Mededeling

Collapse
No announcement yet.

Services verdwenen ed.

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Services verdwenen ed.

    Ahoi,

    ik denk dat een of meerdere virus(sen) deze pc een beetje naar de gal gebracht hebben. BITS-service was foetsie, Windows-update idem, en Windows fire-wall enzo. Wilde gewoon eens windows updaten, zag toen foutmelding, via microsoft proberen te fixen. Volgens mij maar half gelukt. Laatste automatische update was vanaf 7-9-2012. Nu lukt updaten wel, maar wel erg vaak nog mislukkingen en fout bij configureren van windows-updates.

    Gaarne een deskundige blik en hulp via de logjes...

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Databaseversie: v2013.07.27.04

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 10.0.9200.16635
    Michiel&Lisette :: PC-KINDEREN [administrator]

    27-7-2013 17:33:34
    mbam-log-2013-07-27 (17-33-34).txt

    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 289994
    Verstreken tijd: 7 minuut/minuten, 44 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 1
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)


    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.21.2
    Run by Michiel&Lisette at 17:48:03 on 2013-07-27
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3326.1708 [GMT 2:00]
    .
    AV: McAfee Antivirus en antispyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    SP: McAfee Antivirus en antispyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
    C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    C:\Windows\system32\mfevtps.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
    C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
    C:\Windows\system32\atieclxx.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\PROGRA~1\McAfee\MSC\McAPExe.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
    C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
    C:\Users\Michiel&Lisette\AppData\Roaming\Spotify\spotify.exe
    C:\Users\Michiel&Lisette\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\McAfee\MAT\McPvTray.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k bthsvcs
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxps://www.google.nl/
    uWindow Title = Internet Explorer aangeboden door Dell
    uSearch Bar = hxxp://www.google.com/ie
    uSearch Page = hxxp://www.google.com
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    uURLSearchHooks: {22dfbf5b-a7cd-4b25-9471-3dc68c71855f} - <orphaned>
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - LocalServer32 - <no file>
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
    BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\yontoo\YontooIEClient.dll
    TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    uRun: [Spotify] "c:\users\michiel&lisette\appdata\roaming\spotify\Spotify.exe" /uri spotify:autostart
    uRun: [Spotify Web Helper] "c:\users\michiel&lisette\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [Logitech Hardware Abstraction Layer] "c:\program files\common files\logitech\khalshared\KHALMNPR.EXE"
    mRun: [NMSSupport] "c:\program files\common files\intel\inteldh\nms\support\IntelHCTAgent.exe" /startup
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    mRun: [mcpltui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    mRun: [CDAServer] c:\program files\common files\common desktop agent\CDASrv.exe
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    TCP: NameServer = 212.54.40.25 212.54.35.25
    TCP: Interfaces\{EFE0253E-2E9C-4755-BA10-4154E35A5008} : DHCPNameServer = 62.133.126.28 62.133.126.29
    TCP: Interfaces\{FDB63842-7666-4353-A971-1461F551E547} : DHCPNameServer = 212.54.40.25 212.54.35.25
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2013-5-10 66296]
    R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2012-9-15 566656]
    R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-9-15 212432]
    R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128]
    R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2007-2-12 208896]
    R2 HomeNetSvc;McAfee Home Network;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2013-1-15 184728]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-9-28 167784]
    R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2013-1-15 184728]
    R2 mcpltsvc;McAfee Platform Services;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2013-1-15 184728]
    R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2013-1-15 184728]
    R2 mfecore;McAfee Anti-Malware Core;c:\program files\common files\mcafee\amcore\mcshield.exe [2013-1-15 638976]
    R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2013-1-15 169320]
    R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-3-13 172416]
    R2 NMSCore;Intel(R) NMSCore;c:\program files\common files\intel\inteldh\nms\nmscore\NMSCore.exe [2007-6-27 317656]
    R2 nmsunidr;UniDriver for NMS;c:\windows\system32\drivers\nmsunidr.sys [2007-2-18 5376]
    R2 QualityManager;Intel(R) Quality Manager;c:\program files\intel\inteldh\intel media server\media server\bin\QualityManager.exe [2007-6-27 272600]
    R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [2012-7-19 5120]
    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-11-9 235520]
    R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-11-9 363432]
    R3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\drivers\mfencbdc.sys [2013-2-18 257496]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 MCLServiceATL;Intel(R) Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2007-6-27 157912]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2013-1-15 184728]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-11-9 60920]
    S3 DHTRACE;Intel(R) DHTrace Controller;c:\program files\common files\intel\inteldh\bin\DHTraceController.exe [2007-6-27 39640]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-4-7 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
    S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-2-20 30192]
    S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2013-4-10 147472]
    S3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2012-9-15 203080]
    S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-11-9 65928]
    S3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\drivers\mfencrk.sys [2013-2-18 80592]
    S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-5-10 18432]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-1 52224]
    S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-23 1343400]
    S3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-7-14 20480]
    S3 Yontoo Desktop Updater;Yontoo Desktop Updater;c:\program files\yontoo\Y2Desktop.Updater.exe [2013-5-18 23552]
    S4 McOobeSv;McAfee OOBE Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-9-28 167784]
    S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
    .
    =============== Created Last 30 ================
    .
    2013-07-27 15:32:56 -------- d-----w- c:\users\michiel&lisette\appdata\roaming\Malwarebytes
    2013-07-27 15:32:42 -------- d-----w- c:\programdata\Malwarebytes
    2013-07-27 15:32:39 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-07-27 15:32:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2013-07-26 14:06:21 -------- d-----w- c:\windows\system32\MRT
