Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

N.a.v Winsysclean installatie

Abraham54
34 antwoorden
  • Graag een controle van deze Laptop n.a.v deze link

    http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=219204&start=0&postdays=0&postorder=asc&highlight=

    ff na beneden scrollen en zie ( ks )

    Klachten
    Geregeld Extra reclame (blokken/vensters)op de site’s.
    Gebruik haast altijd Aurora of Firefox nieuwste versies.
    Heb als add-ons geinstalleerd adblolckplus / adblock plus pop-up er opstaan.
    En duurt volgens mij lang dat hij afsluit.

    Besturing
    Windows 7 Home Prenium 64 bits
    Beveiliging
    Bitfender Security 2013
    Mbam Pro
    SuperAntiVirus

    Heb 2 scans gedaan ( zie hier onder )

    Combofix wil niet ( blijft steeds steken op voltooid Deel 3 ) en verder komt hij niet.

    Malwarebytes Anti-Malware (PRO) 1.70.0.1100
    www.malwarebytes.org

    Databaseversie: v2013.01.02.06

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16439
    Gebruiker :: ACER [administrator]

    Bescherming: Ingeschakeld

    2-1-2013 17:47:21
    mbam-log-2013-01-02 (17-47-21).txt

    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 210517
    Verstreken tijd: 5 minuut/minuten, 32 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)


    # AdwCleaner v2.104 - Verslag gemaakt op 02/01/2013 om 17:42:15
    # Geactualiseerd op 29/12/2012 door Xplode
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Gebruiker : Gebruiker - ACER
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Users\Gebruiker\Desktop\adwcleaner.exe
    # Optie [Verwijderen]


    ***** [Diensten] *****


    ***** [Files / Mappen] *****

    File Verwijdert : C:\Program Files (x86)\Mozilla firefox\searchplugins\v9.xml
    Map Verwijdert : C:\ProgramData\Partner

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

    ***** [Browsers] *****

    -\\ Internet Explorer v10.0.9200.16438

    Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.v9.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=WDCXWD3200BPVT-22ZEST0_WD-WXA1A703168531685&ts=1356353714 –> hxxp://www.google.com
    Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.v9.com/newtab?utm_source=b&utm_medium=mlv&from=mlv&uid=WDCXWD3200BPVT-22ZEST0_WD-WXA1A703168531685&ts=1356353712 –> hxxp://www.google.com
    Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - CustomizeSearch] = hxxp://search.v9.com/web/?utm_source=b&utm_medium=mlv&from=mlv&uid=WDCXWD3200BPVT-22ZEST0_WD-WXA1A703168531685&ts=1356353714 –> hxxp://www.google.com
    Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.v9.com/web/?utm_source=b&utm_medium=mlv&from=mlv&uid=WDCXWD3200BPVT-22ZEST0_WD-WXA1A703168531685&ts=1356353714 –> hxxp://www.google.com

    -\\ Mozilla Firefox v17.0.1 (nl)

    File : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ma7hckcq.default\prefs.js

    Verwijdert : user_pref("browser.search.defaultenginename", "v9";);
    Verwijdert : user_pref("browser.search.order.1", "v9";);

    -\\ Opera v [Onmogelijk de versie te verkrijgen]

    File : C:\Users\Gebruiker\AppData\Roaming\Opera\Opera\operaprefs.ini

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    *************************

    AdwCleaner[S1].txt - [1859 octets] - [22/07/2012 09:35:59]
    AdwCleaner[S2].txt - [1447 octets] - [30/12/2012 20:35:21]
    AdwCleaner[S3].txt - [2374 octets] - [02/01/2013 17:42:15]

    ########## EOF - C:\AdwCleaner[S3].txt - [2434 octets] ##########
  • Doe onderstaande:

    [b:54832e6a2f]Welk programma[/b:54832e6a2f]:
  • Hoi Abraham
    bedankt voor de instructie, en nog de beste wensen.

    Hierbij de 1e log

    OTL logfile created on: 1/2/2013 8:22:40 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gebruiker\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16438)
    Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    2.93 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 67.26% Memory free
    3.42 Gb Paging File | 2.01 Gb Available in Paging File | 58.78% Paging File free
    Paging file location(s): c:\pagefile.sys 500 4501 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 284.99 Gb Total Space | 233.41 Gb Free Space | 81.90% Space Free | Partition Type: NTFS

    Computer Name: ACER | User Name: Gebruiker | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

  • En hier nu de 2e log

    OTL Extras logfile created on: 1/2/2013 8:22:40 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gebruiker\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16438)
    Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    2.93 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 67.26% Memory free
    3.42 Gb Paging File | 2.01 Gb Available in Paging File | 58.78% Paging File free
    Paging file location(s): c:\pagefile.sys 500 4501 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 284.99 Gb Total Space | 233.41 Gb Free Space | 81.90% Space Free | Partition Type: NTFS

    Computer Name: ACER | User Name: Gebruiker | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

  • Ik heb geen antivirussoftware in jouw Windows gevonden.
    Wel een aktive Malwarebytes MBAM - dat is geen substituut voor antivirussoftware!

