Vraag & Antwoord

Beveiliging & privacy

Firefox werkt traag

33 antwoorden
  • Sinds een week werkt Firefox beduidend trager. De volgende bewerkingen al uitgevoerd: TFC als Administrator uitgevoerd Defragmentatie met O en O defrag uitgevoerd Firefox versie = 12.0 Secunia uitgevoerd --> alles is bijgewerkt Hieronder een MBAM-log: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.06.02.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Gebruiker :: GEBRUIKER-PC [administrator] 2-6-2012 7:55:56 mbam-log-2012-06-02 (07-55-56).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 203748 Verstreken tijd: 2 minuut/minuten, 58 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Is er sprake van Malware? Zo niet hoe kan ik weer snel internet krijgen?
  • Hallo Jos, ik heb meer gegevens nodig. Doe daarom nu eerst onderstaande: [b:94ce6030bc]Welk programma[/b:94ce6030bc]: [color=#008000:94ce6030bc][b:94ce6030bc]OTL.com[/b:94ce6030bc][/color:94ce6030bc] [b:94ce6030bc]Waarvoor/waarom[/b:94ce6030bc]: multifunktioneel tool - analyse en fix [b:94ce6030bc]Moeilijkheidsgraad[/b:94ce6030bc]: geen. [b:94ce6030bc]Download[/b:94ce6030bc]: [url=http://oldtimer.geekstogo.com/OTL.com][b:94ce6030bc][color=red:94ce6030bc]OTL[/color:94ce6030bc][/b:94ce6030bc][/url] en plaats het bestand op het bureaublad. [b:94ce6030bc][color=#008000:94ce6030bc]OTL.com[/color:94ce6030bc] gebruiken[/b:94ce6030bc]: [list:94ce6030bc][*:94ce6030bc] [b:94ce6030bc][color=#0000FF:94ce6030bc]Sluit nu eerst alle nog openstaande programmavensters![/color:94ce6030bc][/b:94ce6030bc] [list:94ce6030bc][*:94ce6030bc]Dubblklik op [img:94ce6030bc]http://www.imgdumper.nl/uploads5/4f91108799372/4f91108798ba0-OTL-1.png[/img:94ce6030bc] [/list:u:94ce6030bc][/list:u:94ce6030bc] [list:94ce6030bc][*:94ce6030bc]Zet een vinkje bij [color=#0000FF:94ce6030bc][b:94ce6030bc]Scan All Users[/b:94ce6030bc][/color:94ce6030bc]. [*:94ce6030bc]Klik op [img:94ce6030bc]http://www.imgdumper.nl/uploads5/4f9112fd1172c/4f9112fd11340-OTL-3.png[/img:94ce6030bc]. [*:94ce6030bc]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef. [*:94ce6030bc]De scan zal niet heel erg lang duren. [list:94ce6030bc][*:94ce6030bc]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:94ce6030bc]OTL.Txt[/b:94ce6030bc] en [b:94ce6030bc]Extras.txt[/b:94ce6030bc]. [*:94ce6030bc]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:94ce6030bc] [*:94ce6030bc][color=#008000:94ce6030bc][b:94ce6030bc]Notabene:[/b:94ce6030bc][/color:94ce6030bc] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:94ce6030bc]
  • Hierbij OTL.txt bestand: OTL logfile created on: 2-6-2012 10:53:53 - Run 1 OTL by OldTimer - Version 3.2.45.0 Folder = C:\Users\Gebruiker\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3,00 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,71% Memory free 5,99 Gb Paging File | 4,75 Gb Available in Paging File | 79,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 93,06 Gb Total Space | 43,67 Gb Free Space | 46,93% Space Free | Partition Type: NTFS Computer Name: GEBRUIKER-PC | User Name: Gebruiker | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:8b27344293]========== Processes (SafeList) ==========[/color:8b27344293] PRC - [2012-06-02 10:49:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gebruiker\Desktop\OTL.com PRC - [2012-05-31 22:06:51 | 002,346,592 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oaui.exe PRC - [2012-05-31 22:06:19 | 004,382,968 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\OAsrv.exe PRC - [2012-05-31 22:05:06 | 001,168,296 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oahlp.exe PRC - [2012-05-31 22:04:48 | 000,210,920 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oacat.exe PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-03-07 02:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-03-07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011-10-01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011-10-01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011-09-15 12:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2011-04-19 08:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe [color=#E56717:8b27344293]========== Modules (No Company Name) ==========[/color:8b27344293] [color=#E56717:8b27344293]========== Win32 Services (SafeList) ==========[/color:8b27344293] SRV:[b:8b27344293]64bit:[/b:8b27344293] - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-03 10:57:04 | 001,085,216 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-05-04 07:19:28 | 000,591,872 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-01-25 11:45:08 | 003,051,848 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 15:27:28 | 000,258,560 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 15:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 15:25:18 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-01-19 17:26:58 | 001,420,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-01-19 17:05:22 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc) SRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp) SRV - [2012-06-01 02:13:51 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-05-31 22:06:19 | 004,382,968 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\OAsrv.exe -- (SvcOnlineArmor) SRV - [2012-05-31 22:04:48 | 000,210,920 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\oacat.exe -- (OAcat) SRV - [2012-04-21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-10-01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011-10-01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011-09-15 12:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2011-05-04 06:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch) SRV - [2011-04-19 08:44:40 | 000,993,848 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent) SRV - [2011-04-19 08:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2010-11-20 14:21:35 | 000,204,800 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient) SRV - [2010-11-20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2010-11-20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2010-11-20 14:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2010-11-20 14:17:42 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-07-14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess) SRV - [2009-07-14 03:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-06-10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64) [color=#E56717:8b27344293]========== Driver Services (SafeList) ==========[/color:8b27344293] DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-05-31 22:07:27 | 000,035,368 | ---- | M] (Emsisoft) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OAnet.sys -- (OAnet) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-07 02:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2012-02-15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-10-01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-10-01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-10-01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-10-01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-04 19:19:50 | 000,620,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-04 19:19:50 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-04 19:19:44 | 000,178,728 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-04 19:19:44 | 000,167,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-04 19:19:44 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-08-04 19:19:44 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-11-20 11:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-09-01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-06-25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2010-01-13 08:30:30 | 007,520,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel(R) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-11-02 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-07-14 01:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-06-10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2009-01-09 19:44:30 | 000,223,792 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2008-02-13 12:35:46 | 012,379,136 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2007-08-28 15:46:46 | 000,217,088 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2007-08-16 05:20:22 | 000,088,064 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EMS7SK.sys -- (EMSCR) DRV:[b:8b27344293]64bit:[/b:8b27344293] - [2007-08-16 05:20:06 | 000,059,392 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESD7SK.sys -- (ESDCR) DRV - [2012-05-31 22:07:27 | 000,061,624 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\OADriver.sys -- (OADevice) DRV - [2012-05-31 22:07:27 | 000,040,512 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\OAmon.sys -- (OAmon) DRV - [2012-05-31 22:05:22 | 000,061,624 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\oahlp64.sys -- (oahlpXX) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008-02-13 12:34:50 | 012,067,328 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD) [color=#E56717:8b27344293]========== Standard Registry (SafeList) ==========[/color:8b27344293] [color=#E56717:8b27344293]========== Internet Explorer ==========[/color:8b27344293] IE:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=nl&t=0 IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 65 66 B5 FE 4A 32 CC 01 [binary data] IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717:8b27344293]========== FireFox ==========[/color:8b27344293] FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?source=gama&hl=nl" FF - user.js - File not found FF:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found FF:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-09 09:59:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-30 09:25:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-05-13 07:59:40 | 000,000,000 | ---D | M] [2011-09-16 06:36:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gebruiker\AppData\Roaming\mozilla\Extensions [2012-06-02 06:42:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\c37ppq9a.default\extensions [2012-06-02 06:42:11 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\c37ppq9a.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-04-30 09:25:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-04-21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-04-21 03:41:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012-04-21 03:41:53 | 000,001,892 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml [2012-04-21 03:41:53 | 000,004,558 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml [2012-04-21 03:41:53 | 000,001,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml O1 HOSTS File: ([2011-10-02 21:57:46 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b:8b27344293]64bit:[/b:8b27344293] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b:8b27344293]64bit:[/b:8b27344293] - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:[b:8b27344293]64bit:[/b:8b27344293] - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files (x86)\Online Armor\oaui.exe (Emsi Software GmbH) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3085547568-1381025367-4261561674-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:[b:8b27344293]64bit:[/b:8b27344293] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:[b:8b27344293]64bit:[/b:8b27344293] - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b:8b27344293]64bit:[/b:8b27344293] - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b:8b27344293]64bit:[/b:8b27344293] - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b:8b27344293]64bit:[/b:8b27344293] - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:[b:8b27344293]64bit:[/b:8b27344293] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.109.104.104 194.109.6.66 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB0814EA-BB8B-4E53-A0A5-E546798FDC2A}: DhcpNameServer = 194.109.104.104 194.109.6.66 O20:[b:8b27344293]64bit:[/b:8b27344293] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b:8b27344293]64bit:[/b:8b27344293] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b:8b27344293]64bit:[/b:8b27344293] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b:8b27344293]64bit:[/b:8b27344293] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\..comfile [open] -- "%1" %* O35:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b:8b27344293]64bit:[/b:8b27344293] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717:8b27344293]========== Files/Folders - Created Within 30 Days ==========[/color:8b27344293] [2012-06-02 10:48:59 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Gebruiker\Desktop\OTL.com [2012-05-31 05:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012-05-31 04:54:02 | 000,028,504 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys [2012-05-22 22:33:24 | 000,000,000 | ---D | C] -- C:\Users\Gebruiker\AppData\Roaming\OnlineArmor [2012-05-22 22:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\OnlineArmor [2012-05-22 22:32:22 | 000,040,512 | ---- | C] (Emsisoft) -- C:\Windows\SysWow64\drivers\OAmon.sys [2012-05-22 22:32:22 | 000,035,368 | ---- | C] (Emsisoft) -- C:\Windows\SysNative\drivers\OAnet.sys [2012-05-22 22:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Armor [2012-05-22 22:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Online Armor [2012-05-22 22:05:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware [2012-05-13 07:58:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-05-13 07:42:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe [2012-05-13 07:41:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2012-05-13 07:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [color=#E56717:8b27344293]========== Files - Modified Within 30 Days ==========[/color:8b27344293] [2012-06-02 10:49:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gebruiker\Desktop\OTL.com [2012-06-02 10:13:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-06-02 10:00:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-06-02 07:11:49 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-06-02 07:11:49 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-06-02 07:09:10 | 001,743,760 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-06-02 07:09:10 | 000,775,754 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat [2012-06-02 07:09:10 | 000,678,648 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-06-02 07:09:10 | 000,164,648 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat [2012-06-02 07:09:10 | 000,129,696 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-06-02 07:04:11 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-06-02 07:03:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-06-02 07:03:43 | 2414,436,352 | -HS- | M] () -- C:\hiberfil.sys [2012-06-01 06:59:25 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012-05-31 22:07:27 | 000,061,624 | ---- | M] () -- C:\Windows\SysWow64\drivers\OADriver.sys [2012-05-31 22:07:27 | 000,040,512 | ---- | M] (Emsisoft) -- C:\Windows\SysWow64\drivers\OAmon.sys [2012-05-31 22:07:27 | 000,035,368 | ---- | M] (Emsisoft) -- C:\Windows\SysNative\drivers\OAnet.sys [2012-05-31 22:05:22 | 000,061,624 | ---- | M] () -- C:\Windows\SysWow64\drivers\oahlp64.sys [2012-05-20 08:24:56 | 000,004,343 | ---- | M] () -- C:\WirelessDiagLog.csv [2012-05-09 17:22:01 | 000,291,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [color=#E56717:8b27344293]========== Files Created - No Company Name ==========[/color:8b27344293] [2012-05-22 22:32:22 | 000,061,624 | ---- | C] () -- C:\Windows\SysWow64\drivers\oahlp64.sys [2012-05-22 22:32:22 | 000,061,624 | ---- | C] () -- C:\Windows\SysWow64\drivers\OADriver.sys [2012-05-13 07:45:45 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-05-13 07:39:50 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk [2012-02-11 08:50:14 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini [2012-02-11 08:50:13 | 000,025,472 | ---- | C] () -- C:\Windows\SysWow64\drivers\sncamd.sys [2012-02-11 08:50:12 | 012,067,328 | ---- | C] () -- C:\Windows\SysWow64\drivers\snp2sxp.sys [2012-02-11 08:50:12 | 000,151,552 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2std.dll [2011-12-26 09:29:02 | 000,004,608 | ---- | C] () -- C:\Users\Gebruiker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-11-11 09:51:45 | 001,764,134 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-07-02 09:08:58 | 000,007,668 | ---- | C] () -- C:\Users\Gebruiker\AppData\Local\resmon.resmoncfg [2011-06-25 11:41:41 | 000,356,352 | ---- | C] () -- C:\Windows\EMCRI.dll [color=#E56717:8b27344293]========== LOP Check ==========[/color:8b27344293] [2011-09-24 06:45:59 | 000,000,000 | ---D | M] -- C:\Users\Gebruiker\AppData\Roaming\aignes [2011-06-26 10:03:17 | 000,000,000 | ---D | M] -- C:\Users\Gebruiker\AppData\Roaming\Auslogics [2011-10-10 06:32:52 | 000,000,000 | ---D | M] -- C:\Users\Gebruiker\AppData\Roaming\AutoSizer [2012-04-30 10:17:01 | 000,000,000 | ---D | M] -- C:\Users\Gebruiker\AppData\Roaming\HTC [2012-04-30 10:27:43 | 000,000,000 | ---D | M] -- C:\Users\Gebruiker\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2012-05-22 22:33:32 | 000,000,000 | ---D | M] -- C:\Users\Gebruiker\AppData\Roaming\OnlineArmor [2011-07-17 15:36:10 | 000,000,000 | ---D | M] -- C:\Users\Gebruiker\AppData\Roaming\OpenOffice.org [2012-04-06 07:02:11 | 000,000,000 | ---D | M] -- C:\Users\Gebruiker\AppData\Roaming\PCToolsFirewallPlus [2012-05-31 19:39:10 | 000,000,000 | ---D | M] -- C:\Users\Gebruiker\AppData\Roaming\SoftGrid Client [2012-02-27 11:00:08 | 000,000,000 | ---D | M] -- C:\Users\Gebruiker\AppData\Roaming\TP [2011-09-17 09:06:43 | 000,000,000 | ---D | M] -- C:\Users\Gebruiker\AppData\Roaming\WinBatch [2011-12-23 08:40:40 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717:8b27344293]========== Purity Check ==========[/color:8b27344293] [color=#E56717:8b27344293]========== Alternate Data Streams ==========[/color:8b27344293] @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:C31F31E6 < End of report > En hier de Extras.txt: OTL Extras logfile created on: 2-6-2012 10:53:53 - Run 1 OTL by OldTimer - Version 3.2.45.0 Folder = C:\Users\Gebruiker\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3,00 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 59,71% Memory free 5,99 Gb Paging File | 4,75 Gb Available in Paging File | 79,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 93,06 Gb Total Space | 43,67 Gb Free Space | 46,93% Space Free | Partition Type: NTFS Computer Name: GEBRUIKER-PC | User Name: Gebruiker | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:8b27344293]========== Extra Registry (SafeList) ==========[/color:8b27344293] [color=#E56717:8b27344293]========== File Associations ==========[/color:8b27344293] [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-3085547568-1381025367-4261561674-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717:8b27344293]========== Shell Spawning ==========[/color:8b27344293] [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- Reg Error: Key error. htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- Reg Error: Key error. CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- Reg Error: Key error. htmlfile [opennew] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- Reg Error: Key error. CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error. [color=#E56717:8b27344293]========== Security Center Settings ==========[/color:8b27344293] [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717:8b27344293]========== System Restore Settings ==========[/color:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717:8b27344293]========== Firewall Settings ==========[/color:8b27344293] [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b:8b27344293]64bit:[/b:8b27344293] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717:8b27344293]========== Authorized Applications List ==========[/color:8b27344293] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717:8b27344293]========== Vista Active Open Ports Exception List ==========[/color:8b27344293] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{095F233E-7912-4B5B-B3B9-3CEBF68C0761}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{10110771-0F6D-4363-AE7A-4D71C8437163}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{16C807E4-3152-4411-AD52-F1420543614D}" = lport=138 | protocol=17 | dir=in | app=system | "{2C881D0B-F124-4503-A5DC-CC90B3FD1B0F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2DD1AAA8-0451-496C-B7AD-8ABA0578AE28}" = lport=10243 | protocol=6 | dir=in | app=system | "{49455B77-BF89-42F7-BFD8-58B9D5F33411}" = rport=138 | protocol=17 | dir=out | app=system | "{5F71762C-D068-4D09-A2B1-830651C6B5B1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{71D34AAC-A16B-44B8-AFE2-F35F3470ABF1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{7494A506-BE70-46E9-A038-1870E1E89171}" = lport=139 | protocol=6 | dir=in | app=system | "{76E8AFAB-963B-48B7-9B6C-E735650897F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7E3EB504-B8CC-445F-A7E8-660A6D864B70}" = rport=445 | protocol=6 | dir=out | app=system | "{8609BB52-2AF2-4505-BF50-F844DD769A11}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8B5824CB-0E43-480E-9950-4DFC0BDBA194}" = lport=2869 | protocol=6 | dir=in | app=system | "{911B2588-DDBD-4EFC-91A9-17E92E35A3DF}" = lport=137 | protocol=17 | dir=in | app=system | "{9288EB76-8A85-4B0D-A8C1-28A87B49E129}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{928D9FB6-F213-4E2C-B280-1BBA959E0B4D}" = rport=137 | protocol=17 | dir=out | app=system | "{AB9C67E8-C388-4043-A7AF-4018716C87D2}" = lport=445 | protocol=6 | dir=in | app=system | "{B97A74A3-A5DE-4B7E-B222-088BFC99C287}" = rport=139 | protocol=6 | dir=out | app=system | "{D8711E85-7A0E-4AAA-B8EB-2D97CD6CDBF1}" = rport=10243 | protocol=6 | dir=out | app=system | "{E9A6B277-0AA9-4E57-B2A0-94244D8B7F88}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F1727AD7-EAEA-4D30-BC70-B3A0748A1A7C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717:8b27344293]========== Vista Active Application Exception List ==========[/color:8b27344293] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0494C2C6-22F4-4C38-B779-63B3EE0A5936}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1565F6FF-AF87-4EBD-87A8-AD84B1926CD3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{18153C6E-16F3-4E10-BCBE-F46A5AC63CE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2222CA80-2056-46CA-B6D3-1B30614FF79E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{26FDECB5-EC03-4641-AE93-2797711EF300}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{3232F57B-E089-4BF7-9887-F5E87C953319}" = protocol=6 | dir=out | app=system | "{42B8261E-532B-494D-89D4-D48C8BAE6A8C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{692CD322-6991-4F98-BF5D-3A40E0F37503}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{6CB43AD5-70B6-4B16-903E-1AE63A720BA6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{6F0061F6-08A3-4A3F-90B4-61E602E4E5AC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{83CFD8B4-55F8-4DC3-B7AC-71BC00E260F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{889FFDDF-FE6B-41E3-84D9-6FD0E097DF2B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8F5AB8BD-CD19-4197-B9AA-FB474504F41C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{9C6BE48C-93FA-4265-8951-FB93FAC69C76}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{9F424FAA-DAC5-4DF3-85A7-90FCF41636EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{AEE3D08B-F0C9-41C7-BD84-2D81C747C1C9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D8533722-554D-454C-A0F0-657DCC4922D8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{DCFF8890-EA90-4CDF-A583-2E689FCCCE03}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E651C73E-EF54-4245-8B5D-510735126C50}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | [color=#E56717:8b27344293]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:8b27344293] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{4567EA14-6BCA-3EF9-859B-92CE48B1D704}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{57DD35E9-D9BB-4089-BB05-EF933C586CB3}" = Broadcom InConcert Maestro "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}" = Broadcom Bluetooth Software "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-006D-0413-1000-0000000FF1CE}" = Microsoft Office Klik-en-Klaar 2010 "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support "{B90E5EBE-DF18-44D5-9D18-689ADEE9DA6C}" = Intel(R) PROSet/Wireless WiFi-software "{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}" = O&O Defrag Free Edition "{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD "NVIDIA Drivers" = NVIDIA Drivers "ProInst" = Intel PROSet Wireless [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{4A423411-E28A-4A13-BDB0-8E8BC42FFA29}" = HTC Sync "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer "{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202) "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7F362F06-A9A3-440F-8B19-6A01A72723C4}" = AuthenTec Fingerprint Sensor Minimum Install "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{90140011-0061-0413-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - Nederlands "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1043-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Nederlands "{D1BA1F1C-D88B-405D-953F-D7074B65453D}" = LifeView DTV "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe AIR" = Adobe AIR "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "avast" = avast! Free Antivirus "CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.3 "ESET Online Scanner" = ESET Online Scanner v3 "FileHippo.com" = FileHippo.com Update Checker "InstallShield_{D1BA1F1C-D88B-405D-953F-D7074B65453D}" = LifeView DTV "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.60.1.1000 "Mozilla Firefox 12.0 (x86 nl)" = Mozilla Firefox 12.0 (x86 nl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.Click2Run" = Microsoft Office Klik-en-Klaar 2010 "OnlineArmor_is1" = Online Armor 5.5 "Picasa 3" = Picasa 3 "Secunia PSI" = Secunia PSI (2.0.0.3003) [color=#E56717:8b27344293]========== Last 10 Event Log Errors ==========[/color:8b27344293] [ Application Events ] Error - 12-5-2012 18:31:11 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 