    2013-07-26 13:58:13 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2013-07-26 13:54:47 1247744 ----a-w- c:\windows\system32\DWrite.dll
    2013-07-26 13:41:51 -------- d-----w- c:\windows\Panther
    2013-07-25 23:49:59 34304 ----a-w- c:\windows\system32\atmlib.dll
    2013-07-25 23:49:59 295424 ----a-w- c:\windows\system32\atmfd.dll
    2013-07-25 23:25:10 9728 ----a-w- c:\windows\system32\Wdfres.dll
    2013-07-25 23:25:10 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
    2013-07-25 23:25:10 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
    2013-07-25 23:24:06 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
    2013-07-25 23:24:06 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
    2013-07-25 23:24:06 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
    2013-07-25 23:24:06 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
    2013-07-25 23:24:05 613888 ----a-w- c:\windows\system32\WUDFx.dll
    2013-07-25 23:24:05 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
    2013-07-25 23:24:05 196608 ----a-w- c:\windows\system32\WUDFHost.exe
    2013-07-25 23:10:37 369856 ----a-w- c:\windows\system32\drivers\cng.sys
    2013-07-25 23:10:37 247808 ----a-w- c:\windows\system32\schannel.dll
    2013-07-25 23:10:37 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
    2013-07-25 23:10:36 1039360 ----a-w- c:\windows\system32\lsasrv.dll
    2013-07-25 23:10:27 509440 ----a-w- c:\windows\system32\qedit.dll
    2013-07-25 23:10:24 376832 ----a-w- c:\windows\system32\dpnet.dll
    2013-07-25 23:10:20 903168 ----a-w- c:\windows\system32\certutil.exe
    2013-07-25 23:10:19 43008 ----a-w- c:\windows\system32\certenc.dll
    2013-07-25 23:10:19 140288 ----a-w- c:\windows\system32\cryptsvc.dll
    2013-07-25 23:10:19 1160192 ----a-w- c:\windows\system32\crypt32.dll
    2013-07-25 23:10:19 103936 ----a-w- c:\windows\system32\cryptnet.dll
    2013-07-25 23:07:31 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
    2013-07-25 23:07:26 3217408 ----a-w- c:\windows\system32\mstscax.dll
    2013-07-25 23:07:25 131584 ----a-w- c:\windows\system32\aaclient.dll
    2013-07-25 23:07:24 36864 ----a-w- c:\windows\system32\tsgqec.dll
    2013-07-25 23:07:09 1389568 ----a-w- c:\windows\system32\msxml6.dll
    2013-07-25 23:07:06 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
    2013-07-25 23:07:04 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
    2013-07-25 23:06:55 24576 ----a-w- c:\windows\system32\cryptdlg.dll
    2013-07-25 23:06:41 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
    2013-07-25 23:06:36 1505280 ----a-w- c:\windows\system32\d3d11.dll
    2013-07-25 23:06:31 156672 ----a-w- c:\windows\system32\ncsi.dll
    2013-07-25 23:06:30 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
    2013-07-25 23:06:30 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
    2013-07-25 23:06:30 242176 ----a-w- c:\windows\system32\nlasvc.dll
    2013-07-25 23:06:30 175104 ----a-w- c:\windows\system32\netcorehc.dll
    2013-07-25 23:06:29 52224 ----a-w- c:\windows\system32\nlaapi.dll
    2013-07-25 23:06:29 18944 ----a-w- c:\windows\system32\netevent.dll
    2013-07-25 23:06:04 492544 ----a-w- c:\windows\system32\win32spl.dll
    2013-07-25 23:06:02 2347520 ----a-w- c:\windows\system32\win32k.sys
    2013-07-25 23:05:36 626688 ----a-w- c:\windows\system32\usp10.dll
    2013-07-25 23:05:34 514560 ----a-w- c:\windows\system32\qdvd.dll
    2013-07-25 23:05:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
    2013-07-25 23:05:33 186368 ----a-w- c:\windows\system32\wwansvc.dll
    2013-07-25 23:05:30 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
    2013-07-25 23:05:30 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
    2013-07-25 23:05:27 172544 ----a-w- c:\windows\system32\wintrust.dll
    2013-07-25 23:04:55 542208 ----a-w- c:\windows\system32\kerberos.dll
    2013-07-25 23:04:52 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
    2013-07-25 22:59:02 46592 ----a-w- c:\windows\system32\fpb.rs
    2013-07-25 22:59:02 45568 ----a-w- c:\windows\system32\oflc-nz.rs
    2013-07-25 22:59:02 43520 ----a-w- c:\windows\system32\csrr.rs
    2013-07-25 22:59:02 40960 ----a-w- c:\windows\system32\cob-au.rs
    2013-07-25 22:59:01 44544 ----a-w- c:\windows\system32\pegibbfc.rs
    2013-07-25 22:59:01 30720 ----a-w- c:\windows\system32\usk.rs
    2013-07-25 22:59:01 15360 ----a-w- c:\windows\system32\djctq.rs
    2013-07-25 22:59:00 2576384 ----a-w- c:\windows\system32\gameux.dll
    2013-07-25 22:59:00 21504 ----a-w- c:\windows\system32\grb.rs
    2013-07-25 22:59:00 20480 ----a-w- c:\windows\system32\pegi.rs
    2013-07-25 22:59:00 20480 ----a-w- c:\windows\system32\pegi-pt.rs
    2013-07-25 22:58:59 308736 ----a-w- c:\windows\system32\Wpc.dll
    2013-07-25 22:58:55 51712 ----a-w- c:\windows\system32\esrb.rs
    2013-07-25 22:58:55 20480 ----a-w- c:\windows\system32\pegi-fi.rs
    2013-07-25 22:58:54 55296 ----a-w- c:\windows\system32\cero.rs
    2013-07-25 22:58:54 23552 ----a-w- c:\windows\system32\oflc.rs
    2013-07-25 22:58:21 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2013-07-25 22:58:20 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
    2013-07-25 22:58:17 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
    2013-07-25 22:58:16 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll
    2013-07-25 22:58:16 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
    2013-07-25 22:58:15 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
    2013-07-25 22:58:00 220160 ----a-w- c:\windows\system32\ncrypt.dll
    2013-07-25 22:56:52 169984 ----a-w- c:\windows\system32\winsrv.dll
    2013-07-25 22:53:58 47104 ----a-w- c:\windows\system32\appinfo.dll
    2013-07-25 22:53:58 1796096 ----a-w- c:\windows\system32\authui.dll
    2013-07-25 22:53:58 101720 ----a-w- c:\windows\system32\consent.exe
    2013-07-25 21:27:41 -------- d-----w- C:\AULOGS
    2013-07-20 19:07:21 -------- d-----w- c:\users\michiel&lisette\appdata\roaming\Dofus
    2013-07-19 19:16:12 -------- d-----w- c:\users\michiel&lisette\appdata\local\{702211F5-FD05-44EE-8152-AB34E8DFACD6}
    .
    ==================== Find3M ====================
    .
    2013-07-24 09:39:28 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-07-24 09:39:28 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-06-21 11:32:20 212600 ----a-w- c:\windows\system32\SBuySupplies.exe
    2013-06-21 11:32:14 28672 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\sst6cpc.dll
    2013-05-08 05:38:00 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
    .
    ============= FINISH: 17:49:10,42 ===============


    GMER 2.1.19163 - http://www.gmer.net
    Rootkit scan 2013-07-27 18:12:47
    Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST3500630AS rev.3.ADG 465,76GB
    Running: uewodbpf.exe; Driver: C:\Users\MICHIE~1\AppData\Local\Temp\aglyiaoc.sys


    ---- Kernel code sections - GMER 2.1 ----

    .text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 834449F5 1 Byte [06]
    .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 8347E1F2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x92A09000, 0x2D5378, 0xE8000020]
    ? C:\Users\MICHIE~1\AppData\Local\Temp\mbr.sys Het systeem kan het opgegeven pad niet vinden. !