    [b:978553e375]Sluit voordat
  • Heb ff gekeken maar het staat wel aan de antivirus

    Ik heb dan
    Bitdefender Internet Security 2013

    En hierbij de log

    All processes killed
    ========== OTL ==========
    C:\Users\Gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\ma7hckcq.default\extensions\personas@christopher.beard\modules folder moved successfully.
    C:\Users\Gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\ma7hckcq.default\extensions\personas@christopher.beard\defaults\preferences folder moved successfully.
    C:\Users\Gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\ma7hckcq.default\extensions\personas@christopher.beard\defaults folder moved successfully.
    C:\Users\Gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\ma7hckcq.default\extensions\personas@christopher.beard\components folder moved successfully.
    C:\Users\Gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\ma7hckcq.default\extensions\personas@christopher.beard folder moved successfully.
    C:\Users\Gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\xog5c217.default\extensions folder moved successfully.
    C:\Users\Gebruiker\AppData\Roaming\mozilla\firefox\profiles\ma7hckcq.default\extensions\adblockpopups@jessehakanen.net.xpi moved successfully.
    C:\Users\Gebruiker\AppData\Roaming\mozilla\firefox\profiles\ma7hckcq.default\extensions\lazarus@interclue.com.xpi moved successfully.
    C:\Users\Gebruiker\AppData\Roaming\mozilla\firefox\profiles\ma7hckcq.default\extensions\personas@christopher.beard.xpi moved successfully.
    C:\Users\Gebruiker\AppData\Roaming\mozilla\firefox\profiles\ma7hckcq.default\extensions\{14323AEE-F6B8-4DC8-BCE3-E62645830585}.xpi moved successfully.
    C:\Users\Gebruiker\AppData\Roaming\mozilla\firefox\profiles\ma7hckcq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi moved successfully.
    C:\Users\Gebruiker\AppData\Roaming\mozilla\firefox\profiles\ma7hckcq.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi moved successfully.
    File C:\Users\Gebruiker\AppData\Roaming\mozilla\firefox\profiles\xog5c217.default\extensions\testpilot@labs.mozilla.com.xpi not found.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.
    C:\Windows\Tasks\ParetoLogic Registration3.job moved successfully.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
  • Jij ook welterusten.

    Morgen mag je verder gaan met:

  • Goedemorgen Abraham

    Alvast de log van AdwCleaner.

    # AdwCleaner v2.104 - Verslag gemaakt op 03/01/2013 om 07:50:55
    # Geactualiseerd op 29/12/2012 door Xplode
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Gebruiker : Gebruiker - ACER
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Users\Gebruiker\Desktop\adwcleaner.exe
    # Optie [Verwijderen]


    ***** [Diensten] *****


    ***** [Files / Mappen] *****


    ***** [Register] *****


    ***** [Browsers] *****

    -\\ Internet Explorer v10.0.9200.16438

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Mozilla Firefox v17.0.1 (nl)

    File : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ma7hckcq.default\prefs.js

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    -\\ Opera v [Onmogelijk de versie te verkrijgen]

    File : C:\Users\Gebruiker\AppData\Roaming\Opera\Opera\operaprefs.ini

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    *************************

    AdwCleaner[S1].txt - [1859 octets] - [22/07/2012 09:35:59]
    AdwCleaner[S2].txt - [1447 octets] - [30/12/2012 20:35:21]
    AdwCleaner[S3].txt - [2501 octets] - [02/01/2013 17:42:15]
    AdwCleaner[S4].txt - [1134 octets] - [03/01/2013 07:50:55]

    ########## EOF - C:\AdwCleaner[S4].txt - [1194 octets] ##########
  • Dit komt ff van een andere laptop

    Heb nu Combofix al draaien van vanmorgenaf 09,10
    en hij blijft staan bij

    Voltooid Deel 3
    en verder komt hij niet.

    Wat moet ik nu doen, afwachten de fix of stoppen ermee.
  • Stoppen.
    En probeer dan of de scan in Veilige modus wel lukt.
  • Hier de log in veilig modus