13-5-2012 18:31:11 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 18-5-2012 18:31:26 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 19-5-2012 18:31:11 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 28-5-2012 16:11:55 | Computer Name = Gebruiker-PC | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: oasrv.exe, versie: 5.5.0.1557, tijdstempel: 0x2a425e19 Naam van module met fout: oasrv.exe, versie: 5.5.0.1557, tijdstempel: 0x2a425e19 Uitzonderingscode: 0xc0000005 Foutoffset: 0x00004a6f Id van proces met fout: 0x570 Starttijd van toepassing met fout: 0x01cd3d0a2bce3ed0 Pad naar toepassing met fout: C:\Program Files (x86)\Online Armor\oasrv.exe Pad naar module met fout: C:\Program Files (x86)\Online Armor\oasrv.exe Rapport-id: 5eaf04be-a901-11e1-9be8-0016cff7fe29 Error - 28-5-2012 16:22:38 | Computer Name = Gebruiker-PC | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: nvvsvc.exe, versie: 7.15.11.7967, tijdstempel: 0x49b13057 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel: 0x4ec4aa8e Uitzonderingscode: 0xc0000005 Foutoffset: 0x0000000000020a4a Id van proces met fout: 0x334 Starttijd van toepassing met fout: 0x01cd3d0e3fff5a3b Pad naar toepassing met fout: C:\Windows\system32\nvvsvc.exe Pad naar module met fout: C:\Windows\SYSTEM32\ntdll.dll Rapport-id: ddb7582a-a902-11e1-a57f-0016cff7fe29 Error - 28-5-2012 17:02:56 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 29-5-2012 18:31:11 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 31-5-2012 13:51:14 | Computer Name = Gebruiker-PC | Source = CVHSVC | ID = 100 Description = Alleen informatie. (Patch task for {90140011-0061-0413-0000-0000000FF1CE}): DownloadLatest Failed: De naam of het adres van de server kan niet worden omgezet Error - 31-5-2012 18:31:13 | Computer Name = Gebruiker-PC | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. [ Media Center Events ] Error - 18-1-2012 22:17:11 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0 Description = 3:17:11 - Fout bij verbinden met internet. 3:17:11 - Kan geen contact maken met server.. Error - 18-1-2012 22:17:21 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0 Description = 3:17:16 - Fout bij verbinden met internet. 3:17:16 - Kan geen contact maken met server.. Error - 18-1-2012 23:17:25 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0 Description = 4:17:25 - Fout bij verbinden met internet. 4:17:25 - Kan geen contact maken met server.. Error - 18-1-2012 23:17:31 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0 Description = 4:17:30 - Fout bij verbinden met internet. 4:17:30 - Kan geen contact maken met server.. Error - 19-1-2012 0:17:36 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0 Description = 5:17:36 - Fout bij verbinden met internet. 5:17:36 - Kan geen contact maken met server.. Error - 19-1-2012 0:17:42 | Computer
  • Hierbij de rest van extra's.txt: Error - 19-1-2012 0:17:36 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0 Description = 5:17:36 - Fout bij verbinden met internet. 5:17:36 - Kan geen contact maken met server.. Error - 19-1-2012 0:17:42 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0 Description = 5:17:41 - Fout bij verbinden met internet. 5:17:41 - Kan geen contact maken met server.. Error - 19-1-2012 1:17:47 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0 Description = 6:17:47 - Fout bij verbinden met internet. 6:17:47 - Kan geen contact maken met server.. Error - 19-1-2012 1:17:54 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0 Description = 6:17:52 - Fout bij verbinden met internet. 6:17:52 - Kan geen contact maken met server.. Error - 31-3-2012 1:12:27 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0 Description = 7:12:27 - Fout bij verbinden met internet. 7:12:27 - Kan geen contact maken met server.. Error - 31-3-2012 1:12:33 | Computer Name = Gebruiker-PC | Source = MCUpdate | ID = 0 Description = 7:12:32 - Fout bij verbinden met internet. 7:12:32 - Kan geen contact maken met server.. [ System Events ] Error - 9-5-2012 11:17:46 | Computer Name = Gebruiker-PC | Source = Service Control Manager | ID = 7031 Description = De Microsoft .NET Framework NGEN v4.0.30319_X64-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 120000 milliseconden worden uitgevoerd: Service opnieuw starten. Error - 9-5-2012 11:18:01 | Computer Name = Gebruiker-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80070643: KB2656405: Beveiligingsupdate voor Microsoft .NET Framework 4 op Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 voor x64-systemen. Error - 9-5-2012 11:19:46 | Computer Name = Gebruiker-PC | Source = Service Control Manager | ID = 7032 Description = Servicebesturingsbeheer heeft na het onverwachte afsluiten van de Microsoft .NET Framework NGEN v4.0.30319_X64-service geprobeerd een herstelactie (Service opnieuw starten) uit te voeren, maar deze actie is met de volgende fout mislukt: %%1056 Error - 9-5-2012 11:22:40 | Computer Name = Gebruiker-PC | Source = SNMP | ID = 16713180 Description = De SNMP-service heeft een fout vastgesteld tijdens een poging toegang te krijgen tot de registersleutel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error - 9-5-2012 11:23:34 | Computer Name = Gebruiker-PC | Source = Service Control Manager | ID = 7024 Description = De HomeGroup Listener-service is gestopt met de specifieke servicefout %%-2147023143. Error - 9-5-2012 11:41:00 | Computer Name = Gebruiker-PC | Source = SNMP | ID = 16713180 Description = De SNMP-service heeft een fout vastgesteld tijdens een poging toegang te krijgen tot de registersleutel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error - 9-5-2012 11:41:35 | Computer Name = Gebruiker-PC | Source = DCOM | ID = 10010 Description = Error - 9-5-2012 11:41:34 | Computer Name = Gebruiker-PC | Source = Service Control Manager | ID = 7024 Description = De HomeGroup Listener-service is gestopt met de specifieke servicefout %%-2147023143. Error - 9-5-2012 12:01:55 | Computer Name = Gebruiker-PC | Source = bowser | ID = 8003 Description = Error - 12-5-2012 0:37:57 | Computer Name = Gebruiker-PC | Source = Service Control Manager | ID = 7034 Description = De Online Armor Helper Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. < End of report >
  • Hoi, verwijder handmatig de map [color=#0000FF:517a3c6e2c][b:517a3c6e2c]c:\program files (x86)\ESET[/b:517a3c6e2c][/color:517a3c6e2c]. Leeg daarna de prullenbak. Ik vermoed dat de Windows Firewall ook aktief is. Controleer dat; daarvoor ga je naar Start\Uitvoeren en de opdracht luidt: [b:517a3c6e2c]services.msc[/b:517a3c6e2c]. Klik op de knop OK. N.B.: Uitvoeren kan ook gestart worden door gelijktijdig de "Windowstoets + R-toets" in te drukken. In het venster Services scroll je naar [b:517a3c6e2c][color=#0000FF:517a3c6e2c]Windows Firewall[/color:517a3c6e2c][/b:517a3c6e2c]. Dubbelklikk op die vermelding, bij "Opstarttype" zet je de instelling op "Gedeaktiveerd". Klik nu eerst op de knop [b:517a3c6e2c]Toepassen[/b:517a3c6e2c]; vervolgens klik je op de knop [b:517a3c6e2c]Stoppen[/b:517a3c6e2c], wacht even en klik uiteindelijk op [b:517a3c6e2c]OK[/b:517a3c6e2c]. Daarna: [b:517a3c6e2c]Welk programma[/b:517a3c6e2c]: [color=#008000:517a3c6e2c][b:517a3c6e2c]ComboFix[/b:517a3c6e2c][/color:517a3c6e2c] [b:517a3c6e2c]Waarvoor/waarom[/b:517a3c6e2c]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:517a3c6e2c]Moeilijkheidsgraad[/b:517a3c6e2c]: Lees alles eerst goed vanwege de voorbereidingsfase. [b:517a3c6e2c]Downloadlokatie[/b:517a3c6e2c]: Dit programma absoluut naar het bureaublad downloaden! [b:517a3c6e2c]Download ComboFix via één van deze locaties[/b:517a3c6e2c]: [list:517a3c6e2c][*:517a3c6e2c][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:517a3c6e2c]Bleepingcomputer[/b:517a3c6e2c][/url] [*:517a3c6e2c][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:517a3c6e2c]ForoSpyware[/b:517a3c6e2c][/url] [*:517a3c6e2c][url=http://subs.geekstogo.com/ComboFix.exe][b:517a3c6e2c]Geekstogo[/b:517a3c6e2c][/url][/list:u:517a3c6e2c] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:517a3c6e2c]Hier[/b:517a3c6e2c][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608][b:517a3c6e2c][color=#0000FF:517a3c6e2c]Hier[/color:517a3c6e2c][/b:517a3c6e2c][/url] of [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607][color=#0000FF:517a3c6e2c][b:517a3c6e2c]hier[/b:517a3c6e2c][/color:517a3c6e2c][/url] kan je lezen hoe je dat doet. [b:517a3c6e2c]Voor alle duidelijkheid nogmaals[/b:517a3c6e2c]: ComboFix dient vanaf het bureaublad gestart te worden. [b:517a3c6e2c]Opmerkingen[/b:517a3c6e2c]: [list:517a3c6e2c][*:517a3c6e2c]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:517a3c6e2c]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:517a3c6e2c] [b:517a3c6e2c]ComboFix is opgestart[/b:517a3c6e2c]: [list:517a3c6e2c][*:517a3c6e2c]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:517a3c6e2c]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:517a3c6e2c]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:517a3c6e2c]Wanneer ComboFix gereed is, zal het een logbestand voor je maken. [*:517a3c6e2c]Post de inhoud van dit logbestand in je volgende bericht. [*:517a3c6e2c]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:517a3c6e2c] [b:517a3c6e2c]Belangrijke opmerking[/b:517a3c6e2c]: [list:517a3c6e2c][*:517a3c6e2c][b:517a3c6e2c][color=#0000FF:517a3c6e2c]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:517a3c6e2c][/b:517a3c6e2c] [*:517a3c6e2c][b:517a3c6e2c][color=#FF0000:517a3c6e2c]Illegal operation attempted on a registery key that has been marked for deletion.[/color:517a3c6e2c][/b:517a3c6e2c] [*:517a3c6e2c][b:517a3c6e2c][color=#008000:517a3c6e2c]Start dan de computer opnieuw op.[/color:517a3c6e2c][/b:517a3c6e2c][/list:u:517a3c6e2c]
