK.
    N.B.: Uitvoeren kan ook gestart worden door gelijktijdig de "Windowstoets + R-toets" in te drukken.

    In het venster Services scroll je naar [b:517a3c6e2c]Windows Firewall[/color:517a3c6e2c][/b:517a3c6e2c].
    Dubbelklikk op die vermelding, bij "Opstarttype" zet je de instelling op "Gedeaktiveerd".

    Klik nu eerst op de knop [b:517a3c6e2c]Toepassen[/b:517a3c6e2c]; vervolgens klik je op de knop [b:517a3c6e2c]Stoppen[/b:517a3c6e2c], wacht even en klik uiteindelijk op [b:517a3c6e2c]OK[/b:517a3c6e2c].

    Daarna:
    [b:517a3c6e2c]Welk programma[/b:517a3c6e2c]: [b:517a3c6e2c]ComboFix[/b:517a3c6e2c][/color:517a3c6e2c]
    [b:517a3c6e2c]Waarvoor/waarom[/b:517a3c6e2c]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:517a3c6e2c]Moeilijkheidsgraad[/b:517a3c6e2c]: Lees alles eerst goed vanwege de voorbereidingsfase.
    [b:517a3c6e2c]Downloadlokatie[/b:517a3c6e2c]: Dit programma absoluut naar het bureaublad downloaden!
    [b:517a3c6e2c]Download ComboFix via één van deze locaties[/b:517a3c6e2c]:
    [list:517a3c6e2c][*:517a3c6e2c][b:517a3c6e2c]Bleepingcomputer[/b:517a3c6e2c]
    [*:517a3c6e2c][b:517a3c6e2c]ForoSpyware[/b:517a3c6e2c]
    [*:517a3c6e2c][b:517a3c6e2c]Geekstogo[/b:517a3c6e2c][/list:u:517a3c6e2c]
    [b:517a3c6e2c]Hier[/b:517a3c6e2c] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:517a3c6e2c]Hier[/color:517a3c6e2c][/b:517a3c6e2c] of [b:517a3c6e2c]hier[/b:517a3c6e2c][/color:517a3c6e2c] kan je lezen hoe je dat doet.

    [b:517a3c6e2c]Voor alle duidelijkheid nogmaals[/b:517a3c6e2c]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:517a3c6e2c]Opmerkingen[/b:517a3c6e2c]:
    [list:517a3c6e2c][*:517a3c6e2c]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:517a3c6e2c]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:517a3c6e2c]
    [b:517a3c6e2c]ComboFix is opgestart[/b:517a3c6e2c]:
    [list:517a3c6e2c][*:517a3c6e2c]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:517a3c6e2c]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:517a3c6e2c]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:517a3c6e2c]Wanneer ComboFix gereed is, zal het een logbestand voor je maken.
    [*:517a3c6e2c]Post de inhoud van dit logbestand in je volgende bericht.
    [*:517a3c6e2c]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:517a3c6e2c]
    [b:517a3c6e2c]Belangrijke opmerking[/b:517a3c6e2c]:
    [list:517a3c6e2c][*:517a3c6e2c][b:517a3c6e2c]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:517a3c6e2c][/b:517a3c6e2c]
    [*:517a3c6e2c][b:517a3c6e2c]Illegal operation attempted on a registery key that has been marked for deletion.[/color:517a3c6e2c][/b:517a3c6e2c]
    [*:517a3c6e2c][b:517a3c6e2c]Start dan de computer opnieuw op.[/color:517a3c6e2c][/b:517a3c6e2c][/list:u:517a3c6e2c]
  • De map C:\program files (X86) \ESET verwijderd.
    De Windows Firewall was al uitgeschakeld i.v.m. het gebruik van de Online Armor Firewall.
    Na opstarten Combofix verschijnt de melding: Commandline Standard Stream Splitter werkt niet meer.
    Windows wil programma afsluiten.
    Na het klikken op programma afsluiten (harde schijf lampje licht niet meer op) lijkt Combofix door te gaan met het volgende deel.
    Ik weet dus niet of de scan goed uitgevoerd is.
    Combofix heeft de computer opnieuw laten opstarten en er is een logbestand aangemaakt.
    Hieronder het logbestand:

    ComboFix 12-06-02.02 - Gebruiker 02-06-2012 12:22:30.4.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3070.1776 [GMT 2:00]
    Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    FW: Online Armor Firewall *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-05-02 to 2012-06-02 ))))))))))))))))))))))))))))))
    .
    .
    2012-06-02 10:33 . 2012-06-02 10:36 ——– d—–w- c:\users\Gebruiker\AppData\Local\temp
    2012-06-02 10:33 . 2012-06-02 10:33 ——– d—–w- c:\users\Public\AppData\Local\temp
    2012-06-02 10:33 . 2012-06-02 10:33 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-05-31 02:54 . 2012-03-07 00:02 28504 —-a-w- c:\windows\system32\drivers\aswKbd.sys
    2012-05-22 20:33 . 2012-05-28 20:15 ——– d—–w- c:\programdata\OnlineArmor
    2012-05-22 20:33 . 2012-05-22 20:33 ——– d—–w- c:\users\Gebruiker\AppData\Roaming\OnlineArmor
    2012-05-22 20:32 . 2012-05-31 20:07 61624 —-a-w- c:\windows\SysWow64\drivers\OADriver.sys
    2012-05-22 20:32 . 2012-05-31 20:07 40512 —-a-w- c:\windows\SysWow64\drivers\OAmon.sys
    2012-05-22 20:32 . 2012-05-31 20:07 35368 —-a-w- c:\windows\system32\drivers\OAnet.sys
    2012-05-22 20:32 . 2012-05-31 20:05 61624 —-a-w- c:\windows\SysWow64\drivers\oahlp64.sys
    2012-05-22 20:32 . 2012-06-02 10:40 ——– d—–w- c:\program files (x86)\Online Armor
    2012-05-22 20:05 . 2012-05-22 20:09 ——– d—–w- c:\program files (x86)\Emsisoft Anti-Malware
    2012-05-13 05:45 . 2012-06-01 00:13 70304 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-05-13 05:45 . 2012-06-01 00:13 419488 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-05-13 05:42 . 2012-05-13 05:42 ——– d—–w- c:\windows\SysWow64\Adobe
    2012-05-13 05:41 . 2012-05-13 05:41 ——– d—–w- c:\program files (x86)\Common Files\Adobe AIR
    2012-05-13 05:39 . 2012-05-13 05:39 ——– d—–w- c:\program files (x86)\Common Files\Adobe
    2012-05-09 15:08 . 2012-03-03 06:35 1544704 —-a-w- c:\windows\system32\DWrite.dll
    2012-05-09 15:08 . 2012-03-03 05:31 1077248 —-a-w- c:\windows\SysWow64\DWrite.dll
    2012-05-09 15:08 . 2012-03-31 06:05 5559664 —-a-w- c:\windows\system32
    toskrnl.exe
    2012-05-09 15:08 . 2012-03-31 03:10 3146240 —-a-w- c:\windows\system32\win32k.sys
    2012-05-09 15:08 . 2012-03-31 04:39 3968368 —-a-w- c:\windows\SysWow64
    tkrnlpa.exe
    2012-05-09 15:08 . 2012-03-31 04:39 3913072 —-a-w- c:\windows\SysWow64
    toskrnl.exe
    2012-05-09 15:07 . 2012-03-17 07:58 75120 —-a-w- c:\windows\system32\drivers\partmgr.sys
    2012-05-09 15:07 . 2012-03-30 11:35 1918320 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2012-05-09 15:06 . 2012-03-31 05:40 1367552 —-a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
    2012-05-09 15:06 . 2012-03-31 04:29 936960 —-a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-06-01 00:13 . 2012-04-13 18:47 8769696 —-a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
    2012-05-02 00:46 . 2012-05-02 00:46 4472832 —-a-w- c:\windows\SysWow64\GPhotos.scr
    2012-04-19 05:16 . 2011-07-08 04:06 856712 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
    2012-03-31 06:13 . 2011-06-28 20:50 48648 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
    2012-03-31 06:13 . 2011-06-28 20:50 882512 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2012-03-07 00:15 . 2012-02-28 06:07 41184 —-a-w- c:\windows\avastSS.scr
    2012-03-07 00:15 . 2012-02-28 06:07 201352 —-a-w- c:\windows\SysWow64\aswBoot.exe
    2012-03-07 00:15 . 2011-06-25 12:25 258520 —-a-w- c:\windows\system32\aswBoot.exe
    2012-03-07 00:04 . 2012-02-28 06:07 819032 —-a-w- c:\windows\system32\drivers\aswSnx.sys
    2012-03-07 00:04 . 2012-02-28 06:07 337240 —-a-w- c:\windows\system32\drivers\aswSP.sys
    2012-03-07 00:02 . 2012-02-28 06:07 53080 —-a-w- c:\windows\system32\drivers\aswRdr2.sys
    2012-03-07 00:01 . 2012-02-28 06:07 59224 —-a-w- c:\windows\system32\drivers\aswTdi.sys
    2012-03-07 00:01 . 2012-02-28 06:07 69976 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2012-03-07 00:01 . 2012-02-28 06:07 24408 —-a-w- c:\windows\system32\drivers\aswFsBlk.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
    "combofix"="c:\combofix\CF27449.3XE" [2010-11-20 345088]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - WS2IFSL
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    iissvcs REG_MULTI_SZ w3svc was
    apphost REG_MULTI_SZ apphostsvc
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-06-02 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-13 00:13]
    .
    2012-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-20 05:45]
    .
    2012-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-20 05:45]
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2012-03-07 00:15 135408 —-a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "@OnlineArmor GUI"="c:\program files (x86)\Online Armor\oaui.exe" [2012-05-31 2346592]
    .
    ——- Bijkomende Scan ——-
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com/ig?hl=nl&amp;t=0
    uInternet Settings,ProxyOverride = *.local
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Afbeelding verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Pagina verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    TCP: DhcpNameServer = 194.109.104.104 194.109.6.66
    DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
    FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\c37ppq9a.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?source=gama&hl=nl
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
    .
    .
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\program files (x86)\Online Armor\OAcat.exe
    c:\program files\AVAST Software\Avast\AvastSvc.exe
    c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    c:\program files (x86)\Secunia\PSI\sua.exe
    c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    .
    **************************************************************************
    .
    Voltooingstijd: 2012-06-02 12:52:20 - machine werd herstart
    ComboFix-quarantined-files.txt 2012-06-02 10:52
    .
    Pre-Run: 45.794.496.512 bytes beschikbaar
    Post-Run: 45.722.992.640 bytes beschikbaar
    .
    - - End Of File - - A596D977DA3EA219F72576EA851A6976
  • Vreemd die foutmelding.
    Het enigste wat ComboFix nochtans verwijdert heeft is een laatste rest van Eset!
  • Nog verdere acties ondernemen of is het probleem opgelost?
    Firefox start nog steeds langzamer op dan 1 week geleden.
  • Kontroleer in Firefox de geïnstalleerde Add-ons en ook Plug-ins.