    ---- User code sections - GMER 2.1 ----

    .text C:\Users\Michiel&Lisette\AppData\Roaming\Spotify\spotify.exe[2240] ntdll.dll!DbgBreakPoint 7724410C 1 Byte [C3]
    .text C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe[2292] kernel32.dll!LoadLibraryA 755FDC65 5 Bytes JMP 70068A00 C:\Program Files\Common Files\McAfee\McProxy\mcproxy.dll
    .text C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe[2292] kernel32.dll!LoadLibraryW 755FEF42 5 Bytes JMP 70068B00 C:\Program Files\Common Files\McAfee\McProxy\mcproxy.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3804] shell32.DLL!RealDriveType + 173D 7665FE30 4 Bytes [E5, 36, 0C, 73] {IN EAX, 0x36; OR AL, 0x73}
    .text C:\Program Files\Internet Explorer\iexplore.exe[3804] shell32.DLL!RealDriveType + 1745 7665FE38 8 Bytes [1B, 57, 0C, 73, 9F, 83, 0D, ...]
    .text C:\Program Files\Internet Explorer\iexplore.exe[5548] shell32.DLL!RealDriveType + 173D 7665FE30 4 Bytes [E5, 36, 0C, 73] {IN EAX, 0x36; OR AL, 0x73}
    .text C:\Program Files\Internet Explorer\iexplore.exe[5548] shell32.DLL!RealDriveType + 1745 7665FE38 8 Bytes [1B, 57, 0C, 73, 9F, 83, 0D, ...]

    ---- Devices - GMER 2.1 ----

    Device \Driver\BTHUSB \Device\00000075 bthport.sys
    Device \Driver\BTHUSB \Device\00000077 bthport.sys

    AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys

    ---- Registry - GMER 2.1 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0007619eb73f
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0x9B 0xF3 0xA1 0x21 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd503294
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0002
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] 0x02 0x00 0x00 0x00 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] Type 1
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] Before Out of Range 8
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] Max Channels 2
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] Link Key COD Masks 0x00 0x00 0x1F 0x43 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] \??\USB#VID_046D&PID_C709#0007619EB73F#{0850302a-b344-4fda-9be9-90576b8d46f0}
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] \??\USB#VID_046D&PID_C709#0007619EB73F#{a5dcbf10-6530-11d2-901f-00c04fb951ed}
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0007619eb73f (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\[email protected] 0x9B 0xF3 0xA1 0x21 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd503294 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0002 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] 0x02 0x00 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] Type 1
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] Before Out of Range 8
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] Max Channels 2
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] Link Key COD Masks 0x00 0x00 0x1F 0x43 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] \??\USB#VID_046D&PID_C709#0007619EB73F#{0850302a-b344-4fda-9be9-90576b8d46f0}
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] \??\USB#VID_046D&PID_C709#0007619EB73F#{a5dcbf10-6530-11d2-901f-00c04fb951ed}

    ---- EOF - GMER 2.1 ----

    de GMER-scan kreeg op een gegeven moment een foutmelding, dat er geen disk in the device zat. Misschien heb ik een instelling verkeerd gezet of is er iets anders aan de hand? Bij deze regel ging het volgens mij fout...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\[email protected] \??\USB#VID_046D&PID_C709#0007619EB73F#{a5dcbf10-6530-11d2-901f-00c04fb951ed}

    BVD voor de hulp iig!

    Groet.

  • #2
    Probeer dit eens.

    Download zoek.exe naar het bureaublad.
    • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
      (hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.
    • Dubbelklik op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
      Code:
      emptyclsid;
      firefoxlook; 
      Chromelook;  
      autoclean; 
      iedefaults;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      Draait nu al zo'n 2 uur, is dit normaal of kan ik het beter even opnieuw proberen??

      Comment


      • #4
        Doe eerst deze even aub.

        Download AdwCleaner by Xplode naar het bureaublad.
        • Sluit alle openstaande vensters.
        • Dubbelklik op AdwCleaner om hem te starten.
        • Klik vervolgens op Verwijderen.
        • Klik bij AdwCleaner – Informatie op OK
        • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK


        Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.
        Nadat de PC opnieuw is opgestart, opent een logfile.
        Post aansluitend de inhoud van dit log in je volgende bericht als bijlage.

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Heb gisteren McAfee gedeinstalleerd, en nog eens dat zoek.exe aangezet. Nachtje laten draaien, maar zojuist nog steeds niet klaar. Toen maar gecanceld. Hier is adwlog:

          # AdwCleaner v2.306 - Verslag gemaakt op 28/07/2013 om 13:52:34
          # Geactualiseerd op 19/07/2013 door Xplode
          # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (32 bits)
          # Gebruiker : Michiel&Lisette - PC-KINDEREN
          # Opstarten Modus : Normale modus
          # Gelanceerd vanaf : C:\Users\Michiel&Lisette\Desktop\adwcleaner.exe
          # Optie [Verwijderen]


          ***** [Diensten] *****

          Gestopt & Verwijdert : Yontoo Desktop Updater

          ***** [Files / Mappen] *****

          File Verwijderd : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
          File Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
          File Verwijderd : C:\user.js
          File Verwijderd : C:\Windows\system32\roboot.exe
          Map Verwijderd : C:\Program Files\Conduit
          Map Verwijderd : C:\Program Files\Yontoo
          Map Verwijderd : C:\ProgramData\Tarma Installer
          Map Verwijderd : C:\Users\Michiel&Lisette\AppData\Local\PutLockerDownloader
          Map Verwijderd : C:\Users\Michiel&Lisette\AppData\LocalLow\Conduit
          Map Verwijderd : C:\Users\Michiel&Lisette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
          Map Verwijderd : C:\Users\Michiel&Lisette\AppData\Roaming\OpenCandy
          Map Verwijderd : C:\Users\Michiel&Lisette\AppData\Roaming\Yontoo

          ***** [Register] *****

          Sleutel Verwijderd : HKCU\Software\1ClickDownload
          Sleutel Verwijderd : HKCU\Software\5d55dedcb53ceb48
          Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit
          Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
          Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong
          Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\searchqutoolbar
          Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar
          Sleutel Verwijderd : HKCU\Software\BabSolution
          Sleutel Verwijderd : HKCU\Software\Blabbers
          Sleutel Verwijderd : HKCU\Software\BrowserCompanion
          Sleutel Verwijderd : HKCU\Software\DataMngr
          Sleutel Verwijderd : HKCU\Software\DataMngr_Toolbar
          Sleutel Verwijderd : HKCU\Software\IGearSettings
          Sleutel Verwijderd : HKCU\Software\ilivid
          Sleutel Verwijderd : HKCU\Software\IM
          Sleutel Verwijderd : HKCU\Software\ImInstaller
          Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
          Sleutel Verwijderd : HKCU\Software\Softonic
          Sleutel Verwijderd : HKCU\Software\systweak
          Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar
          Sleutel Verwijderd : HKLM\SOFTWARE\5d55dedcb53ceb48
          Sleutel Verwijderd : HKLM\Software\Babylon
          Sleutel Verwijderd : HKLM\Software\BrowserCompanion
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Api
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
          Sleutel Verwijderd : HKLM\Software\Conduit
          Sleutel Verwijderd : HKLM\Software\DataMngr
          Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
          Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn
          Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej
          Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
          Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
          Sleutel Verwijderd : HKLM\Software\iLividSRTB
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Browser companion helper
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
          Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
          Sleutel Verwijderd : HKLM\Software\systweak
          Sleutel Verwijderd : HKLM\Software\Tarma Installer
          Sleutel Verwijderd : HKLM\Software\Web Assistant
          Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
          Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
          Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
          Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

          ***** [Browsers] *****

          -\\ Internet Explorer v10.0.9200.16635

          [OK] Het register bevat geen enkele ongeoorloofde invoer.