  • De map C:\program files (X86) \ESET verwijderd. De Windows Firewall was al uitgeschakeld i.v.m. het gebruik van de Online Armor Firewall. Na opstarten Combofix verschijnt de melding: Commandline Standard Stream Splitter werkt niet meer. Windows wil programma afsluiten. Na het klikken op programma afsluiten (harde schijf lampje licht niet meer op) lijkt Combofix door te gaan met het volgende deel. Ik weet dus niet of de scan goed uitgevoerd is. Combofix heeft de computer opnieuw laten opstarten en er is een logbestand aangemaakt. Hieronder het logbestand: ComboFix 12-06-02.02 - Gebruiker 02-06-2012 12:22:30.4.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3070.1776 [GMT 2:00] Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} FW: Online Armor Firewall *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-05-02 to 2012-06-02 )))))))))))))))))))))))))))))) . . 2012-06-02 10:33 . 2012-06-02 10:36 -------- d-----w- c:\users\Gebruiker\AppData\Local\temp 2012-06-02 10:33 . 2012-06-02 10:33 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-06-02 10:33 . 2012-06-02 10:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-31 02:54 . 2012-03-07 00:02 28504 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-05-22 20:33 . 2012-05-28 20:15 -------- d-----w- c:\programdata\OnlineArmor 2012-05-22 20:33 . 2012-05-22 20:33 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\OnlineArmor 2012-05-22 20:32 . 2012-05-31 20:07 61624 ----a-w- c:\windows\SysWow64\drivers\OADriver.sys 2012-05-22 20:32 . 2012-05-31 20:07 40512 ----a-w- c:\windows\SysWow64\drivers\OAmon.sys 2012-05-22 20:32 . 2012-05-31 20:07 35368 ----a-w- c:\windows\system32\drivers\OAnet.sys 2012-05-22 20:32 . 2012-05-31 20:05 61624 ----a-w- c:\windows\SysWow64\drivers\oahlp64.sys 2012-05-22 20:32 . 2012-06-02 10:40 -------- d-----w- c:\program files (x86)\Online Armor 2012-05-22 20:05 . 2012-05-22 20:09 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware 2012-05-13 05:45 . 2012-06-01 00:13 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-13 05:45 . 2012-06-01 00:13 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-13 05:42 . 2012-05-13 05:42 -------- d-----w- c:\windows\SysWow64\Adobe 2012-05-13 05:41 . 2012-05-13 05:41 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR 2012-05-13 05:39 . 2012-05-13 05:39 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2012-05-09 15:08 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-05-09 15:08 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-09 15:08 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-09 15:08 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-05-09 15:08 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-09 15:08 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-09 15:07 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-09 15:07 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-09 15:06 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 15:06 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-01 00:13 . 2012-04-13 18:47 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-05-02 00:46 . 2012-05-02 00:46 4472832 ----a-w- c:\windows\SysWow64\GPhotos.scr 2012-04-19 05:16 . 2011-07-08 04:06 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2012-03-31 06:13 . 2011-06-28 20:50 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2012-03-31 06:13 . 2011-06-28 20:50 882512 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-03-07 00:15 . 2012-02-28 06:07 41184 ----a-w- c:\windows\avastSS.scr 2012-03-07 00:15 . 2012-02-28 06:07 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-03-07 00:15 . 2011-06-25 12:25 258520 ----a-w- c:\windows\system32\aswBoot.exe 2012-03-07 00:04 . 2012-02-28 06:07 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-07 00:04 . 2012-02-28 06:07 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-03-07 00:02 . 2012-02-28 06:07 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-03-07 00:01 . 2012-02-28 06:07 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-03-07 00:01 . 2012-02-28 06:07 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-03-07 00:01 . 2012-02-28 06:07 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512] "combofix"="c:\combofix\CF27449.3XE" [2010-11-20 345088] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . Inhoud van de 'Gedeelde Taken' map . 2012-06-02 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-13 00:13] . 2012-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-20 05:45] . 2012-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-20 05:45] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-07 00:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "@OnlineArmor GUI"="c:\program files (x86)\Online Armor\oaui.exe" [2012-05-31 2346592] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ig?hl=nl&t=0 uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 194.109.104.104 194.109.6.66 DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\c37ppq9a.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?source=gama&hl=nl . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe . . . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Online Armor\OAcat.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe c:\program files (x86)\Secunia\PSI\sua.exe c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE . ************************************************************************** . Voltooingstijd: 2012-06-02 12:52:20 - machine werd herstart ComboFix-quarantined-files.txt 2012-06-02 10:52 . Pre-Run: 45.794.496.512 bytes beschikbaar Post-Run: 45.722.992.640 bytes beschikbaar . - - End Of File - - A596D977DA3EA219F72576EA851A6976
  • Vreemd die foutmelding. Het enigste wat ComboFix nochtans verwijdert heeft is een laatste rest van Eset!
  • Nog verdere acties ondernemen of is het probleem opgelost? Firefox start nog steeds langzamer op dan 1 week geleden.
  • Kontroleer in Firefox de geïnstalleerde Add-ons en ook Plug-ins. Want OTL geeft bijv. aan dat Firefox de Apple plug-ins niet meer kan vinden! Mogelijk dat dit alles samenhangt met het trage opstarten. Zowiezo geldt: hoe meer add-ons hoe langzamer FF opstart. En doe ook het volgende: Download [url=http://download.bleepingcomputer.com/farbar/MiniToolBox.exe]MiniToolBox[/url] en plaats dit tool op jouw bureaublad. [b:b2f6a8019a]"Farbar MiniToolBox" gebruiken[/b:b2f6a8019a]: [list:b2f6a8019a][*:b2f6a8019a] [b:b2f6a8019a][color=#0000FF:b2f6a8019a]Sluit nu eerst alle nog openstaande programmavensters![/color:b2f6a8019a][/b:b2f6a8019a] [list:b2f6a8019a][*:b2f6a8019a][b:b2f6a8019a][color=#0000FF:b2f6a8019a]Windows 2000[/color:b2f6a8019a][/b:b2f6a8019a] en [color=#0000FF:b2f6a8019a][b:b2f6a8019a]Windows XP[/b:b2f6a8019a][/color:b2f6a8019a]: start "MiniToolBox.exe" via dubbelklikken. [*:b2f6a8019a][color=#0000FF:b2f6a8019a][b:b2f6a8019a]Windows Vista[/b:b2f6a8019a][/color:b2f6a8019a] en [color=#0000FF:b2f6a8019a][b:b2f6a8019a]Windows 7[/b:b2f6a8019a][/color:b2f6a8019a]: start "MiniToolBox.exe" via rechtsklik [b:b2f6a8019a]Als Administrator uitvoeren[/b:b2f6a8019a].[/list:u:b2f6a8019a][/list:u:b2f6a8019a] Vink de volgende onderdelen aan: [list:b2f6a8019a] [*:b2f6a8019a]Flush DNS [*:b2f6a8019a]Report IE Proxy Settings [*:b2f6a8019a]Reset IE Proxy Settings [*:b2f6a8019a]Report FF Proxy Settings [*:b2f6a8019a]Reset FF Proxy Settings [*:b2f6a8019a]List content of Hosts [*:b2f6a8019a]List IP configuration [*:b2f6a8019a]List Winsock Entries [*:b2f6a8019a]List last 10 Event Viewer log [*:b2f6a8019a]Aansluitend wordt een log aangemaakt (Result.txt) in de zelfde map waar "MiniToolBox.exe" in zit. [*:b2f6a8019a]Kopieer en plak de inhoud van het log in jouw volgende bericht.[/list:u:b2f6a8019a][/list] [color=#008000:b2f6a8019a][b:b2f6a8019a]Notabene:[/b:b2f6a8019a][/color:b2f6a8019a] indien "Reset FF Proxy Settings" gekozen is, dient Firefox afgesloten te zijn!