    Want OTL geeft bijv. aan dat Firefox de Apple plug-ins niet meer kan vinden!
    Mogelijk dat dit alles samenhangt met het trage opstarten.
    Zowiezo geldt: hoe meer add-ons hoe langzamer FF opstart.

    En doe ook het volgende:

    Download MiniToolBox en plaats dit tool op jouw bureaublad.

    [b:b2f6a8019a]"Farbar MiniToolBox" gebruiken[/b:b2f6a8019a]:
    [list:b2f6a8019a][*:b2f6a8019a] [b:b2f6a8019a]Sluit nu eerst alle nog openstaande programmavensters![/color:b2f6a8019a][/b:b2f6a8019a]
    [list:b2f6a8019a][*:b2f6a8019a][b:b2f6a8019a]Windows 2000[/color:b2f6a8019a][/b:b2f6a8019a] en [b:b2f6a8019a]Windows XP[/b:b2f6a8019a][/color:b2f6a8019a]: start "MiniToolBox.exe" via dubbelklikken.
    [*:b2f6a8019a][b:b2f6a8019a]Windows Vista[/b:b2f6a8019a][/color:b2f6a8019a] en [b:b2f6a8019a]Windows 7[/b:b2f6a8019a][/color:b2f6a8019a]: start "MiniToolBox.exe" via rechtsklik [b:b2f6a8019a]Als Administrator uitvoeren[/b:b2f6a8019a].[/list:u:b2f6a8019a][/list:u:b2f6a8019a]
    Vink de volgende onderdelen aan:
    [list:b2f6a8019a]
    [*:b2f6a8019a]Flush DNS
    [*:b2f6a8019a]Report IE Proxy Settings
    [*:b2f6a8019a]Reset IE Proxy Settings
    [*:b2f6a8019a]Report FF Proxy Settings
    [*:b2f6a8019a]Reset FF Proxy Settings
    [*:b2f6a8019a]List content of Hosts
    [*:b2f6a8019a]List IP configuration
    [*:b2f6a8019a]List Winsock Entries
    [*:b2f6a8019a]List last 10 Event Viewer log
    [*:b2f6a8019a]Aansluitend wordt een log aangemaakt (Result.txt) in de zelfde map waar "MiniToolBox.exe" in zit.
    [*:b2f6a8019a]Kopieer en plak de inhoud van het log in jouw volgende bericht.[/list:u:b2f6a8019a]
    [b:b2f6a8019a]Notabene:[/b:b2f6a8019a][/color:b2f6a8019a] indien "Reset FF Proxy Settings" gekozen is, dient Firefox afgesloten te zijn!
  • Hoe kan ik de add-ons verwijderen?
    FF start nog steeds traag op.

    Hierbij het logbestand:

    MiniToolBox by Farbar Version: 14-01-2012
    Ran by Gebruiker (administrator) on 02-06-2012 at 14:50:16
    Microsoft Windows 7 Home Premium Service Pack 1 (X64)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP-configuratie

    De DNS-omzettingscache is leeggemaakt.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset IE Proxy Settings": IE Proxy Settings were reset.

    ========================= FF Proxy Settings: ==============================


    "Reset FF Proxy Settings": Firefox Proxy settings were reset.

    ========================= Hosts content: =================================

    127.0.0.1 localhost

    ========================= IP Configuration: ================================

    Intel(R) PRO/Wireless 3945ABG Network Connection = Draadloze netwerkverbinding (Connected)
    Realtek PCIe GBE Family Controller = LAN-verbinding (Media disconnected)
    Bluetooth Personal Area Network = LAN-verbinding 2 (Media disconnected)


    # ———————————-
    # IPv4-configuratie
    # ———————————-
    pushd interface ipv4

    reset
    set global
    set subinterface interface=??????? subinterface=ethernet_9 mtu=1477
    set subinterface interface=??????? subinterface=ethernet_10 mtu=1477


    popd
    # Einde van IPv4-configuratie



    Windows IP-configuratie

    Hostnaam . . . . . . . . . . . . : Gebruiker-PC
    Primair DNS-achtervoegsel . . . . :
    Knooppunttype . . . . . . . . . . : hybride
    IP-routering ingeschakeld . . . . : nee
    WINS-proxy ingeschakeld . . . . . : nee