    ComboFix 13-01-03.01 - Gebruiker 03-01-2013 13:12:53.14.2 - x64 NETWORK
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3002.1948 [GMT 1:00]
    Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe
    AV: Bitdefender Antivirus *Disabled/Outdated* {98CD50CE-5097-4098-9669-6C401FB3969C}
    FW: Bitdefender Firewall *Disabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7}
    SP: Bitdefender Antispyware *Disabled/Outdated* {23ACB12A-76AD-4F16-ACD9-57326434DC21}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\Acer
    c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-12-03 to 2013-01-03 ))))))))))))))))))))))))))))))
    .
    .
    2013-01-03 12:20 . 2013-01-03 12:20 ——– d—–w- c:\users\Public\AppData\Local\temp
    2013-01-03 12:20 . 2013-01-03 12:20 ——– d—–w- c:\users\Default\AppData\Local\temp
    2013-01-02 21:30 . 2013-01-02 21:30 ——– d—–w- C:\_OTL
    2013-01-02 08:48 . 2013-01-02 08:48 ——– d—–w- c:\program files (x86)\Aurora
    2012-12-30 16:16 . 2012-11-14 03:51 19450880 —-a-w- c:\windows\system32\mshtml.dll
    2012-12-30 16:16 . 2012-11-14 03:25 2706432 —-a-w- c:\windows\system32\mshtml.tlb
    2012-12-30 16:16 . 2012-11-14 01:14 2706432 —-a-w- c:\windows\SysWow64\mshtml.tlb
    2012-12-30 15:41 . 2012-11-08 23:46 28672 —-a-w- c:\windows\system32\IEUDINIT.EXE
    2012-12-30 15:35 . 2012-12-30 15:35 9728 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2012-12-30 00:36 . 2012-12-30 00:36 ——– d—–w- c:\users\Gebruiker\AppData\Roaming\addpcs
    2012-12-30 00:06 . 2012-12-30 00:06 ——– d—–w- c:\users\Gebruiker\AppData\Local\Programs
    2012-12-24 14:45 . 2012-12-24 14:45 ——– d—–w- c:\windows\system32\oodag
    2012-12-24 13:02 . 2012-12-24 13:02 ——– d—–w- c:\users\Gebruiker\AppData\Local\O&O
    2012-12-24 13:02 . 2012-12-24 13:02 ——– d—–w- c:\program files\OO Software
    2012-12-24 13:01 . 2012-12-24 13:01 ——– d—–w- c:\users\Gebruiker\AppData\Local\Downloaded Installations
    2012-12-23 17:53 . 2012-08-23 15:28 3584 —-a-w- c:\windows\system32\drivers
    l-NL\tsusbflt.sys.mui
    2012-12-23 17:53 . 2012-08-23 13:40 13312 —-a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2012-12-23 17:53 . 2012-08-23 13:41 13312 —-a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2012-12-23 17:53 . 2012-08-23 13:24 15360 —-a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
    2012-12-23 17:53 . 2012-08-23 14:10 19456 —-a-w- c:\windows\system32\drivers\rdpvideominiport.sys
    2012-12-23 17:53 . 2012-08-23 14:07 57856 —-a-w- c:\windows\system32\drivers\TsUsbFlt.sys
    2012-12-23 17:51 . 2012-05-04 11:00 366592 —-a-w- c:\windows\system32\qdvd.dll
    2012-12-23 17:51 . 2012-05-04 09:59 514560 —-a-w- c:\windows\SysWow64\qdvd.dll
    2012-12-23 08:51 . 2012-12-23 08:51 ——– d—–w- c:\program files\Bonjour
    2012-12-23 08:51 . 2012-12-23 08:51 ——– d—–w- c:\program files (x86)\Bonjour
    2012-12-22 18:58 . 2012-12-22 18:58 ——– d—–w- c:\program files\Windows Live
    2012-12-22 18:58 . 2012-12-22 18:58 ——– d—–w- c:\windows\PCHEALTH
    2012-12-22 18:58 . 2012-12-22 18:59 ——– d—–w- c:\program files (x86)\Windows Live
    2012-12-22 18:33 . 2010-06-02 03:55 77656 —-a-w- c:\windows\system32\XAPOFX1_5.dll
    2012-12-22 18:33 . 2010-06-02 03:55 74072 —-a-w- c:\windows\SysWow64\XAPOFX1_5.dll
    2012-12-22 18:33 . 2010-06-02 03:55 527192 —-a-w- c:\windows\SysWow64\XAudio2_7.dll
    2012-12-22 18:33 . 2010-06-02 03:55 518488 —-a-w- c:\windows\system32\XAudio2_7.dll
    2012-12-22 18:33 . 2010-05-26 10:41 2526056 —-a-w- c:\windows\system32\D3DCompiler_43.dll
    2012-12-22 18:33 . 2010-05-26 10:41 2106216 —-a-w- c:\windows\SysWow64\D3DCompiler_43.dll
    2012-12-22 18:33 . 2010-05-26 10:41 276832 —-a-w- c:\windows\system32\d3dx11_43.dll
    2012-12-22 18:33 . 2010-05-26 10:41 248672 —-a-w- c:\windows\SysWow64\d3dx11_43.dll
    2012-12-21 12:16 . 2012-12-21 12:16 ——– d—–w- C:\SkyDriveTemp
    2012-12-21 09:54 . 2012-12-16 17:11 46080 —-a-w- c:\windows\system32\atmlib.dll
    2012-12-21 09:54 . 2012-12-16 14:13 34304 —-a-w- c:\windows\SysWow64\atmlib.dll
    2012-12-21 09:54 . 2012-12-16 14:45 367616 —-a-w- c:\windows\system32\atmfd.dll
    2012-12-21 09:54 . 2012-12-16 14:13 295424 —-a-w- c:\windows\SysWow64\atmfd.dll
    2012-12-15 17:27 . 2012-12-29 13:31 ——– d—–w- c:\users\Gebruiker\AppData\Local\AdFender
    2012-12-13 11:59 . 2012-11-02 05:59 478208 —-a-w- c:\windows\system32\dpnet.dll
    2012-12-13 11:59 . 2012-11-02 05:11 376832 —-a-w- c:\windows\SysWow64\dpnet.dll
    2012-12-08 16:52 . 2013-01-02 21:32 ——– d—–w- c:\program files (x86)\Mozilla Maintenance Service
    2012-12-08 13:13 . 2012-12-08 13:13 ——– d—–w- C:\WindowsDebug
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-12-15 17:51 . 2012-11-17 14:08 73656 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-15 17:51 . 2012-11-17 14:08 697272 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-12-14 15:49 . 2012-04-13 03:35 24176 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-12-13 12:55 . 2010-11-15 14:01 67413224 —-a-w- c:\windows\system32\MRT.exe
    2012-11-11 15:05 . 2012-11-11 15:05 76944 —-a-w- c:\windows\system32\drivers\bdvedisk.sys
    2012-10-25 02:12 . 2012-10-25 02:12 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2012-10-25 02:12 . 2012-10-25 02:12 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2012-10-16 08:38 . 2012-11-28 16:23 135168 —-a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38 . 2012-11-28 16:23 350208 —-a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39 . 2012-11-28 16:23 561664 —-a-w- c:\windows\apppatch\AcLayers.dll
    2012-10-10 15:23 . 2012-10-10 15:23 10220472 —-a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
    2012-10-10 13:00 . 2012-11-10 22:00 587024 —-a-w- c:\windows\system32\drivers\avckf.sys
    2012-10-10 13:00 . 2012-11-10 22:00 705552 —-a-w- c:\windows\system32\drivers\avc3.sys
    2012-10-09 18:17 . 2012-11-14 16:54 55296 —-a-w- c:\windows\system32\dhcpcsvc6.dll
    2012-10-09 18:17 . 2012-11-14 16:54 226816 —-a-w- c:\windows\system32\dhcpcore6.dll
    2012-10-09 17:40 . 2012-11-14 16:54 44032 —-a-w- c:\windows\SysWow64\dhcpcsvc6.dll
    2012-10-09 17:40 . 2012-11-14 16:54 193536 —-a-w- c:\windows\SysWow64\dhcpcore6.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2012-12-21 12:12 222712 —-a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2012-12-21 12:12 222712 —-a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2012-12-21 12:12 222712 —-a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-16 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
    "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
    "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
    "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
    "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    R0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2012-10-10 705552]
    R0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [2012-08-29 145696]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
    R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
    R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
    R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
    R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
    R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
    R2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-01-25 3051848]
    R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [x]
    R2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
    R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [2012-10-05 68416]
    R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2012-10-10 587024]
    R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2012-09-21 82384]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-05-24 246304]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-15 1255736]
    R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2012-10-18 65344]
    S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
    S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2012-07-06 93160]
    S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-09-22 140672]
    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-14 384040]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2013-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-17 17:51]
    .
    2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24 11:33]
    .
    2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24 11:33]
    .
    2011-01-23 c:\windows\Tasks\ParetoLogic Update Version3.job
    - c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01]
    .
    2013-01-02 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 68c8c91b-b266-4a42-b2c1-e31ad4ffec1d.job
    - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
    .
    2013-01-02 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task f3e2cf55-a453-45ed-82f2-bee21ef6c466.job
    - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
    .
    .
    ——— X64 Entries ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2012-12-21 12:13 261624 —-a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2012-12-21 12:13 261624 —-a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2012-12-21 12:13 261624 —-a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-06 11057768]
    "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
    "Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2012-10-22 1568560]
    "OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-25 3942216]
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
    FontCache
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.weeronline.nl/Europa/Nederland/Smilde/4057322
    uLocal Page = c:\windows\system32\blank.htm
    uDefault_Search_URL = hxxp://www.google.com/ie
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mCustomizeSearch = hxxp://www.google.com
    mSearchAssistant = hxxp://www.google.com
    IE: &Verzenden naar OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
    TCP: Interfaces\{1CCBDE7B-E9A8-48C3-9CD1-C52075FD3A38}: NameServer = 192.168.0.1,8.8.8.8
    FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ma7hckcq.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.weeronline.nl/Europa/Nederland/Smilde/4057322
    FF - prefs.js: network.proxy.type - 0
    FF - ExtSQL: 2013-01-03 08:09; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ma7hckcq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\S-1-5-21-1540792951-4210785799-4223076911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (S-1-5-21-1540792951-4210785799-4223076911-1000)
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.Email.1"
    .
    [HKEY_USERS\S-1-5-21-1540792951-4210785799-4223076911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (S-1-5-21-1540792951-4210785799-4223076911-1000)
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2013-01-03 13:22:32
    ComboFix-quarantined-files.txt 2013-01-03 12:22
    ComboFix2.txt 2013-01-03 11:59
    ComboFix3.txt 2012-11-24 19:08
    .
    Pre-Run: 249.110.323.200 bytes beschikbaar
    Post-Run: 248.945.217.536 bytes beschikbaar
    .
    - - End Of File - - 75F3A8F8833251822A2758E715A8F816
  • Ziet er al goed uit.