  • Hoe kan ik de add-ons verwijderen? FF start nog steeds traag op. Hierbij het logbestand: MiniToolBox by Farbar Version: 14-01-2012 Ran by Gebruiker (administrator) on 02-06-2012 at 14:50:16 Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP-configuratie De DNS-omzettingscache is leeggemaakt. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== "Reset FF Proxy Settings": Firefox Proxy settings were reset. ========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ Intel(R) PRO/Wireless 3945ABG Network Connection = Draadloze netwerkverbinding (Connected) Realtek PCIe GBE Family Controller = LAN-verbinding (Media disconnected) Bluetooth Personal Area Network = LAN-verbinding 2 (Media disconnected) # ---------------------------------- # IPv4-configuratie # ---------------------------------- pushd interface ipv4 reset set global set subinterface interface=??????? subinterface=ethernet_9 mtu=1477 set subinterface interface=??????? subinterface=ethernet_10 mtu=1477 popd # Einde van IPv4-configuratie Windows IP-configuratie Hostnaam . . . . . . . . . . . . : Gebruiker-PC Primair DNS-achtervoegsel . . . . : Knooppunttype . . . . . . . . . . : hybride IP-routering ingeschakeld . . . . : nee WINS-proxy ingeschakeld . . . . . : nee Ethernet-adapter voor LAN-verbinding 2: Mediumstatus. . . . . . . . . . . : medium ontkoppeld Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Bluetooth Personal Area Network Fysiek adres. . . . . . . . . . . : 00-16-CF-F7-FE-29 DHCP ingeschakeld . . . . . . . . : ja Autom. configuratie ingeschakeld : ja Ethernet-adapter voor LAN-verbinding: Mediumstatus. . . . . . . . . . . : medium ontkoppeld Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Realtek PCIe GBE Family Controller Fysiek adres. . . . . . . . . . . : 00-16-D4-D9-DD-5E DHCP ingeschakeld . . . . . . . . : ja Autom. configuratie ingeschakeld : ja Draadloos LAN-adapter voor Draadloze netwerkverbinding: Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Intel(R) PRO/Wireless 3945ABG Network Connection Fysiek adres. . . . . . . . . . . : 00-1B-77-1A-91-58 DHCP ingeschakeld . . . . . . . . : ja Autom. configuratie ingeschakeld : ja Link-local IPv6-adres . . . . . . : fe80::8980:5503:6acf:518f%10(voorkeur) IPv4-adres. . . . . . . . . . . . : 192.168.1.102(voorkeur) Subnetmasker. . . . . . . . . . . : 255.255.255.0 Lease verkregen . . . . . . . . . : zaterdag 2 juni 2012 13:42:36 Lease verlopen. . . . . . . . . . : zondag 3 juni 2012 13:42:35 Standaardgateway. . . . . . . . . : 192.168.1.1 DHCP-server . . . . . . . . . . . : 192.168.1.1 DHCPv6 IAID . . . . . . . . . . . : 184556407 DHCPv6-client DUID. . . . . . . . : 00-01-00-01-15-95-F6-CA-00-16-D4-D9-DD-5E DNS-servers . . . . . . . . . . . : 194.109.104.104 194.109.6.66 NetBIOS via TCPIP . . . . . . . . : ingeschakeld Tunnel-adapter voor isatap.{DB0814EA-BB8B-4E53-A0A5-E546798FDC2A}: Mediumstatus. . . . . . . . . . . : medium ontkoppeld Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP ingeschakeld . . . . . . . . : nee Autom. configuratie ingeschakeld : ja Tunnel-adapter voor Teredo Tunneling Pseudo-Interface: Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP ingeschakeld . . . . . . . . : nee Autom. configuratie ingeschakeld : ja IPv6-adres. . . . . . . . . . . . : 2001:0:5ef5:79fb:3ced:eff:3f57:fe99(voorkeur) Link-local IPv6-adres . . . . . . : fe80::3ced:eff:3f57:fe99%14(voorkeur) Standaardgateway. . . . . . . . . : :: NetBIOS via TCPIP . . . . . . . . : uitgeschakeld Server: resolver.xs4all.nl Address: 194.109.104.104 Naam: google.com Addresses: 2a00:1450:4007:802::1005 173.194.78.113 173.194.78.138 173.194.78.100 173.194.78.102 173.194.78.101 173.194.78.139 Pingen naar google.com [173.194.78.139] met 32 bytes aan gegevens: Antwoord van 173.194.78.139: bytes=32 tijd=32 ms TTL=49 Antwoord van 173.194.78.139: bytes=32 tijd=32 ms TTL=49 Ping-statistieken voor 173.194.78.139: Pakketten: verzonden = 2, ontvangen = 2, verloren = 0 (0% verlies). De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden: Minimum = 32ms, Maximum = 32ms, Gemiddelde = 32ms Server: resolver.xs4all.nl Address: 194.109.104.104 Naam: yahoo.com Addresses: 98.139.183.24 72.30.38.140 209.191.122.70 Pingen naar yahoo.com [209.191.122.70] met 32 bytes aan gegevens: Antwoord van 209.191.122.70: bytes=32 tijd=163 ms TTL=52 Antwoord van 209.191.122.70: bytes=32 tijd=164 ms TTL=52 Ping-statistieken voor 209.191.122.70: Pakketten: verzonden = 2, ontvangen = 2, verloren = 0 (0% verlies). De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden: Minimum = 163ms, Maximum = 164ms, Gemiddelde = 163ms Server: resolver.xs4all.nl Address: 194.109.104.104 Naam: bleepingcomputer.com Address: 208.43.87.2 Pingen naar bleepingcomputer.com [208.43.87.2] met 32 bytes aan gegevens: Antwoord van 208.43.87.2: De doelhost is niet bereikbaar. Antwoord van 208.43.87.2: De doelhost is niet bereikbaar. Ping-statistieken voor 208.43.87.2: Pakketten: verzonden = 2, ontvangen = 2, verloren = 0 (0% verlies). Pingen naar 127.0.0.1 met 32 bytes aan gegevens: Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128 Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128 Ping-statistieken voor 127.0.0.1: Pakketten: verzonden = 2, ontvangen = 2, verloren = 0 (0% verlies). De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden: Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms =========================================================================== Interfacelijst 16...00 16 cf f7 fe 29 ......Bluetooth Personal Area Network 11...00 16 d4 d9 dd 5e ......Realtek PCIe GBE Family Controller 10...00 1b 77 1a 91 58 ......Intel(R) PRO/Wireless 3945ABG Network Connection 1...........................Software Loopback Interface 1 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4 routetabel =========================================================================== Actieve routes: Netwerkadres Netmasker Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 25 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.102 281 192.168.1.102 255.255.255.255 On-link 192.168.1.102 281 192.168.1.255 255.255.255.255 On-link 192.168.1.102 281 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.102 281 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.102 281 =========================================================================== Permanente routes: Geen IPv6 routetabel =========================================================================== Actieve routes: Indien metrische netwerkbestemming Gateway 14 58 ::/0 On-link 1 306 ::1/128 On-link 14 58 2001::/32 On-link 14 306 2001:0:5ef5:79fb:3ced:eff:3f57:fe99/128 On-link 10 281 fe80::/64 On-link 14 306 fe80::/64 On-link 14 306 fe80::3ced:eff:3f57:fe99/128 On-link 10 281 fe80::8980:5503:6acf:518f/128 On-link 1 306 ff00::/8 On-link 14 306 ff00::/8 On-link 10 281 ff00::/8 On-link =========================================================================== Permanente routes: Geen ========================= Winsock entries ===================================== Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation) Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation) Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation) Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation) Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation) x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation) x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation) x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation) x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.) x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (06/02/2012 00:29:03 PM) (Source: Application Error) (User: ) Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Uitzonderingscode: 0xc0000005 Foutoffset: 0x00002833 Id van proces met fout: 0x131c Starttijd van toepassing met fout: 0xmtee.3XE0 Pad naar toepassing met fout: mtee.3XE1 Pad naar module met fout: mtee.3XE2 Rapport-id: mtee.3XE3 Error: (06/02/2012 00:28:56 PM) (Source: Application Error) (User: ) Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Uitzonderingscode: 0xc0000005 Foutoffset: 0x00002833 Id van proces met fout: 0x165c Starttijd van toepassing met fout: 0xmtee.3XE0 Pad naar toepassing met fout: mtee.3XE1 Pad naar module met fout: mtee.3XE2 Rapport-id: mtee.3XE3 Error: (06/02/2012 00:28:41 PM) (Source: Application Error) (User: ) Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Uitzonderingscode: 0xc0000005 Foutoffset: 0x00002833 Id van proces met fout: 0x1658 Starttijd van toepassing met fout: 0xmtee.3XE0 Pad naar toepassing met fout: mtee.3XE1 Pad naar module met fout: mtee.3XE2 