    Ethernet-adapter voor LAN-verbinding 2:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Bluetooth Personal Area Network
    Fysiek adres. . . . . . . . . . . : 00-16-CF-F7-FE-29
    DHCP ingeschakeld . . . . . . . . : ja
    Autom. configuratie ingeschakeld : ja

    Ethernet-adapter voor LAN-verbinding:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Realtek PCIe GBE Family Controller
    Fysiek adres. . . . . . . . . . . : 00-16-D4-D9-DD-5E
    DHCP ingeschakeld . . . . . . . . : ja
    Autom. configuratie ingeschakeld : ja

    Draadloos LAN-adapter voor Draadloze netwerkverbinding:

    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Intel(R) PRO/Wireless 3945ABG Network Connection
    Fysiek adres. . . . . . . . . . . : 00-1B-77-1A-91-58
    DHCP ingeschakeld . . . . . . . . : ja
    Autom. configuratie ingeschakeld : ja
    Link-local IPv6-adres . . . . . . : fe80::8980:5503:6acf:518f%10(voorkeur)
    IPv4-adres. . . . . . . . . . . . : 192.168.1.102(voorkeur)
    Subnetmasker. . . . . . . . . . . : 255.255.255.0
    Lease verkregen . . . . . . . . . : zaterdag 2 juni 2012 13:42:36
    Lease verlopen. . . . . . . . . . : zondag 3 juni 2012 13:42:35
    Standaardgateway. . . . . . . . . : 192.168.1.1
    DHCP-server . . . . . . . . . . . : 192.168.1.1
    DHCPv6 IAID . . . . . . . . . . . : 184556407
    DHCPv6-client DUID. . . . . . . . : 00-01-00-01-15-95-F6-CA-00-16-D4-D9-DD-5E
    DNS-servers . . . . . . . . . . . : 194.109.104.104
    194.109.6.66
    NetBIOS via TCPIP . . . . . . . . : ingeschakeld

    Tunnel-adapter voor isatap.{DB0814EA-BB8B-4E53-A0A5-E546798FDC2A}:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter
    Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP ingeschakeld . . . . . . . . : nee
    Autom. configuratie ingeschakeld : ja

    Tunnel-adapter voor Teredo Tunneling Pseudo-Interface:

    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP ingeschakeld . . . . . . . . : nee
    Autom. configuratie ingeschakeld : ja
    IPv6-adres. . . . . . . . . . . . : 2001:0:5ef5:79fb:3ced:eff:3f57:fe99(voorkeur)
    Link-local IPv6-adres . . . . . . : fe80::3ced:eff:3f57:fe99%14(voorkeur)
    Standaardgateway. . . . . . . . . : ::
    NetBIOS via TCPIP . . . . . . . . : uitgeschakeld
    Server: resolver.xs4all.nl
    Address: 194.109.104.104

    Naam: google.com
    Addresses: 2a00:1450:4007:802::1005
    173.194.78.113
    173.194.78.138
    173.194.78.100
    173.194.78.102
    173.194.78.101
    173.194.78.139


    Pingen naar google.com [173.194.78.139] met 32 bytes aan gegevens:
    Antwoord van 173.194.78.139: bytes=32 tijd=32 ms TTL=49
    Antwoord van 173.194.78.139: bytes=32 tijd=32 ms TTL=49

    Ping-statistieken voor 173.194.78.139:
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
    (0% verlies).

    De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
    Minimum = 32ms, Maximum = 32ms, Gemiddelde = 32ms
    Server: resolver.xs4all.nl
    Address: 194.109.104.104

    Naam: yahoo.com
    Addresses: 98.139.183.24
    72.30.38.140
    209.191.122.70


    Pingen naar yahoo.com [209.191.122.70] met 32 bytes aan gegevens:
    Antwoord van 209.191.122.70: bytes=32 tijd=163 ms TTL=52
    Antwoord van 209.191.122.70: bytes=32 tijd=164 ms TTL=52

    Ping-statistieken voor 209.191.122.70:
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
    (0% verlies).

    De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
    Minimum = 163ms, Maximum = 164ms, Gemiddelde = 163ms
    Server: resolver.xs4all.nl
    Address: 194.109.104.104

    Naam: bleepingcomputer.com
    Address: 208.43.87.2


    Pingen naar bleepingcomputer.com [208.43.87.2] met 32 bytes aan gegevens:
    Antwoord van 208.43.87.2: De doelhost is niet bereikbaar.
    Antwoord van 208.43.87.2: De doelhost is niet bereikbaar.

    Ping-statistieken voor 208.43.87.2:
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
    (0% verlies).

    Pingen naar 127.0.0.1 met 32 bytes aan gegevens:
    Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128
    Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128

    Ping-statistieken voor 127.0.0.1:
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
    (0% verlies).