    [b:5e6a42e110]Doe de ESET online scan (Klik).[/b:5e6a42e110]
    [list:5e6a42e110]
    [*:5e6a42e110]Klik op de knop [b:5e6a42e110]ESET Online Scanner[/b:5e6a42e110]
    [*:5e6a42e110]Zet een vinkje bij [b:5e6a42e110]YES, I accept the Terms of Use[/b:5e6a42e110]
    [*:5e6a42e110]Klik op [b:5e6a42e110]Start[/b:5e6a42e110]
    [*:5e6a42e110]Sta het ActiveX control toe om te installeren.
    [*:5e6a42e110]Zet een vinkje bij de volgende opties:
    [list:5e6a42e110][*:5e6a42e110][b:5e6a42e110]Remove found threats[/b:5e6a42e110]
    [*:5e6a42e110][b:5e6a42e110]Scan archives[/b:5e6a42e110][/list:u:5e6a42e110]
    [*:5e6a42e110]Klik vervolgens op [b:5e6a42e110]
  • Nu vanaf mijn andere Laptop

    Eset heeft alles gescand, ± 03.30 uur over gedaan.

    En het heeft niets gevonden.

    Kan er nu niet meer mee op het internet,( gele driehoekje rechts onderin )
    Had vanmiddag al problemen mee, na de scan van Combofix in veilig modus.
    Heb vanavond al een uur of wat bezig geweest, maar kan nog geen verbinding krijgen.

    Dus morgen zal ik weer verder kijken hoe en wat.
  • Aha.
    Opnieuw scannen met ComboFix!
    Vervolgens is er een herstart en moet internet het weer doen!
  • Geen resultaat opgeleverd.

    Als ik het driehoekje open krijg ik de verbindings te zien, en daar geeft hij
    dan aan dat hij wel verbonden is met de router.

    Maar ik krijg de website’s niet geopend.

    Dus er mist iets, maar wat.?

    P,s
    Dit vanaf mijn andere laptop.
    Mijn Desktop daar werkt ook alles wel goed.
  • Download MiniToolBox en plaats dit tool op jouw bureaublad.