Rapport-id: mtee.3XE3 Error: (06/02/2012 00:28:38 PM) (Source: Application Error) (User: ) Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Uitzonderingscode: 0xc0000005 Foutoffset: 0x00002833 Id van proces met fout: 0x1098 Starttijd van toepassing met fout: 0xmtee.3XE0 Pad naar toepassing met fout: mtee.3XE1 Pad naar module met fout: mtee.3XE2 Rapport-id: mtee.3XE3 Error: (06/02/2012 00:28:33 PM) (Source: Application Error) (User: ) Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Uitzonderingscode: 0xc0000005 Foutoffset: 0x00002833 Id van proces met fout: 0x17b8 Starttijd van toepassing met fout: 0xmtee.3XE0 Pad naar toepassing met fout: mtee.3XE1 Pad naar module met fout: mtee.3XE2 Rapport-id: mtee.3XE3 Error: (06/02/2012 00:28:28 PM) (Source: Application Error) (User: ) Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Uitzonderingscode: 0xc0000005 Foutoffset: 0x00002833 Id van proces met fout: 0x172c Starttijd van toepassing met fout: 0xmtee.3XE0 Pad naar toepassing met fout: mtee.3XE1 Pad naar module met fout: mtee.3XE2 Rapport-id: mtee.3XE3 Error: (06/02/2012 00:28:23 PM) (Source: Application Error) (User: ) Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Uitzonderingscode: 0xc0000005 Foutoffset: 0x00002833 Id van proces met fout: 0x1190 Starttijd van toepassing met fout: 0xmtee.3XE0 Pad naar toepassing met fout: mtee.3XE1 Pad naar module met fout: mtee.3XE2 Rapport-id: mtee.3XE3 Error: (06/02/2012 00:28:18 PM) (Source: Application Error) (User: ) Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Uitzonderingscode: 0xc0000005 Foutoffset: 0x00002833 Id van proces met fout: 0xe38 Starttijd van toepassing met fout: 0xmtee.3XE0 Pad naar toepassing met fout: mtee.3XE1 Pad naar module met fout: mtee.3XE2 Rapport-id: mtee.3XE3 Error: (06/02/2012 00:28:12 PM) (Source: Application Error) (User: ) Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Uitzonderingscode: 0xc0000005 Foutoffset: 0x00002833 Id van proces met fout: 0x13f8 Starttijd van toepassing met fout: 0xmtee.3XE0 Pad naar toepassing met fout: mtee.3XE1 Pad naar module met fout: mtee.3XE2 Rapport-id: mtee.3XE3 Error: (06/02/2012 00:28:06 PM) (Source: Application Error) (User: ) Description: Naam van toepassing met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Naam van module met fout: mtee.3XE, versie: 2.0.0.0, tijdstempel: 0x3f4d232a Uitzonderingscode: 0xc0000005 Foutoffset: 0x00002833 Id van proces met fout: 0xcf0 Starttijd van toepassing met fout: 0xmtee.3XE0 Pad naar toepassing met fout: mtee.3XE1 Pad naar module met fout: mtee.3XE2 Rapport-id: mtee.3XE3 System errors: ============= Error: (06/02/2012 01:43:32 PM) (Source: DCOM) (User: ) Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Error: (06/02/2012 01:42:58 PM) (Source: SNMP) (User: ) Description: De SNMP-service heeft een fout vastgesteld tijdens een poging toegang te krijgen tot de registersleutel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (06/02/2012 00:35:59 PM) (Source: DCOM) (User: ) Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Error: (06/02/2012 00:35:26 PM) (Source: Service Control Manager) (User: ) Description: De Windows Defender-service is gestopt met de volgende foutcode: %%126. Error: (06/02/2012 00:35:26 PM) (Source: SNMP) (User: ) Description: De SNMP-service heeft een fout vastgesteld tijdens een poging toegang te krijgen tot de registersleutel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (06/02/2012 00:33:55 PM) (Source: Service Control Manager) (User: ) Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. Error: (06/02/2012 00:26:35 PM) (Source: Service Control Manager) (User: ) Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. Error: (06/02/2012 07:04:53 AM) (Source: DCOM) (User: ) Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Error: (06/02/2012 07:04:44 AM) (Source: Service Control Manager) (User: ) Description: De HomeGroup Listener-service is gestopt met de specifieke servicefout %%-2147023143. Error: (06/02/2012 07:04:15 AM) (Source: SNMP) (User: ) Description: De SNMP-service heeft een fout vastgesteld tijdens een poging toegang te krijgen tot de registersleutel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Microsoft Office Sessions: ========================= Error: (06/02/2012 00:29:03 PM) (Source: Application Error)(User: ) Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833131c01cd40aa87bf4839C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEc57095d9-ac9d-11e1-a4ee-0016cff7fe29 Error: (06/02/2012 00:28:56 PM) (Source: Application Error)(User: ) Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833165c01cd40aa83966e22C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEc14a1d23-ac9d-11e1-a4ee-0016cff7fe29 Error: (06/02/2012 00:28:41 PM) (Source: Application Error)(User: ) Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833165801cd40aa7aa6e3bbC:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEb858315c-ac9d-11e1-a4ee-0016cff7fe29 Error: (06/02/2012 00:28:38 PM) (Source: Application Error)(User: ) Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833109801cd40aa78e29e47C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEb6964d48-ac9d-11e1-a4ee-0016cff7fe29 Error: (06/02/2012 00:28:33 PM) (Source: Application Error)(User: ) Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac00000050000283317b801cd40aa762dedd7C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEb3df3b78-ac9d-11e1-a4ee-0016cff7fe29 Error: (06/02/2012 00:28:28 PM) (Source: Application Error)(User: ) Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833172c01cd40aa736af526C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEb11c42c7-ac9d-11e1-a4ee-0016cff7fe29 Error: (06/02/2012 00:28:23 PM) (Source: Application Error)(User: ) Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833119001cd40aa70596f0bC:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEae085b4c-ac9d-11e1-a4ee-0016cff7fe29 Error: (06/02/2012 00:28:18 PM) (Source: Application Error)(User: ) Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833e3801cd40aa6d42ff20C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEaaf1eb60-ac9d-11e1-a4ee-0016cff7fe29 Error: (06/02/2012 00:28:12 PM) (Source: Application Error)(User: ) Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac00000050000283313f801cd40aa69b35017C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEa7649db8-ac9d-11e1-a4ee-0016cff7fe29 Error: (06/02/2012 00:28:06 PM) (Source: Application Error)(User: ) Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833cf001cd40aa65f666e9C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEa3a55329-ac9d-11e1-a4ee-0016cff7fe29 **** End of log ****
  • Als jij FF open hebt staan, heb je dan linksboven een oranje knop er zitten of heb je de menubalk aanstaan. Ingeval dus van die oranje knop, klik daarop en in het rechter gedeelte van het contekst-menu vind je add-ons, daar klik je dan op. Ingeval de menubalk is geaktiveerd, dan klik je op Extra en dan op Add-ons.
  • Dank voor je reactie; add-ons zijn verwijderd!!!! Zijn er nog bijzondere dingen gekomen uit het log van de MiniToolBox die een vervolg moeten hebben? Zo nee, dan ga ik de gebruikte programma's verwijderen. Misschien de Chrome webbrowser eens uitproberen? Oh ja, nog een security check uitvoeren? Ik bedenk me ineens dat deze laptop op een draadloos netwerk draait. Zou het ook aan de router kunnen liggen? Ik heb hier nl. de afgelopen dagen wat problemen mee gehad maar volgens mij doet ie het nu weer goed. Router:Linksys (Cisco) Wireless ADSL Home Gateway WAG 200 G Annex-B.
  • Je schreef eerder: "Na opstarten Combofix verschijnt de melding: Commandline Standard Stream Splitter werkt niet meer. Windows wil programma afsluiten. Na het klikken op programma afsluiten (harde schijf lampje licht niet meer op) lijkt Combofix door te gaan met het volgende deel". Het vreemde is nu dat het missende onderdeel nu deel uitmaakt van een andere foutmelding: Error: (06/02/2012 00:29:03 PM) (Source: Application Error)(User: ) Description: mtee.3XE2.0.0.03f4d232amtee.3XE2.0.0.03f4d232ac000000500002833131c01cd40aa87bf4839C:\ComboFix\mtee.3XEC:\ComboFix\mtee.3XEc57095d9-ac9d-11e1-a4ee-0016cff7fe29 Ik vind dit allemaal maar heel vreemd, temeer daar ComboFix zelf geen gewag ervan gemaakt heeft dat bestand verplaatst te hebben!
  • Kan ik hier nog iets aan doen of moet ik geduld hebben totdat jij verder onderzoek kunt doen?
  • Ik ga ervan uit dat [b:6416fa8cda]mtee.3XE[/b:6416fa8cda] in System32 behoort. Probeer dus of je dat bestand uit C:\Combofix daar naar toe kan kopiëren. En niet ongeduldig worden. Jij bent bij lange na niet de enigste die ik aan het helpen ben!