    De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
    Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms
    ===========================================================================
    Interfacelijst
    16…00 16 cf f7 fe 29 ……Bluetooth Personal Area Network
    11…00 16 d4 d9 dd 5e ……Realtek PCIe GBE Family Controller
    10…00 1b 77 1a 91 58 ……Intel(R) PRO/Wireless 3945ABG Network Connection
    1………………………Software Loopback Interface 1
    22…00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
    14…00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    ===========================================================================

    IPv4 routetabel
    ===========================================================================
    Actieve routes:
    Netwerkadres Netmasker Gateway Interface Metric
    0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 25
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    192.168.1.0 255.255.255.0 On-link 192.168.1.102 281
    192.168.1.102 255.255.255.255 On-link 192.168.1.102 281
    192.168.1.255 255.255.255.255 On-link 192.168.1.102 281
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 192.168.1.102 281
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 192.168.1.102 281
    ===========================================================================
    Permanente routes:
    Geen

    IPv6 routetabel
    ===========================================================================
    Actieve routes:
    Indien metrische netwerkbestemming Gateway
    14 58 ::/0 On-link
    1 306 ::1/128 On-link
    14 58 2001::/32 On-link
    14 306 2001:0:5ef5:79fb:3ced:eff:3f57:fe99/128
    On-link
    10 281 fe80::/64 On-link
    14 306 fe80::/64 On-link
    14 306 fe80::3ced:eff:3f57:fe99/128
    On-link
    10 281 fe80::8980:5503:6acf:518f/128
    On-link
    1 306 ff00::/8 On-link
    14 306 ff00::/8 On-link
    10 281 ff00::/8 On-link
    ===========================================================================
    Permanente routes:
    Geen
    ========================= Winsock entries =====================================

    Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
    Catalog5 02 C:\Windows\SysWOW64
    apinsp.dll [52224] (Microsoft Corporation)
    Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
    Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
    Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32
    apinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
    x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (06/02/2012 00:29:03 PM) (Source: Application Error) (User: )
    Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Uitzonderingscode: 0xc0000005
    Foutoffset: 0x00002833
    Id van proces met fout: 0x131c
    Starttijd van toepassing met fout: 0xmtee.3XE0
    Pad naar toepassing met fout: mtee.3XE1
    Pad naar module met fout: mtee.3XE2
    Rapport-id: mtee.3XE3

    Error: (06/02/2012 00:28:56 PM) (Source: Application Error) (User: )
    Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Uitzonderingscode: 0xc0000005
    Foutoffset: 0x00002833
    Id van proces met fout: 0x165c
    Starttijd van toepassing met fout: 0xmtee.3XE0
    Pad naar toepassing met fout: mtee.3XE1
    Pad naar module met fout: mtee.3XE2
    Rapport-id: mtee.3XE3

    Error: (06/02/2012 00:28:41 PM) (Source: Application Error) (User: )
    Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Uitzonderingscode: 0xc0000005
    Foutoffset: 0x00002833
    Id van proces met fout: 0x1658
    Starttijd van toepassing met fout: 0xmtee.3XE0
    Pad naar toepassing met fout: mtee.3XE1
    Pad naar module met fout: mtee.3XE2
    Rapport-id: mtee.3XE3

    Error: (06/02/2012 00:28:38 PM) (Source: Application Error) (User: )
    Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Uitzonderingscode: 0xc0000005
    Foutoffset: 0x00002833
    Id van proces met fout: 0x1098
    Starttijd van toepassing met fout: 0xmtee.3XE0
    Pad naar toepassing met fout: mtee.3XE1
    Pad naar module met fout: mtee.3XE2
    Rapport-id: mtee.3XE3

    Error: (06/02/2012 00:28:33 PM) (Source: Application Error) (User: )
    Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Uitzonderingscode: 0xc0000005
    Foutoffset: 0x00002833
    Id van proces met fout: 0x17b8
    Starttijd van toepassing met fout: 0xmtee.3XE0
    Pad naar toepassing met fout: mtee.3XE1
    Pad naar module met fout: mtee.3XE2
    Rapport-id: mtee.3XE3

    Error: (06/02/2012 00:28:28 PM) (Source: Application Error) (User: )
    Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Uitzonderingscode: 0xc0000005
    Foutoffset: 0x00002833
    Id van proces met fout: 0x172c
    Starttijd van toepassing met fout: 0xmtee.3XE0
    Pad naar toepassing met fout: mtee.3XE1
    Pad naar module met fout: mtee.3XE2
    Rapport-id: mtee.3XE3

    Error: (06/02/2012 00:28:23 PM) (Source: Application Error) (User: )
    Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Uitzonderingscode: 0xc0000005
    Foutoffset: 0x00002833
    Id van proces met fout: 0x1190
    Starttijd van toepassing met fout: 0xmtee.3XE0
    Pad naar toepassing met fout: mtee.3XE1
    Pad naar module met fout: mtee.3XE2
    Rapport-id: mtee.3XE3

    Error: (06/02/2012 00:28:18 PM) (Source: Application Error) (User: )
    Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Uitzonderingscode: 0xc0000005
    Foutoffset: 0x00002833
    Id van proces met fout: 0xe38
    Starttijd van toepassing met fout: 0xmtee.3XE0
    Pad naar toepassing met fout: mtee.3XE1
    Pad naar module met fout: mtee.3XE2
    Rapport-id: mtee.3XE3