    [b:cee9e3ffd2]"Farbar MiniToolBox" gebruiken[/b:cee9e3ffd2]:
    [list:cee9e3ffd2][*:cee9e3ffd2] [b:cee9e3ffd2]
  • Ik heb dit ff gedaan met een Usb-stick

    Hierbij de log

    MiniToolBox by Farbar Version: 25-11-2012
    Ran by Gebruiker (administrator) on 04-01-2013 at 13:29:47
    Running from "E:\"
    Windows 7 Home Premium Service Pack 1 (X64)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP-configuratie

    De DNS-omzettingscache is leeggemaakt.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset IE Proxy Settings": IE Proxy Settings were reset.

    ========================= FF Proxy Settings: ==============================


    "Reset FF Proxy Settings": Firefox Proxy settings were reset.

    ========================= Hosts content: =================================

    127.0.0.1 localhost

    ========================= IP Configuration: ================================

    Atheros AR5B97 Wireless Network Adapter = Draadloze netwerkverbinding (Connected)
    Broadcom NetLink (TM) Gigabit Ethernet = LAN-verbinding (Media disconnected)
    Microsoft Virtual WiFi Miniport Adapter = Draadloze netwerkverbinding 2 (Media disconnected)


    # ———————————-
    # IPv4-configuratie
    # ———————————-
    pushd interface ipv4

    reset
    set global
    add address name="Draadloze netwerkverbinding" address=192.168.0.106 mask=255.255.255.0
    add address name="LAN-verbinding" address=192.168.137.1 mask=255.255.255.0


    popd
    # Einde van IPv4-configuratie



    Windows IP-configuratie

    Hostnaam . . . . . . . . . . . . : Acer
    Primair DNS-achtervoegsel . . . . :
    Knooppunttype . . . . . . . . . . : hybride
    IP-routering ingeschakeld . . . . : nee
    WINS-proxy ingeschakeld . . . . . : nee

    Draadloos LAN-adapter voor Draadloze netwerkverbinding 2:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
    Fysiek adres. . . . . . . . . . . : CE-46-19-5D-C3-AB
    DHCP ingeschakeld . . . . . . . . : ja
    Autom. configuratie ingeschakeld : ja

    Draadloos LAN-adapter voor Draadloze netwerkverbinding:

    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Atheros AR5B97 Wireless Network Adapter
    Fysiek adres. . . . . . . . . . . : C4-46-19-5D-C3-AB
    DHCP ingeschakeld . . . . . . . . : nee
    Autom. configuratie ingeschakeld : ja
    Link-local IPv6-adres . . . . . . : fe80::9554:e92a:c0af:6e22%11(voorkeur)
    IPv4-adres. . . . . . . . . . . . : 192.168.0.106(voorkeur)
    Subnetmasker. . . . . . . . . . . : 255.255.255.0
    Standaardgateway. . . . . . . . . :
    DHCPv6 IAID . . . . . . . . . . . : 398738969
    DHCPv6-client DUID. . . . . . . . : 00-01-00-01-13-FE-D0-C2-88-AE-1D-77-89-5E
    DNS-servers . . . . . . . . . . . : 192.168.0.1
    8.8.8.8
    NetBIOS via TCPIP . . . . . . . . : ingeschakeld

    Ethernet-adapter voor LAN-verbinding:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
    Fysiek adres. . . . . . . . . . . : 88-AE-1D-77-89-5E
    DHCP ingeschakeld . . . . . . . . : nee
    Autom. configuratie ingeschakeld : ja

    Tunnel-adapter voor isatap.sitecomwl342:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter
    Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP ingeschakeld . . . . . . . . : nee
    Autom. configuratie ingeschakeld : ja

    Tunnel-adapter voor Teredo Tunneling Pseudo-Interface:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP ingeschakeld . . . . . . . . : nee
    Autom. configuratie ingeschakeld : ja

    Tunnel-adapter voor isatap.{1CCBDE7B-E9A8-48C3-9CD1-C52075FD3A38}:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter #2
    Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP ingeschakeld . . . . . . . . : nee
    Autom. configuratie ingeschakeld : ja

    Tunnel-adapter voor isatap.{1652FB9C-1406-4354-BA78-26CF446682DF}:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter #3
    Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP ingeschakeld . . . . . . . . : nee
    Autom. configuratie ingeschakeld : ja

    Tunnel-adapter voor isatap.{408C2479-EDC1-4CC6-BE86-A6E94EF74B14}:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter #4
    Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP ingeschakeld . . . . . . . . : nee
    Autom. configuratie ingeschakeld : ja
    DNS request timed out.
    timeout was 2 seconds.
    Server: UnKnown
    Address: 192.168.0.1

    DNS request timed out.
    timeout was 2 seconds.
    DNS request timed out.
    timeout was 2 seconds.
    DNS request timed out.
    timeout was 2 seconds.
    DNS request timed out.
    timeout was 2 seconds.
    Ping-aanvraag kan host google.com niet vinden.
    Controleer de naam en probeer het opnieuw.
    DNS request timed out.
    timeout was 2 seconds.
    Server: UnKnown
    Address: 192.168.0.1

    DNS request timed out.
    timeout was 2 seconds.
    DNS request timed out.
    timeout was 2 seconds.
    DNS request timed out.
    timeout was 2 seconds.
    DNS request timed out.
    timeout was 2 seconds.
    Ping-aanvraag kan host yahoo.com niet vinden.
    Controleer de naam en probeer het opnieuw.

    Pingen naar 127.0.0.1 met 32 bytes aan gegevens:
    Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128
    Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128

    Ping-statistieken voor 127.0.0.1:
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
    (0% verlies).