          *************************

          AdwCleaner[S1].txt - [13534 octets] - [28/07/2013 13:52:34]

          ########## EOF - C:\AdwCleaner[S1].txt - [13595 octets] ##########

          Nu nog een keer die zoek.exe uit eerdere reactie proberen of heb je andere plannen voor me?

          Vriendelijk bedankt.

          Comment


          • #6
            Download ComboFix van één van de onderstaande locaties naar het bureaublad.
            Bleeping Computer
            Info Spyware

            Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe
            (hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.
            • Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
            • Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
            • Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
            • Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
            • Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
            • Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
            • Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
            • Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
            • Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht als bijlage.


            * Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.
            • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
            • Illegal operation attempted on a registry key that has been marked for deletion.

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              Bij dezen de combofix-log:


              ComboFix 13-07-27.01 - Michiel&Lisette 28-07-2013 19:13:56.1.2 - x86
              Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3326.2291 [GMT 2:00]
              Gestart vanuit: c:\users\Michiel&Lisette\Desktop\ComboFix.exe
              SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
              .
              .
              (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
              .
              .
              c:\users\Michiel&Lisette\AppData\Roaming\Akeqah
              c:\users\Michiel&Lisette\AppData\Roaming\Akeqah\symyy.kye
              c:\users\Michiel&Lisette\AppData\Roaming\Bazoka
              c:\users\Michiel&Lisette\AppData\Roaming\Bazoka\noys.ilk
              c:\users\Michiel&Lisette\AppData\Roaming\Cydixi
              c:\users\Michiel&Lisette\AppData\Roaming\Cydixi\okomu.noz
              c:\users\Michiel&Lisette\AppData\Roaming\Davo
              c:\users\Michiel&Lisette\AppData\Roaming\Davo\xiyby.wee
              c:\users\Michiel&Lisette\AppData\Roaming\Ihfua
              c:\users\Michiel&Lisette\AppData\Roaming\Ihfua\unov.kig
              c:\users\Michiel&Lisette\AppData\Roaming\Mietwo
              c:\users\Michiel&Lisette\AppData\Roaming\Mietwo\irovc.dyy
              c:\users\Michiel&Lisette\AppData\Roaming\Niubsa
              c:\users\Michiel&Lisette\AppData\Roaming\Niubsa\odza.xyq
              c:\users\Michiel&Lisette\AppData\Roaming\Tuehd
              c:\users\Michiel&Lisette\AppData\Roaming\Tuehd\cizoa.lon
              c:\users\Michiel&Lisette\Documents\~WRL3590.tmp
              c:\windows\IsUn0413.exe
              .
              .
              (((((((((((((((((((( Bestanden Gemaakt van 2013-06-28 to 2013-07-28 ))))))))))))))))))))))))))))))
              .
              .
              2013-07-28 17:18 . 2013-07-28 17:20 -------- d-----w- c:\users\Michiel&Lisette\AppData\Local\temp
              2013-07-28 17:18 . 2013-07-28 17:18 -------- d-----w- c:\users\Kinderen\AppData\Local\temp
              2013-07-27 15:32 . 2013-07-27 15:32 -------- d-----w- c:\users\Michiel&Lisette\AppData\Roaming\Malwarebytes
              2013-07-27 15:32 . 2013-07-27 15:32 -------- d-----w- c:\programdata\Malwarebytes
              2013-07-27 15:32 . 2013-07-27 15:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
              2013-07-27 15:32 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
              2013-07-26 14:06 . 2013-07-26 14:08 -------- d-----w- c:\windows\system32\MRT
              2013-07-26 13:58 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
              2013-07-26 13:54 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll
              2013-07-26 13:41 . 2013-07-26 13:41 -------- d-----w- c:\windows\Panther
              2013-07-25 23:49 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
              2013-07-25 23:49 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
              2013-07-25 23:25 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
              2013-07-25 23:25 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
              2013-07-25 23:25 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
              2013-07-25 23:24 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
              2013-07-25 23:24 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
              2013-07-25 23:24 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
              2013-07-25 23:24 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
              2013-07-25 23:24 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
              2013-07-25 23:24 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
              2013-07-25 23:24 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
              2013-07-25 23:10 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
              2013-07-25 23:10 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
              2013-07-25 23:10 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
              2013-07-25 23:10 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
              2013-07-25 23:10 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll
              2013-07-25 23:10 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
              2013-07-25 23:10 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
              2013-07-25 23:10 . 2013-05-13 04:45 140288 ----a-w- c:\windows\system32\cryptsvc.dll
              2013-07-25 23:10 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\system32\crypt32.dll
              2013-07-25 23:10 . 2013-05-13 04:45 103936 ----a-w- c:\windows\system32\cryptnet.dll
              2013-07-25 23:10 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
              2013-07-25 23:07 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
              2013-07-25 23:07 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\system32\mstscax.dll
              2013-07-25 23:07 . 2013-02-15 04:34 131584 ----a-w- c:\windows\system32\aaclient.dll
              2013-07-25 23:07 . 2013-02-15 03:25 36864 ----a-w- c:\windows\system32\tsgqec.dll