    Error: (06/02/2012 00:28:12 PM) (Source: Application Error) (User: )
    Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Uitzonderingscode: 0xc0000005
    Foutoffset: 0x00002833
    Id van proces met fout: 0x13f8
    Starttijd van toepassing met fout: 0xmtee.3XE0
    Pad naar toepassing met fout: mtee.3XE1
    Pad naar module met fout: mtee.3XE2
    Rapport-id: mtee.3XE3

    Error: (06/02/2012 00:28:06 PM) (Source: Application Error) (User: )
    Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a
    Uitzonderingscode: 0xc0000005
    Foutoffset: 0x00002833
    Id van proces met fout: 0xcf0
    Starttijd van toepassing met fout: 0xmtee.3XE0
    Pad naar toepassing met fout: mtee.3XE1
    Pad naar module met fout: mtee.3XE2
    Rapport-id: mtee.3XE3


    System errors:
    =============
    Error: (06/02/2012 01:43:32 PM) (Source: DCOM) (User: )
    Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}

    Error: (06/02/2012 01:42:58 PM) (Source: SNMP) (User: )
    Description: De SNMP-service heeft een fout vastgesteld tijdens een poging toegang te krijgen tot de registersleutel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

    Error: (06/02/2012 00:35:59 PM) (Source: DCOM) (User: )
    Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}

    Error: (06/02/2012 00:35:26 PM) (Source: Service Control Manager) (User: )
    Description: De Windows Defender-service is gestopt met de volgende foutcode:
    %%126.

    Error: (06/02/2012 00:35:26 PM) (Source: SNMP) (User: )
    Description: De SNMP-service heeft een fout vastgesteld tijdens een poging toegang te krijgen tot de registersleutel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

    Error: (06/02/2012 00:33:55 PM) (Source: Service Control Manager) (User: )
    Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist.

    Error: (06/02/2012 00:26:35 PM) (Source: Service Control Manager) (User: )
    Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist.

    Error: (06/02/2012 07:04:53 AM) (Source: DCOM) (User: )
    Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}

    Error: (06/02/2012 07:04:44 AM) (Source: Service Control Manager) (User: )
    Description: De HomeGroup Listener-service is gestopt met de specifieke servicefout %%-2147023143.

    Error: (06/02/2012 07:04:15 AM) (Source: SNMP) (User: )
    Description: De SNMP-service heeft een fout vastgesteld tijdens een poging toegang te krijgen tot de registersleutel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.


    Microsoft Office Sessions:
    =========================
    Error: (06/02/2012 00:29:03 PM) (Source: Application Error)(User: )
    Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833131c01cd40aa87bf4839C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEc57095d9-ac9d-11e1-a4ee-0016cff7fe29

    Error: (06/02/2012 00:28:56 PM) (Source: Application Error)(User: )
    Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833165c01cd40aa83966e22C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEc14a1d23-ac9d-11e1-a4ee-0016cff7fe29

    Error: (06/02/2012 00:28:41 PM) (Source: Application Error)(User: )
    Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833165801cd40aa7aa6e3bbC:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEb858315c-ac9d-11e1-a4ee-0016cff7fe29

    Error: (06/02/2012 00:28:38 PM) (Source: Application Error)(User: )
    Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833109801cd40aa78e29e47C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEb6964d48-ac9d-11e1-a4ee-0016cff7fe29

    Error: (06/02/2012 00:28:33 PM) (Source: Application Error)(User: )
    Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac00000050000283317b801cd40aa762dedd7C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEb3df3b78-ac9d-11e1-a4ee-0016cff7fe29

    Error: (06/02/2012 00:28:28 PM) (Source: Application Error)(User: )
    Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833172c01cd40aa736af526C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEb11c42c7-ac9d-11e1-a4ee-0016cff7fe29

    Error: (06/02/2012 00:28:23 PM) (Source: Application Error)(User: )
    Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833119001cd40aa70596f0bC:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEae085b4c-ac9d-11e1-a4ee-0016cff7fe29

    Error: (06/02/2012 00:28:18 PM) (Source: Application Error)(User: )
    Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833e3801cd40aa6d42ff20C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEaaf1eb60-ac9d-11e1-a4ee-0016cff7fe29

    Error: (06/02/2012 00:28:12 PM) (Source: Application Error)(User: )
    Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac00000050000283313f801cd40aa69b35017C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEa7649db8-ac9d-11e1-a4ee-0016cff7fe29

    Error: (06/02/2012 00:28:06 PM) (Source: Application Error)(User: )
    Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833cf001cd40aa65f666e9C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEa3a55329-ac9d-11e1-a4ee-0016cff7fe29


    **** End of log ****
  • Als jij FF open hebt staan, heb je dan linksboven een oranje knop er zitten of heb je de menubalk aanstaan.

    Ingeval dus van die oranje knop, klik daarop en in het rechter gedeelte van het contekst-menu vind je add-ons, daar klik je dan op.

    Ingeval de menubalk is geaktiveerd, dan klik je op Extra en dan op Add-ons.
  • Dank voor je reactie; add-ons zijn verwijderd!!!!
    Zijn er nog bijzondere dingen gekomen uit het log van de MiniToolBox die een vervolg moeten hebben?
    Zo nee, dan ga ik de gebruikte programma's verwijderen.
    Misschien de Chrome webbrowser eens uitproberen?
    Oh ja, nog een security check uitvoeren?