    De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
    Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms
    ===========================================================================
    Interfacelijst
    14…ce 46 19 5d c3 ab ……Microsoft Virtual WiFi Miniport Adapter
    11…c4 46 19 5d c3 ab ……Atheros AR5B97 Wireless Network Adapter
    10…88 ae 1d 77 89 5e ……Broadcom NetLink (TM) Gigabit Ethernet
    1………………………Software Loopback Interface 1
    13…00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
    16…00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    18…00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
    20…00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
    19…00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
    ===========================================================================

    IPv4 routetabel
    ===========================================================================
    Actieve routes:
    Netwerkadres Netmasker Gateway Interface Metric
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    192.168.0.0 255.255.255.0 On-link 192.168.0.106 276
    192.168.0.106 255.255.255.255 On-link 192.168.0.106 276
    192.168.0.255 255.255.255.255 On-link 192.168.0.106 276
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 192.168.0.106 276
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 192.168.0.106 276
    ===========================================================================
    Permanente routes:
    Geen

    IPv6 routetabel
    ===========================================================================
    Actieve routes:
    Indien metrische netwerkbestemming Gateway
    1 306 ::1/128 On-link
    11 276 fe80::/64 On-link
    11 276 fe80::9554:e92a:c0af:6e22/128
    On-link
    1 306 ff00::/8 On-link
    11 276 ff00::/8 On-link
    ===========================================================================
    Permanente routes:
    Geen
    ========================= Winsock entries =====================================

    Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
    Catalog5 02 C:\Windows\SysWOW64
    apinsp.dll [52224] (Microsoft Corporation)
    Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
    Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
    Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
    Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32
    apinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
    x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
    x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
    x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (01/04/2013 11:27:14 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 6381

    Error: (01/04/2013 11:27:14 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 6381

    Error: (01/04/2013 11:27:14 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/04/2013 11:27:12 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 5304

    Error: (01/04/2013 11:27:12 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 5304

    Error: (01/04/2013 11:27:12 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/04/2013 11:27:11 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4290

    Error: (01/04/2013 11:27:11 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 4290

    Error: (01/04/2013 11:27:11 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/04/2013 11:27:10 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3292


    System errors:
    =============
    Error: (01/04/2013 11:36:13 AM) (Source: Service Control Manager) (User: )
    Description: De Secunia Update Agent-service kan vanwege de volgende fout niet worden gestart:
    %%2

    Error: (01/04/2013 11:33:26 AM) (Source: Disk) (User: )
    Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR2.

    Error: (01/04/2013 10:23:52 AM) (Source: Service Control Manager) (User: )
    Description: De Secunia Update Agent-service kan vanwege de volgende fout niet worden gestart:
    %%2

    Error: (01/04/2013 10:21:19 AM) (Source: Service Control Manager) (User: )
    Description: De Network List Service-service is afhankelijk van de Network Location Awareness-service, die vanwege de volgende fout niet kan worden gestart:
    %%1068

    Error: (01/04/2013 10:21:19 AM) (Source: DCOM) (User: )
    Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

    Error: (01/04/2013 10:21:19 AM) (Source: DCOM) (User: )
    Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

    Error: (01/04/2013 10:17:47 AM) (Source: Service Control Manager) (User: )
    Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist.

    Error: (01/04/2013 10:17:19 AM) (Source: Application Popup) (User: )
    Description: \??\C:\ComboFix\catchme.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma.

    Error: (01/04/2013 10:17:19 AM) (Source: Application Popup) (User: )
    Description: \??\C:\ComboFix\catchme.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma.

    Error: (01/04/2013 10:15:27 AM) (Source: Service Control Manager) (User: )
    Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist.


    Microsoft Office Sessions:
    =========================
    Error: (01/04/2013 11:27:14 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 6381

    Error: (01/04/2013 11:27:14 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 6381

    Error: (01/04/2013 11:27:14 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/04/2013 11:27:12 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 5304

    Error: (01/04/2013 11:27:12 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 5304

    Error: (01/04/2013 11:27:12 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/04/2013 11:27:11 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4290

    Error: (01/04/2013 11:27:11 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 4290

    Error: (01/04/2013 11:27:11 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/04/2013 11:27:10 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3292


    CodeIntegrity Errors:
    ===================================
    Date: 2013-01-04 11:35:59.220
    Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_007\avcuf64.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

    Date: 2013-01-04 11:33:22.113
    Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_007\avcuf64.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

    Date: 2013-01-04 11:22:07.482
    Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_007\avcuf64.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

    Date: 2013-01-04 10:50:58.793
    Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_007\avcuf64.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

    Date: 2013-01-04 10:23:37.826
    Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_007\avcuf64.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

    Date: 2013-01-04 10:17:19.652
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

    Date: 2013-01-04 10:17:19.480
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

    Date: 2013-01-04 10:17:19.262
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

    Date: 2013-01-04 10:17:19.121
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

    Date: 2013-01-04 10:07:54.980
    Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00172_007\avcuf64.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.


    **** End of log ****

  • Download ComboFix nogmaals.
    Wel eerst de oude ComboFix naar de prullenbak doen en daarna deze legen.



    Start daarna ComboFix opnieuw voor een scan.
  • Heb Combofix op degoeie laptop weer gedownload, en
    via Usb-stick weer geplaatst.

    Deze melding staat er als ik op het driehoekje klik.

    Onbekend netwerk en geen toegang internet.

    Combofix weer in veilige modus gedaan, andere wou niet (bleef weer op Deel 4 steken)

    Hierbij de log via de usb-stick.