              2013-07-25 23:07 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
              2013-07-25 23:07 . 2013-04-12 13:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
              2013-07-25 23:07 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
              2013-07-25 23:06 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
              2013-07-25 23:06 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
              2013-07-25 23:06 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll
              2013-07-25 23:06 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
              2013-07-25 23:06 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
              2013-07-25 23:06 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
              2013-07-25 23:06 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
              2013-07-25 23:06 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
              2013-07-25 23:06 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
              2013-07-25 23:06 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
              2013-07-25 23:06 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
              2013-07-25 23:06 . 2013-06-05 03:05 2347520 ----a-w- c:\windows\system32\win32k.sys
              2013-07-25 23:05 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
              2013-07-25 23:05 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
              2013-07-25 23:05 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll
              2013-07-25 23:05 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
              2013-07-25 23:05 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
              2013-07-25 23:05 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
              2013-07-25 23:05 . 2012-08-24 16:57 172544 ----a-w- c:\windows\system32\wintrust.dll
              2013-07-25 23:04 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
              2013-07-25 23:04 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
              2013-07-25 22:59 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
              2013-07-25 22:59 . 2012-12-07 10:46 45568 ----a-w- c:\windows\system32\oflc-nz.rs
              2013-07-25 22:59 . 2012-12-07 10:46 46592 ----a-w- c:\windows\system32\fpb.rs
              2013-07-25 22:59 . 2012-12-07 10:46 40960 ----a-w- c:\windows\system32\cob-au.rs
              2013-07-25 22:59 . 2012-12-07 10:46 30720 ----a-w- c:\windows\system32\usk.rs
              2013-07-25 22:59 . 2012-12-07 10:46 44544 ----a-w- c:\windows\system32\pegibbfc.rs
              2013-07-25 22:59 . 2012-12-07 10:46 15360 ----a-w- c:\windows\system32\djctq.rs
              2013-07-25 22:59 . 2012-12-07 12:20 2576384 ----a-w- c:\windows\system32\gameux.dll
              2013-07-25 22:59 . 2012-12-07 10:46 20480 ----a-w- c:\windows\system32\pegi-pt.rs
              2013-07-25 22:59 . 2012-12-07 10:46 20480 ----a-w- c:\windows\system32\pegi.rs
              2013-07-25 22:59 . 2012-12-07 10:46 21504 ----a-w- c:\windows\system32\grb.rs
              2013-07-25 22:58 . 2012-12-07 12:26 308736 ----a-w- c:\windows\system32\Wpc.dll
              2013-07-25 22:58 . 2012-12-07 10:46 20480 ----a-w- c:\windows\system32\pegi-fi.rs
              2013-07-25 22:58 . 2012-12-07 10:46 51712 ----a-w- c:\windows\system32\esrb.rs
              2013-07-25 22:58 . 2012-12-07 10:46 23552 ----a-w- c:\windows\system32\oflc.rs
              2013-07-25 22:58 . 2012-12-07 10:46 55296 ----a-w- c:\windows\system32\cero.rs
              2013-07-25 22:58 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
              2013-07-25 22:58 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
              2013-07-25 22:58 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
              2013-07-25 22:58 . 2013-04-10 05:03 988672 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
              2013-07-25 22:58 . 2013-04-10 05:03 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
              2013-07-25 22:58 . 2013-04-10 05:04 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
              2013-07-25 22:58 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
              2013-07-25 22:56 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll
              2013-07-25 22:53 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
              2013-07-25 22:53 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll
              2013-07-25 22:53 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
              2013-07-25 21:27 . 2013-07-25 21:28 -------- d-----w- C:\AULOGS
              2013-07-20 19:07 . 2013-07-20 19:07 -------- d-----w- c:\users\Michiel&Lisette\AppData\Roaming\Dofus
              .
              .
              .
              ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              2013-07-24 09:39 . 2012-12-20 06:20 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
              2013-07-24 09:39 . 2011-08-14 07:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
              2013-06-21 11:32 . 2013-06-21 11:32 212600 ----a-w- c:\windows\system32\SBuySupplies.exe
              2013-06-21 11:32 . 2013-01-24 16:43 28672 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\sst6cpc.dll
              2013-05-13 14:30 . 2011-08-06 08:09 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
              .
              .
              ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              .
              *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
              REGEDIT4
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "RtHDVCpl"="RtHDVCpl.exe" [2007-05-11 4452352]
              "Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-10-09 100888]
              "NMSSupport"="c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2007-06-27 439512]
              "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
              "CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-02-20 344064]
              "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
              "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
              "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
              .
              c:\users\Kinderen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
              OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
              "ConsentPromptBehaviorAdmin"= 5 (0x5)
              "ConsentPromptBehaviorUser"= 3 (0x3)
              "EnableUIADesktopToggle"= 0 (0x0)
              .
              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