    Ik bedenk me ineens dat deze laptop op een draadloos netwerk draait.
    Zou het ook aan de router kunnen liggen?
    Ik heb hier nl. de afgelopen dagen wat problemen mee gehad maar volgens mij doet ie het nu weer goed.

    Router:Linksys (Cisco) Wireless ADSL Home Gateway WAG 200 G Annex-B.
  • Je schreef eerder: "Na opstarten Combofix verschijnt de melding: Commandline Standard Stream Splitter werkt niet meer.
    Windows wil programma afsluiten.
    Na het klikken op programma afsluiten (harde schijf lampje licht niet meer op) lijkt Combofix door te gaan met het volgende deel".

    Het vreemde is nu dat het missende onderdeel nu deel uitmaakt van een andere foutmelding:

    Error: (06/02/2012 00:29:03 PM) (Source: Application Error)(User: )
    Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833131c01cd40aa87bf4839C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEc57095d9-ac9d-11e1-a4ee-0016cff7fe29

    Ik vind dit allemaal maar heel vreemd, temeer daar ComboFix zelf geen gewag ervan gemaakt heeft dat bestand verplaatst te hebben!
  • Kan ik hier nog iets aan doen of moet ik geduld hebben totdat jij verder onderzoek kunt doen?
  • Ik ga ervan uit dat [b:6416fa8cda]mtee.3XE[/b:6416fa8cda] in System32 behoort.
    Probeer dus of je dat bestand uit C:\Combofix daar naar toe kan kopiëren.

    En niet ongeduldig worden.
    Jij bent bij lange na niet de enigste die ik aan het helpen ben!
  • Kan het bestand mtee.3XE niet vinden op mijn laptop op de aangegeven lokatie.

    Ik realiseer me dat ik niet de enige ben op dit forum die graag een antwoord van je wil.
    Het is niet mijn bedoeling om je op enigerlei manier te haasten of stressen!!!!
    Jammer dat dit zo bij je overgekomen is; ik maak al jaren gebruik van jouw adviezen en oplossingen en ben daar zeer tevreden over!!
  • Oké.
    We gaan zoeken:

    Optie B "custom search" zoek bestanden en mappen op de schijf waar je windows staat m.b.v. keywords.

    [b:95526506ec]Welk programma[/b:95526506ec]: Zoek.exe
    [b:95526506ec]Waarvoor/waarom[/b:95526506ec]: multifunktioneel tool
    [b:95526506ec]Moeilijkheidsgraad[/b:95526506ec]: geen.
    [b:95526506ec]Download[/b:95526506ec]: [b:95526506ec]zoek.exe[/b:95526506ec]

    [b:95526506ec]"Zoek.exe" gebruiken[/b:95526506ec]:
    [list:95526506ec][*:95526506ec] [b:95526506ec]Sluit nu eerst alle nog openstaande programmavensters![/color:95526506ec][/b:95526506ec]
    [*:95526506ec]Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    [b:95526506ec]hier[/color:95526506ec][/b:95526506ec] of [b:95526506ec]hier[/b:95526506ec][/color:95526506ec] kan je lezen hoe je dat doet.
    [list:95526506ec][*:95526506ec][b:95526506ec]Windows 2000[/color:95526506ec][/b:95526506ec] en [b:95526506ec]Windows XP[/b:95526506ec][/color:95526506ec]: start het tool middels dubbelklik op "[i:95526506ec]Zoek.exe[/i:95526506ec]".
    [*:95526506ec][b:95526506ec]Windows Vista[/b:95526506ec][/color:95526506ec] en [b:95526506ec]Windows 7[/b:95526506ec][/color:95526506ec]: start het tool middels rechtsklik op "[i:95526506ec]Zoek.exe[/i:95526506ec]" en dan kiezen voor [i:95526506ec][b:95526506ec]Als Administrator uitvoeren[/b:95526506ec][/i:95526506ec].[/list:u:95526506ec]

    [*:95526506ec]Vervolgens zal er een nieuw venster openen.
    [*:95526506ec]Met je muis selecteer je nu de volgende keuze "[b:95526506ec]Custom search[/color:95526506ec][/b:95526506ec]"(2e keuzerondje onder het invulvenster)
    [*:95526506ec]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege invulvenster

    [b:95526506ec]
    mtee.3XE;
    [/color:95526506ec][/b:95526506ec]

    [*:95526506ec]Klik nu op de knop "[b:95526506ec]Run script[/color:95526506ec][/b:95526506ec]".
    [*:95526506ec]Wacht vervolgens geduldig af tot er een logje opent.
    [*:95526506ec]Post dan de inhoud van het geopende logje in het volgende bericht.[/list:u:95526506ec]
  • Zoek.exe Version 3.0.0.2 Updated 29-05-2012
    Tool run by Gebruiker on za 02-06-2012 at 20:03:26,49.
    Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
    Running from: C:\Users\Gebruiker\Desktop\zoek.exe