  • Kan het bestand mtee.3XE niet vinden op mijn laptop op de aangegeven lokatie. Ik realiseer me dat ik niet de enige ben op dit forum die graag een antwoord van je wil. Het is niet mijn bedoeling om je op enigerlei manier te haasten of stressen!!!! Jammer dat dit zo bij je overgekomen is; ik maak al jaren gebruik van jouw adviezen en oplossingen en ben daar zeer tevreden over!!
  • Oké. We gaan zoeken: Optie B "custom search" zoek bestanden en mappen op de schijf waar je windows staat m.b.v. keywords. [b:95526506ec]Welk programma[/b:95526506ec]: Zoek.exe [b:95526506ec]Waarvoor/waarom[/b:95526506ec]: multifunktioneel tool [b:95526506ec]Moeilijkheidsgraad[/b:95526506ec]: geen. [b:95526506ec]Download[/b:95526506ec]: [url=http://home.kpn.nl/stefsmeenk/zoek.exe][b:95526506ec]zoek.exe[/b:95526506ec][/url] [b:95526506ec]"Zoek.exe" gebruiken[/b:95526506ec]: [list:95526506ec][*:95526506ec] [b:95526506ec][color=#0000FF:95526506ec]Sluit nu eerst alle nog openstaande programmavensters![/color:95526506ec][/b:95526506ec] [*:95526506ec]Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608][b:95526506ec][color=#0000FF:95526506ec]hier[/color:95526506ec][/b:95526506ec][/url] of [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607][color=#0000FF:95526506ec][b:95526506ec]hier[/b:95526506ec][/color:95526506ec][/url] kan je lezen hoe je dat doet. [list:95526506ec][*:95526506ec][b:95526506ec][color=#0000FF:95526506ec]Windows 2000[/color:95526506ec][/b:95526506ec] en [color=#0000FF:95526506ec][b:95526506ec]Windows XP[/b:95526506ec][/color:95526506ec]: start het tool middels dubbelklik op "[i:95526506ec]Zoek.exe[/i:95526506ec]". [*:95526506ec][color=#0000FF:95526506ec][b:95526506ec]Windows Vista[/b:95526506ec][/color:95526506ec] en [color=#0000FF:95526506ec][b:95526506ec]Windows 7[/b:95526506ec][/color:95526506ec]: start het tool middels rechtsklik op "[i:95526506ec]Zoek.exe[/i:95526506ec]" en dan kiezen voor [i:95526506ec][b:95526506ec]Als Administrator uitvoeren[/b:95526506ec][/i:95526506ec].[/list:u:95526506ec] [*:95526506ec]Vervolgens zal er een nieuw venster openen. [*:95526506ec]Met je muis selecteer je nu de volgende keuze "[b:95526506ec][color=#0000FF:95526506ec]Custom search[/color:95526506ec][/b:95526506ec]"(2e keuzerondje onder het invulvenster) [*:95526506ec]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege invulvenster [b:95526506ec][color=#0000FF:95526506ec] mtee.3XE; [/color:95526506ec][/b:95526506ec] [*:95526506ec]Klik nu op de knop "[b:95526506ec][color=#0000FF:95526506ec]Run script[/color:95526506ec][/b:95526506ec]". [*:95526506ec]Wacht vervolgens geduldig af tot er een logje opent. [*:95526506ec]Post dan de inhoud van het geopende logje in het volgende bericht.[/list:u:95526506ec]
  • Zoek.exe Version 3.0.0.2 Updated 29-05-2012 Tool run by Gebruiker on za 02-06-2012 at 20:03:26,49. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running from: C:\Users\Gebruiker\Desktop\zoek.exe ==== Folders Found ====================== 2012-06-02 10:28:40 2012-06-02 10:28:40 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_022db31e 2012-06-02 10:28:03 2012-06-02 10:28:03 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_048d21a9 2012-06-02 10:25:09 2012-06-02 10:25:09 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_05ca788e 2012-06-02 10:26:21 2012-06-02 10:26:21 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_064b9217 2012-06-02 10:28:26 2012-06-02 10:28:26 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_07497b1e 2012-06-02 10:27:01 2012-06-02 10:27:01 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_083c30c6 2012-06-02 10:25:45 2012-06-02 10:25:45 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_0bd706b9 2012-06-02 10:25:30 2012-06-02 10:25:30 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_0c5acbbd 2012-06-02 10:28:15 2012-06-02 10:28:15 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_0eb94f9b 2012-06-02 10:29:05 2012-06-02 10:29:05 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_112e14ae 2012-06-02 10:28:43 2012-06-02 10:28:43 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1165be93 2012-06-02 10:26:15 2012-06-02 10:26:15 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_11e77c27 2012-06-02 10:28:31 2012-06-02 10:28:31 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_12a18f49 2012-06-02 10:28:21 2012-06-02 10:28:21 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_12f966e2 2012-06-02 10:27:33 2012-06-02 10:27:33 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1334abed 2012-06-02 10:22:36 2012-06-02 10:22:36 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_148824a5 2012-06-02 10:27:39 2012-06-02 10:27:39 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_14a0c344 2012-06-02 10:28:09 2012-06-02 10:28:09 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_14d536fd 2012-06-02 10:24:42 2012-06-02 10:24:42 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_14f610e7 2012-06-02 10:26:33 2012-06-02 10:26:33 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_15b3c122 2012-06-02 10:27:27 2012-06-02 10:27:27 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_16c49561 2012-06-02 10:28:59 2012-06-02 10:28:59 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1705fa89 2012-06-02 10:28:36 2012-06-02 10:28:36 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1765a163 2012-06-02 10:19:38 2012-06-02 10:19:38 -------- dc----w- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_cab_0c656af7 2012-06-02 10:28:40 2012-06-02 10:28:40 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_022db31e 2012-06-02 10:28:03 2012-06-02 10:28:03 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_048d21a9 2012-06-02 10:25:09 2012-06-02 10:25:09 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_05ca788e 2012-06-02 10:26:21 2012-06-02 10:26:21 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_064b9217 2012-06-02 10:28:26 2012-06-02 10:28:26 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_07497b1e 2012-06-02 10:27:01 2012-06-02 10:27:01 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_083c30c6 2012-06-02 10:25:45 2012-06-02 10:25:45 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_0bd706b9 2012-06-02 10:25:30 2012-06-02 10:25:30 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_0c5acbbd 2012-06-02 10:28:15 2012-06-02 10:28:15 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_0eb94f9b 2012-06-02 10:29:05 2012-06-02 10:29:05 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_112e14ae 2012-06-02 10:28:43 2012-06-02 10:28:43 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1165be93 2012-06-02 10:26:15 2012-06-02 10:26:15 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_11e77c27 2012-06-02 10:28:31 2012-06-02 10:28:31 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_12a18f49 2012-06-02 10:28:21 2012-06-02 10:28:21 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_12f966e2 2012-06-02 10:27:33 2012-06-02 10:27:33 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1334abed 2012-06-02 10:22:36 2012-06-02 10:22:36 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_148824a5 2012-06-02 10:27:39 2012-06-02 10:27:39 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_14a0c344 2012-06-02 10:28:09 2012-06-02 10:28:09 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_14d536fd 2012-06-02 10:24:42 2012-06-02 10:24:42 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_14f610e7 2012-06-02 10:26:33 2012-06-02 10:26:33 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_15b3c122 2012-06-02 10:27:27 2012-06-02 10:27:27 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_16c49561 2012-06-02 10:28:59 2012-06-02 10:28:59 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1705fa89 2012-06-02 10:28:36 2012-06-02 10:28:36 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_1765a163 2012-06-02 10:19:38 2012-06-02 10:19:38 -------- dc----w- C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_mtee.3XE_8615e0be76e0b0f57884e191aa661105a71268f_cab_0c656af7 ==== Files Found ====================== --- C:\Windows\Prefetch\MTEE.3XE-C81E85BB.pf --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 12856 Created time: 2012-06-02 10:19:42 Modified time: 2012-06-02 10:29:06 MD5: 47FE88691471D9A99EA66C615AF743C7 SHA1: 4037FDB60EDBC88C8DFF165834CCE5BD91D4352E
  • Kijk ens hier: http://www.commandline.co.uk/mtee/
  • Ik heb het bestand mtee.exe gedownload en het programma laten draaien. Zoals verwacht komt wederom de melding Commandline Standard Stream Splitter werkt niet meer. Maar daarmee staat het bestand nog niet in System32!! Ik begrijp dus niet wat ik nu moet doen.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.