              @=""
              .
              [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Canon LBP5000 Statusvenster.lnk]
              path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP5000 Statusvenster.lnk
              backup=c:\windows\pss\Canon LBP5000 Statusvenster.lnk.CommonStartup
              backupExtension=.CommonStartup
              .
              [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
              path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
              backup=c:\windows\pss\GamersFirst LIVE!.lnk.CommonStartup
              backupExtension=.CommonStartup
              .
              [HKLM\~\startupfolder\C:^Users^Michiel&Lisette^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
              path=c:\users\Michiel&Lisette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
              backup=c:\windows\pss\Dropbox.lnk.Startup
              backupExtension=.Startup
              HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup
              HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler
              HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
              HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray
              HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
              2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
              2011-11-02 06:51 59240 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
              2013-01-28 12:08 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON]
              2007-06-27 10:18 215256 ----a-w- c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
              2009-05-21 08:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
              2007-11-15 09:24 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
              2007-05-25 06:03 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
              2010-11-20 12:17 144384 ----a-w- c:\windows\ehome\ehtray.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
              2010-07-08 14:11 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Updater]
              2011-09-10 21:05 161336 ----a-w- c:\program files\Google\Google Updater\GoogleUpdater.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
              2013-02-20 11:35 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
              2013-07-06 07:34 4640768 ----a-w- c:\users\Michiel&Lisette\AppData\Roaming\Spotify\spotify.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
              2013-07-06 07:34 1104384 ----a-w- c:\users\Michiel&Lisette\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
              2008-02-20 11:07 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
              "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
              "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
              "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
              "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
              "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
              .
              R3 DHTRACE;Intel(R) DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [2007-06-27 39640]
              R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
              R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-08 30192]
              R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2011-05-10 18432]
              R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
              R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1343400]
              R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
              R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
              S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
              S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2007-02-12 208896]
              S2 NMSCore;Intel(R) NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [2007-06-27 317656]
              S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [2007-02-18 5376]
              S2 QualityManager;Intel(R) Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [2007-06-27 272600]
              S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2012-07-19 5120]
              .
              .
              --- Andere Services/Drivers In Geheugen ---
              .
              *Deregistered* - eeCtrl
              *Deregistered* - EraserUtilRebootDrv
              *Deregistered* - IDSVix86
              *Deregistered* - SymEFA
              *Deregistered* - SymEvent
              *Deregistered* - SYMFW
              *Deregistered* - SYMNDISV
              .
              Inhoud van de 'Gedeelde Taken' map
              .
              2013-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
              - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-20 09:39]
              .
              2013-07-28 c:\windows\Tasks\Google Software Updater.job
              - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-20 09:38]
              .
              2013-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
              - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 15:55]
              .
              2013-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
              - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 15:55]
              .
              .
              ------- Bijkomende Scan -------
              .
              uDefault_Search_URL = hxxp://www.google.com/ie
              uStart Page = https://www.google.nl/
              uInternet Settings,ProxyOverride = *.local
              uSearchAssistant = hxxp://www.google.com/ie
              uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
              IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
              TCP: DhcpNameServer = 212.54.40.25 212.54.35.25
              .
              - - - - ORPHANS VERWIJDERD - - - -
              .
              URLSearchHooks-{22dfbf5b-a7cd-4b25-9471-3dc68c71855f} - (no file)
              WebBrowser-{22DFBF5B-A7CD-4B25-9471-3DC68C71855F} - (no file)
              MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
              MSConfigStartUp-CanonMyPrinter - c:\program files\Canon\MyPrinter\BJMyPrt.exe
              MSConfigStartUp-CanonSolutionMenu - c:\program files\Canon\SolutionMenu\CNSLMAIN.exe
              MSConfigStartUp-cwcptray - c:\program files\ContentWatch\Internet Protection\cwtray.exe
              MSConfigStartUp-HyvesDesktop - c:\progra~1\HYVESD~1\bin\HYVESD~1.EXE
              MSConfigStartUp-mcui_exe - c:\program files\McAfee.com\Agent\mcagent.exe
              MSConfigStartUp-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe
              MSConfigStartUp-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
              MSConfigStartUp-vProt - c:\program files\AVG Secure Search\vprot.exe
              MSConfigStartUp-Yontoo Desktop - c:\users\Michiel&Lisette\AppData\Roaming\Yontoo\YontooDesktop.exe
              .
              .
              .
              --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
              .
              [HKEY_USERS\S-1-5-21-948445446-4051865856-385745016-1002\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC]
              @Denied: (C D) (Everyone)
              .
              [HKEY_USERS\S-1-5-21-948445446-4051865856-385745016-1002\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]
              @Denied: (C D) (Everyone)
              "{A7C4E384-5B1B-45FA-B862-6F23396BA0F3}"=""
              "{BE047CDF-3B53-4CAE-84DC-8797BBF27625}"=""
              "{767F89B3-E158-4F79-996A-461780A26E9A}"=""
              "{A42AFB38-9A2D-4A78-9F21-F9AF8B0738CA}"=""
              "{280AF5AF-C24B-4A13-A03E-041D6FDF6F02}"=""
              "{B33E492B-3FAE-4C7C-B377-AFF546FF421A}"=""
              "{29404E6D-E37D-4C50-A05D-39940492D1E8}"=""
              "{CBCA3203-D983-4B9C-94CC-D4A24E284852}"=""
              "{7E0E7368-1B33-4885-A3F9-0B846C0CE386}"=""
              "{8842D825-9332-4E9C-97B3-6501C5BC2162}"=""
              "{FCD8A1B8-8ECB-450D-B444-4D92670B7CB1}"=""
              "{F6736587-5196-4C34-A07B-F04F86D2D339}"=""
              "{08A3D985-A2BD-4E3C-B33A-64B9E4B00F76}"=""
              "{DE123476-1421-474E-8DB8-488377CDEF2D}"=""
              "{E0FE2128-BCA7-4BB7-8064-FE0DEC548D09}"=""
              "{026A0834-3D32-47AE-A705-CDACA4C3F0F2}"=""
              "{EE980094-8024-4271-BE30-A02DF5D5FDE8}"=""
              "{A87521A5-A7B5-4938-9E22-B08778071311}"=""
              "{48612B9A-D9A2-40D8-9920-4A41B2B0284A}"=""
              "{14D1B39A-310A-4A5A-95B0-65E82949A931}"=""
              "{D5C11E33-5F28-41F0-8D69-BCAB20D29947}"=""
              "{5A5C03B4-D259-488B-A3FA-7C62AF99FE54}"=""
              "{814B423E-3F7D-4B65-B9AF-C1A0DCD2A46E}"=""
              "{9AB7264A-6810-4BB0-9E87-BDDBFA49B469}"=""
              "{85431519-B00B-4373-9295-B0563CBEDEED}"=""
              "{7ACE36F6-0256-4A79-90FD-6D73C5948B08}"=""
              "{53CFCD48-6AE5-4037-94B6-0A8624D2FBA4}"=""
              "{3F083588-52A1-4F4E-A9BE-F3F920CBAFEE}"=""
              "{8F6FB144-088E-4E1A-B509-C55F86EB1465}"=""
              "{693CF3F1-7DD1-449B-ACB6-6E7C5DCD09FD}"=""
              "{FFAA2656-FCE7-4848-934C-3FF959ED2350}"=""
              "{94EC520A-97B3-4F66-A986-0C216B7B8B6C}"=""
              "{68DFDA6F-3CD1-4A6C-B28A-432D6836F1E8}"=""
              "{8E48F3E9-2455-4ACC-8AEA-3C789288EA80}"=""
              "{E7A24A7A-A281-481F-AB04-67E171F98532}"=""
              "{475622CF-804D-48C6-BA7E-814D45B8538E}"=""
              "{ED670494-17E3-49F8-91F3-1BCD1C06D89B}"=""
              "{F9240DAD-A538-4EBD-9927-CB9E57C8F7B0}"=""
              "{B52F74D6-5420-448F-AC0E-032D8E423068}"=""
              "{8DFFC2CD-AB1F-4559-9D16-1A81313DE07D}"=""
              "{75B70F1B-3522-448F-9F0D-099336D5AFBF}"=""
              "{C1AFA19D-2CA2-4103-A0BA-1455F5666342}"=""
              "{87FA7891-EB72-45D6-9749-F34F7A0FC7D4}"=""
              "{5F22DCA1-09BC-4FD3-86A1-AC63AD845D3F}"=""
              "{932D926D-66B5-4045-9ADB-D6118958AE6D}"=""
              "{B5844AC9-11B6-4C85-AD26-18A174D3AC09}"=""
              "{3DD17EBF-1EFE-488A-94FA-B1649C71C52C}"=""
              "{E6C2E4E3-103F-4540-8471-4B55839C768E}"=""
              "{A981DEAB-D5E9-4897-A1E2-EC5B55C3AAA6}"=""
              "{91DBCF18-ED70-4DB0-9087-BF6324E9DCD7}"=""
              "{10A08447-DDF3-41FB-B946-B4EDB6A790C6}"=""
              "{27CB2372-734E-403A-8CB7-0AA7A08486EE}"=""
              "{2F541454-C547-439E-8B65-07284C1A7983}"=""
              "{20DE1ECE-632D-4960-9D88-3B55B1483D6E}"=""
              "{FEB221AE-3E2D-40A8-B3CD-CAE3B19E4FD9}"=""
              "{A496B25E-106A-4BDA-9775-0522CAA95486}"=""
              "{EA8297E9-8704-456F-BB32-7D3B5519B6DA}"=""
              "{E20AF370-CEDD-416C-8135-5AB28A6BA429}"=""
              "{81C74F80-FC36-42E6-AB77-D808897D80B9}"=""
              "{077A3E95-CB37-4123-8E06-BBF1EE966404}"=""
              "{7F2C9E8E-360D-4917-91DD-8D3A7A16A20F}"=""
              "{3D218AE7-4B27-4664-B84F-344396C6C06A}"=""
              "{59798383-9DDF-4B21-8BB8-9D5637A83BE8}"=""
              "{64346E15-0416-490A-8045-A35892D30732}"=""
              "{DB286958-0BB5-4ACD-8171-35C0BD22663A}"=""
              "{60249DC3-AB4B-452B-88AF-7549F43BB0E7}"=""
              "{4DC7AE1D-88F8-41F4-80AF-43A7724E7A9D}"=""
              "{3665EDD9-2E56-47C2-8724-7B396E1A2CC9}"=""
              "{FF5E4EAD-7B96-46B1-9B2A-281214F58FBC}"=""
              "{4A10CFF2-5786-468B-8360-CFED337D73C0}"=""
              "{44EAB254-0AE9-4226-80EE-A01F8BDABBBD}"=""
              "{3BBECB50-1DAD-4908-BB48-D99B5D01310C}"=""
              "{261CA6D9-0018-4C2F-8C62-7D2FE3F265C0}"=""
              "{02358240-E604-405B-85B2-12B93EC36E3C}"=""
              "{6224EBA1-F8E2-4B57-8507-310C55C560EE}"=""
              "{71CD0436-0BBE-4094-A8F8-688D76E2DEA8}"=""
              "{D17AE05C-FEE5-4F9C-AED6-89E174E79F30}"=""
              "{8F69A0A2-6728-4C87-BF2E-F6D864282555}"=""
              "{47843E2F-EFA6-49E3-A716-07ACA804D0AA}"=""
              "{E342AF6E-4EC6-4312-84F0-098A51BB750D}"=""
              "{EE1C5FEF-7D66-4BA6-9855-CF02795394D1}"=""
              "{FC1D549D-327A-4ECB-B7BF-B80FF892731D}"=""
              "{2CAFDAA9-8CA4-4428-A72F-C99E241FC75F}"=""
              "{52338425-A761-48F0-BAB4-AA01750B1932}"=""
              "{A57B0CDD-1B69-40B7-AC64-EB4DB7468522}"=""
              "{5063E80E-2DAC-4214-B821-982172BF513B}"=""
              "{7EF52D1E-E5FA-4498-82DC-034ADD00EB5B}"=""
              "{EAD6A918-3C1B-4739-9A94-F1742FBB22A4}"=""
              "{B1FE2108-BD84-425F-B940-0F2C94FEB929}"=""
              "{5110BD32-34C7-4358-8ADE-A5AB985B1C5B}"=""
              "{DAEEE72B-C5B7-4BB0-A053-9D2EF25B7459}"=""
              "{8E5D05DC-7E26-4507-A65E-0ADD6DDD8D17}"=""
              "{B05EB663-7BF3-4316-9F4F-89E1469E1BB3}"=""
              "{C29A20E8-6E56-40CF-A9E5-84FAD6424FE5}"=""
              "{834960B1-79B0-4866-B072-AADB61100754}"=""
              "{A707CED3-B06D-40C6-AA98-7E862DADBD31}"=""
              "{9C521FC5-7FFD-492D-B7D8-23516625A8EB}"=""
              "{90E5A110-899D-4F67-84E8-2A6D0274FF5B}"=""
              "{53E6E3EA-230F-4551-9D8D-E09DB740DC56}"=""
              "{EE4CC858-51CC-4473-9C4C-1B8EBA5622E4}"=""
              "{B73A9F2A-1845-44B5-8691-8632A2EB7F0B}"=""
              "{A85E1384-2A22-4EA6-BED9-00A28EBE8139}"=""