    ==== Folders Found ======================


    2012-06-02 10:28:40 2012-06-02 10:28:40 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_022db31e
    2012-06-02 10:28:03 2012-06-02 10:28:03 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_048d21a9
    2012-06-02 10:25:09 2012-06-02 10:25:09 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_05ca788e
    2012-06-02 10:26:21 2012-06-02 10:26:21 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_064b9217
    2012-06-02 10:28:26 2012-06-02 10:28:26 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_07497b1e
    2012-06-02 10:27:01 2012-06-02 10:27:01 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_083c30c6
    2012-06-02 10:25:45 2012-06-02 10:25:45 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_0bd706b9
    2012-06-02 10:25:30 2012-06-02 10:25:30 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_0c5acbbd
    2012-06-02 10:28:15 2012-06-02 10:28:15 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_0eb94f9b
    2012-06-02 10:29:05 2012-06-02 10:29:05 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_112e14ae
    2012-06-02 10:28:43 2012-06-02 10:28:43 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1165be93
    2012-06-02 10:26:15 2012-06-02 10:26:15 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_11e77c27
    2012-06-02 10:28:31 2012-06-02 10:28:31 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_12a18f49
    2012-06-02 10:28:21 2012-06-02 10:28:21 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_12f966e2
    2012-06-02 10:27:33 2012-06-02 10:27:33 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1334abed
    2012-06-02 10:22:36 2012-06-02 10:22:36 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_148824a5
    2012-06-02 10:27:39 2012-06-02 10:27:39 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_14a0c344
    2012-06-02 10:28:09 2012-06-02 10:28:09 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_14d536fd
    2012-06-02 10:24:42 2012-06-02 10:24:42 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_14f610e7
    2012-06-02 10:26:33 2012-06-02 10:26:33 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_15b3c122
    2012-06-02 10:27:27 2012-06-02 10:27:27 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_16c49561
    2012-06-02 10:28:59 2012-06-02 10:28:59 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1705fa89
    2012-06-02 10:28:36 2012-06-02 10:28:36 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1765a163
    2012-06-02 10:19:38 2012-06-02 10:19:38 ——– dc—-w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_cab_0c656af7
    2012-06-02 10:28:40 2012-06-02 10:28:40 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_022db31e
    2012-06-02 10:28:03 2012-06-02 10:28:03 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_048d21a9
    2012-06-02 10:25:09 2012-06-02 10:25:09 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_05ca788e
    2012-06-02 10:26:21 2012-06-02 10:26:21 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_064b9217
    2012-06-02 10:28:26 2012-06-02 10:28:26 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_07497b1e
    2012-06-02 10:27:01 2012-06-02 10:27:01 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_083c30c6
    2012-06-02 10:25:45 2012-06-02 10:25:45 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_0bd706b9
    2012-06-02 10:25:30 2012-06-02 10:25:30 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_0c5acbbd
    2012-06-02 10:28:15 2012-06-02 10:28:15 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_0eb94f9b
    2012-06-02 10:29:05 2012-06-02 10:29:05 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_112e14ae
    2012-06-02 10:28:43 2012-06-02 10:28:43 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1165be93
    2012-06-02 10:26:15 2012-06-02 10:26:15 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_11e77c27
    2012-06-02 10:28:31 2012-06-02 10:28:31 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_12a18f49
    2012-06-02 10:28:21 2012-06-02 10:28:21 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_12f966e2
    2012-06-02 10:27:33 2012-06-02 10:27:33 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1334abed
    2012-06-02 10:22:36 2012-06-02 10:22:36 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_148824a5
    2012-06-02 10:27:39 2012-06-02 10:27:39 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_14a0c344
    2012-06-02 10:28:09 2012-06-02 10:28:09 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_14d536fd
    2012-06-02 10:24:42 2012-06-02 10:24:42 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_14f610e7
    2012-06-02 10:26:33 2012-06-02 10:26:33 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_15b3c122
    2012-06-02 10:27:27 2012-06-02 10:27:27 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_16c49561
    2012-06-02 10:28:59 2012-06-02 10:28:59 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1705fa89
    2012-06-02 10:28:36 2012-06-02 10:28:36 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1765a163
    2012-06-02 10:19:38 2012-06-02 10:19:38 ——– dc—-w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_cab_0c656af7

    ==== Files Found ======================


    — C:\Windows\Prefetch\MTEE.3XE-C81E85BB.pf —
    Company: ——
    File Description: ——
    File Version: ——
    Product Name: ——
    Copyright: ——
    Original Filename: ——
    File type: —-a-w-
    File size: 12856
    Created time: 2012-06-02 10:19:42
    Modified time: 2012-06-02 10:29:06
    MD5: 47FE88691471D9A99EA66C615AF743C7
    SHA1: 4037FDB60EDBC88C8DFF165834CCE5BD91D4352E
  • Kijk ens hier: http://www.commandline.co.uk/mtee/
  • Ik heb het bestand mtee.exe gedownload en het programma laten draaien.
    Zoals verwacht komt wederom de melding Commandline Standard Stream Splitter werkt niet meer.
    Maar daarmee staat het bestand nog niet in System32!!
    Ik begrijp dus niet wat ik nu moet doen.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.