    ComboFix 13-01-04.01 - Gebruiker 04-01-2013 15:14:30.22.2 - x64 MINIMAL
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3002.1960 [GMT 1:00]
    Gestart vanuit: E:\ComboFix.exe
    AV: Bitdefender Antivirus *Disabled/Outdated* {98CD50CE-5097-4098-9669-6C401FB3969C}
    FW: Bitdefender Firewall *Disabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7}
    SP: Bitdefender Antispyware *Disabled/Outdated* {23ACB12A-76AD-4F16-ACD9-57326434DC21}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\Acer
    c:\programdata\Acer\Acer Updater\_UpdaterService_CFG.ini
    c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-12-04 to 2013-01-04 ))))))))))))))))))))))))))))))
    .
    .
    2013-01-04 14:20 . 2013-01-04 14:20 ——– d—–w- c:\users\Public\AppData\Local\temp
    2013-01-04 14:20 . 2013-01-04 14:20 ——– d—–w- c:\users\Default\AppData\Local\temp
    2013-01-02 08:48 . 2013-01-03 20:00 ——– d—–w- c:\program files (x86)\Aurora
    2012-12-30 16:16 . 2012-11-14 03:51 19450880 —-a-w- c:\windows\system32\mshtml.dll
    2012-12-30 16:16 . 2012-11-14 03:25 2706432 —-a-w- c:\windows\system32\mshtml.tlb
    2012-12-30 16:16 . 2012-11-14 01:14 2706432 —-a-w- c:\windows\SysWow64\mshtml.tlb
    2012-12-30 15:41 . 2012-11-08 23:46 28672 —-a-w- c:\windows\system32\IEUDINIT.EXE
    2012-12-30 15:35 . 2012-12-30 15:35 9728 —ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2012-12-30 00:36 . 2012-12-30 00:36 ——– d—–w- c:\users\Gebruiker\AppData\Roaming\addpcs
    2012-12-30 00:06 . 2012-12-30 00:06 ——– d—–w- c:\users\Gebruiker\AppData\Local\Programs
    2012-12-24 14:45 . 2012-12-24 14:45 ——– d—–w- c:\windows\system32\oodag
    2012-12-24 13:02 . 2012-12-24 13:02 ——– d—–w- c:\users\Gebruiker\AppData\Local\O&O
    2012-12-24 13:02 . 2012-12-24 13:02 ——– d—–w- c:\program files\OO Software
    2012-12-24 13:01 . 2012-12-24 13:01 ——– d—–w- c:\users\Gebruiker\AppData\Local\Downloaded Installations
    2012-12-23 17:53 . 2012-08-23 15:28 3584 —-a-w- c:\windows\system32\drivers
    l-NL\tsusbflt.sys.mui
    2012-12-23 17:53 . 2012-08-23 13:40 13312 —-a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2012-12-23 17:53 . 2012-08-23 13:41 13312 —-a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2012-12-23 17:53 . 2012-08-23 13:24 15360 —-a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
    2012-12-23 17:53 . 2012-08-23 14:10 19456 —-a-w- c:\windows\system32\drivers\rdpvideominiport.sys
    2012-12-23 17:53 . 2012-08-23 14:07 57856 —-a-w- c:\windows\system32\drivers\TsUsbFlt.sys
    2012-12-23 17:51 . 2012-05-04 11:00 366592 —-a-w- c:\windows\system32\qdvd.dll
    2012-12-23 17:51 . 2012-05-04 09:59 514560 —-a-w- c:\windows\SysWow64\qdvd.dll
    2012-12-23 08:51 . 2012-12-23 08:51 ——– d—–w- c:\program files\Bonjour
    2012-12-23 08:51 . 2012-12-23 08:51 ——– d—–w- c:\program files (x86)\Bonjour
    2012-12-22 18:58 . 2012-12-22 18:58 ——– d—–w- c:\program files\Windows Live
    2012-12-22 18:58 . 2012-12-22 18:58 ——– d—–w- c:\windows\PCHEALTH
    2012-12-22 18:58 . 2012-12-22 18:59 ——– d—–w- c:\program files (x86)\Windows Live
    2012-12-22 18:33 . 2010-06-02 03:55 77656 —-a-w- c:\windows\system32\XAPOFX1_5.dll
    2012-12-22 18:33 . 2010-06-02 03:55 74072 —-a-w- c:\windows\SysWow64\XAPOFX1_5.dll
    2012-12-22 18:33 . 2010-06-02 03:55 527192 —-a-w- c:\windows\SysWow64\XAudio2_7.dll
    2012-12-22 18:33 . 2010-06-02 03:55 518488 —-a-w- c:\windows\system32\XAudio2_7.dll
    2012-12-22 18:33 . 2010-05-26 10:41 2526056 —-a-w- c:\windows\system32\D3DCompiler_43.dll
    2012-12-22 18:33 . 2010-05-26 10:41 2106216 —-a-w- c:\windows\SysWow64\D3DCompiler_43.dll
    2012-12-22 18:33 . 2010-05-26 10:41 276832 —-a-w- c:\windows\system32\d3dx11_43.dll
    2012-12-22 18:33 . 2010-05-26 10:41 248672 —-a-w- c:\windows\SysWow64\d3dx11_43.dll
    2012-12-21 12:16 . 2012-12-21 12:16 ——– d—–w- C:\SkyDriveTemp
    2012-12-21 09:54 . 2012-12-16 17:11 46080 —-a-w- c:\windows\system32\atmlib.dll
    2012-12-21 09:54 . 2012-12-16 14:13 34304 —-a-w- c:\windows\SysWow64\atmlib.dll
    2012-12-21 09:54 . 2012-12-16 14:45 367616 —-a-w- c:\windows\system32\atmfd.dll
    2012-12-21 09:54 . 2012-12-16 14:13 295424 —-a-w- c:\windows\SysWow64\atmfd.dll
    2012-12-15 17:27 . 2012-12-29 13:31 ——– d—–w- c:\users\Gebruiker\AppData\Local\AdFender
    2012-12-13 11:59 . 2012-11-02 05:59 478208 —-a-w- c:\windows\system32\dpnet.dll
    2012-12-13 11:59 . 2012-11-02 05:11 376832 —-a-w- c:\windows\SysWow64\dpnet.dll
    2012-12-08 16:52 . 2013-01-03 20:00 ——– d—–w- c:\program files (x86)\Mozilla Maintenance Service
    2012-12-08 13:13 . 2012-12-08 13:13 ——– d—–w- C:\WindowsDebug
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-12-15 17:51 . 2012-11-17 14:08 73656 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-15 17:51 . 2012-11-17 14:08 697272 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-12-14 15:49 . 2012-04-13 03:35 24176 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-12-13 12:55 . 2010-11-15 14:01 67413224 —-a-w- c:\windows\system32\MRT.exe
    2012-11-11 15:05 . 2012-11-11 15:05 76944 —-a-w- c:\windows\system32\drivers\bdvedisk.sys
    2012-10-25 02:12 . 2012-10-25 02:12 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2012-10-25 02:12 . 2012-10-25 02:12 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2012-10-16 08:38 . 2012-11-28 16:23 135168 —-a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38 . 2012-11-28 16:23 350208 —-a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39 . 2012-11-28 16:23 561664 —-a-w- c:\windows\apppatch\AcLayers.dll
    2012-10-10 15:23 . 2012-10-10 15:23 10220472 —-a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
    2012-10-10 13:00 . 2012-11-10 22:00 587024 —-a-w- c:\windows\system32\drivers\avckf.sys
    2012-10-10 13:00 . 2012-11-10 22:00 705552 —-a-w- c:\windows\system32\drivers\avc3.sys
    2012-10-09 18:17 . 2012-11-14 16:54 55296 —-a-w- c:\windows\system32\dhcpcsvc6.dll
    2012-10-09 18:17 . 2012-11-14 16:54 226816 —-a-w- c:\windows\system32\dhcpcore6.dll
    2012-10-09 17:40 . 2012-11-14 16:54 44032 —-a-w- c:\windows\SysWow64\dhcpcsvc6.dll
    2012-10-09 17:40 . 2012-11-14 16:54 193536 —-a-w- c:\windows\SysWow64\dhcpcore6.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2012-12-21 12:12 222712 —-a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2012-12-21 12:12 222712 —-a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2012-12-21 12:12 222712 —-a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-16 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
    "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
    "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
    "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
    "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    R0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2012-10-10 705552]
    R0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [2012-08-29 145696]
    R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2012-07-06 93160]
    R1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
    R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
    R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
    R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
    R2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-01-25 3051848]
    R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [x]
    R2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
    R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [2012-10-05 68416]
    R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2012-10-10 587024]
    R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2012-09-21 82384]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
    R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-14 384040]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-05-24 246304]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-15 1255736]
    R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2012-10-18 65344]
    S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-09-22 140672]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2013-01-04 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-17 17:51]
    .
    2013-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24 11:33]
    .
    2013-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24 11:33]
    .
    2011-01-23 c:\windows\Tasks\ParetoLogic Update Version3.job
    - c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01]
    .
    2013-01-02 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 68c8c91b-b266-4a42-b2c1-e31ad4ffec1d.job
    - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
    .
    2013-01-04 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task f3e2cf55-a453-45ed-82f2-bee21ef6c466.job
    - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
    .
    .
    ——— X64 Entries ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2012-12-21 12:13 261624 —-a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2012-12-21 12:13 261624 —-a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2012-12-21 12:13 261624 —-a-w- c:\users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-06 11057768]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
    "Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2012-10-22 1568560]
    "OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-25 3942216]
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
    FontCache
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.weeronline.nl/Europa/Nederland/Smilde/4057322
    uLocal Page = c:\windows\system32\blank.htm
    uDefault_Search_URL = hxxp://www.google.com/ie
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mCustomizeSearch = hxxp://www.google.com
    mSearchAssistant = hxxp://www.google.com
    IE: &Verzenden naar OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
    TCP: Interfaces\{1CCBDE7B-E9A8-48C3-9CD1-C52075FD3A38}: NameServer = 192.168.0.1,8.8.8.8
    FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\h51kxhcd.default\
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    AddRemove-{C5089197-5B15-44AD-B0FC-2E94EE9ECB63} - c:\programdata\{B2FE6FE4-63BF-44CA-91FD-921DA2BAAE44}\wsc_x1.exe
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\S-1-5-21-1540792951-4210785799-4223076911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (S-1-5-21-1540792951-4210785799-4223076911-1000)
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.Email.1"
    .
    [HKEY_USERS\S-1-5-21-1540792951-4210785799-4223076911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (S-1-5-21-1540792951-4210785799-4223076911-1000)
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2013-01-04 15:23:24
    ComboFix-quarantined-files.txt 2013-01-04 14:23
    .
    Pre-Run: 247.640.358.912 bytes beschikbaar
    Post-Run: 247.480.410.112 bytes beschikbaar
    .
    - - End Of File - - 6371D49DC69E5AE8738911948F03CE28


    Of is het verstandig nu om hem weer naar de fabrieksinstelling terug te zetten.?
  • Nog steeds geen internet?
    Kijk dan eerst of je voor de WLAN-kaart een nieuwe driver kan vinden en anders de huidige driver opniew installeren.

    En dat ComboFix telkens in veilige modus moet draaien zint mij ook voor geen meter!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.