              "{2ED0AD61-DA95-48C2-A37D-95B7B49C0AA1}"=""
              "{03128B59-8F9E-49CB-BE4C-2AF99D753695}"=""
              "{C4936F69-300F-4DB0-802B-AE2075039761}"=""
              "{1E455F07-D89B-43BC-BD2B-BA4E29611EE5}"=""
              "{30866C8A-C250-4185-98C4-27B97FA6B703}"=""
              "{12FC45EC-B270-4C42-A177-9BB282A93F91}"=""
              "{37B1DC3A-BF65-45F3-A6DD-5110BEE03E35}"=""
              "{D8AB7157-1AEB-426E-9A0F-142141CD82DD}"=""
              "{FD189E93-3529-4485-9214-5F5C706DA7B5}"=""
              "{AB10EA14-B94D-4A27-9F73-DAB5DBA50D42}"=""
              "{6067FAE3-EEB4-4D9F-B77E-8FA3D3BB544C}"=""
              "{D4665967-5255-4DD2-BDE0-51983F67B764}"=""
              "{41217CCF-C96C-4F53-BCB4-CADAD778AA60}"=""
              "{8A3CA349-98A4-4DAA-BF46-F71A7097B96B}"=""
              "{11ABF4EC-D6EA-4D3C-9431-D64605DD8885}"=""
              "{CC4AFF4D-53DA-4D9D-903A-E3776308D610}"=""
              "{0160A943-9D82-49EA-96FD-A5293E70CEC6}"=""
              "{DA16AE4E-76CC-407B-B5BC-F093243B0D5E}"=""
              "{EB345D42-5017-4555-B47B-51DDF0894A54}"=""
              "{6B2F5D6A-C5BB-475F-888C-975136A78F0F}"=""
              "{D3AF5D7F-5149-4D75-9527-F211D9805643}"=""
              "{87A489CD-FE8A-450F-8FFC-BB34272D5052}"=""
              "{21712F20-18C0-45E9-9DA8-3CA467468DC1}"=""
              "{D54C8FE5-E80D-49FF-AE21-6819E87A80B0}"=""
              "{65035489-8756-4F6A-A432-A533B50FDD0D}"=""
              "{80CB2634-9BAE-4BA2-A186-4DD690962530}"=""
              "{9B140EB5-7CA3-439B-A5C5-B03503C1DDFD}"=""
              "{55EE2BA6-5626-437A-B457-98E949223370}"=""
              "{1DF1AB5C-28A6-406E-9B9F-6C6E6EE3897C}"=""
              "{494E0CE7-F085-4866-BDCC-0AC67441BD14}"=""
              "{65D6C99E-3FCE-4F50-9854-A79C4E374332}"=""
              "{640A2337-ADF6-4A8B-98FB-AB351BF46C3E}"=""
              "{7BA4A280-DA21-4B4F-81CB-E15C56E190F5}"=""
              "{E0581EE8-FDE4-4D80-8021-6103CC54FA1C}"=""
              "{150EC3AF-DC1E-4A2C-9FF1-E14099DF965F}"=""
              "{C13CB0B9-F134-45B5-9751-E77B5BCE1F49}"=""
              "{3F1F42D3-3591-4951-B506-2F5778AA37C9}"=""
              "{3B618971-206D-494A-B9BA-6427601AB958}"=""
              "{0B5B700C-324D-417C-B7F6-88049C20287E}"=""
              "{04E3207C-1ADC-4778-9102-64F43B088263}"=""
              "{BFFD6D0C-718D-465F-9916-E59FFF377425}"=""
              "{4D86465F-C009-4BBA-8F55-EA32742C4D9C}"=""
              "{C2101114-CCF9-473B-BB29-B1E038248830}"=""
              "{B85E3CB1-2DCE-498D-BA77-C4E8CC1B2D2A}"=""
              "{172159CF-6798-4F35-8B81-06C77529B8A6}"=""
              "{54BDFD07-862E-4FC5-876D-41CEFAF6B9C0}"=""
              "{ED4A9410-A80D-4D38-96C0-C2B95FA67555}"=""
              "{CFD68F67-7C76-4896-95F0-605A697ADBFB}"=""
              "{80593792-1F14-4172-843E-CF373F6377CA}"=""
              "{84B36AEB-49EA-43E9-987F-015B85666204}"=""
              "{8BA907E8-DBA0-492C-9714-2FE13A10207B}"=""
              "{B6BF6638-C2BD-4601-BBD6-922E252818F7}"=""
              "{307F859C-F243-4AF4-B0EE-8C6CBC7A4C42}"=""
              "{B4E90A55-D398-4D97-B66F-508A423833DF}"=""
              "{E92D41CE-326A-44D3-8387-75861CFCC07B}"=""
              "{76ADAA52-BC7B-4E24-9F18-3936E1143239}"=""
              "{86A525B0-BB29-412A-BA6E-E9A6D72C651D}"=""
              "{976DCEC7-BC88-4B94-BD99-A922759FD993}"=""
              "{C315EA6C-08CF-4B6C-B208-2D8523439843}"=""
              "{52713348-2EE6-4259-AC71-2DA3BAF17FE0}"=""
              "{2F5F1005-F8B1-4D67-A011-A183818555B6}"=""
              "{A77A1D70-C4C7-41C1-8087-7A7259C3C224}"=""
              "{57E72B78-0463-4AB7-8E62-7EE68EA5F1AF}"=""
              "{CDCE18E3-09E3-4A95-B9ED-CD40047D7163}"=""
              "{0F778144-F743-4BFB-AE07-653F8BA0C6C1}"=""
              "{C701A525-2530-484F-B317-A67591E0B3B2}"=""
              "{C4629B61-5B37-4A25-8E46-585C89CB8A0B}"=""
              "{24BC88FF-51A0-448B-B158-9CEEE629BD00}"=""
              "{C39CE823-E881-42ED-9A52-73ADB7F6174A}"=""
              "{F60306B9-00F1-4CB5-AC5C-138B67D0DA8F}"=""
              "{762EB590-DE03-4706-9F62-12EE88F2DE6E}"=""
              "{80B67A3B-4703-4C63-9490-C66D868D3251}"=""
              "{055E174F-B5AB-440B-92D9-B11A23CCC5FC}"=""
              "{E79D9E67-B714-4BE8-BC95-F88DC4F1C78B}"=""
              "{8FDF968B-09FA-479A-9DB3-EDB6B05A56C0}"=""
              "{0E55B694-7DEB-48BB-8728-C4F7943FC3D2}"=""
              "{7C1E06BD-9C16-437D-AAC9-21C5AAE95E63}"=""
              "{D90341B4-5E82-4F02-9AAD-0A3BE50A2A89}"=""
              "{7EF5B3CA-2C7D-4CC5-B711-D66D99AD66C5}"=""
              "{C45F89C6-4A24-4EB1-A092-A8E65E3010F0}"=""
              "{2BEDE777-3EDD-49BE-ADD7-2E1835AF1571}"=""
              "{27FA1F57-C623-4AB7-B557-64E5D3F645AD}"=""
              "{383B7484-9534-4B1F-B08F-81C890478513}"=""
              "{13D58D51-0E09-47BE-A222-18327AF1438D}"=""
              "{1A121BB0-D2CD-47D3-A91B-D517CDB781F7}"=""
              "{88A8BF0C-6DBC-4BF3-8AC7-11A181D734C3}"=""
              "{624761A4-1849-4190-AE32-F07170473A24}"=""
              "{A6E59386-6EC6-4790-A4D9-5175E2216049}"=""
              "{8F251840-7D4E-4B81-BB4E-019708B2ECE2}"=""
              "{4714A2D8-97D4-410F-9016-A63E21575CDE}"=""
              "{E7845004-B934-4E26-9A67-0DE8926341AA}"=""
              "{874C1963-6D79-4508-9E9A-282DDEFA107E}"=""
              "{A5613DBE-90AF-4605-B5B6-BFAD457C712A}"=""
              "{93EF03C6-861F-442C-BFD7-02A477624FC0}"=""
              "{6499DA51-E291-41DB-8FDD-542EC4A252E8}"=""
              "{BE2CB796-1C0F-4D5E-9F09-52234F861204}"=""
              "{7E3BD42F-4165-43FD-9CAC-1463EF12AE9A}"=""
              "{47D4905D-05C1-4F29-B3C6-196ECF00DC3C}"=""
              "{3287DE86-A33B-4DA3-9810-400061F47652}"=""
              "{05D04B1C-17F0-4EC5-8BEE-718EB7E53BC2}"=""
              "{C85DAD76-07DA-4757-B759-161A99A3D082}"=""
              "{D44E7B5E-834A-4D4B-904D-B9CCF5997D3B}"=""
              "{BA586B65-B740-4FDA-A4F7-F2B6D52B0992}"=""
              "{CDD4064C-30AD-4CF9-9B25-539EB7CB1FB7}"=""
              "{798D9722-32BA-485A-B180-83EF06A84EB1}"=""
              "{AEF92259-F422-4412-856D-1C8F05BBDCFA}"=""
              "{61BE1115-6A83-4115-A6CA-AB6602147242}"=""
              "{75D6938E-9BAD-4E89-AF3C-525345FFEBA7}"=""
              "{0FC6E73A-E825-4A7D-BE00-3FE8A878435C}"=""
              "{5D1E83D9-0D95-472A-BCDF-9D635993CEF0}"=""
              "{35993902-941F-4E35-831E-D49ACD4FE66E}"=""
              "{40FDE1BD-BFBE-44C0-BFC6-C60177297FD2}"=""
              "{04434EB8-0206-49E5-9E2B-F579D8AEE489}"=""
              "{ED641C5B-FECF-48E6-B3A9-FC3512B69875}"=""
              "{1A003157-BE12-4CCC-93A6-DABCB886EFA6}"=""
              "{3A88AB61-7881-4A3C-8C55-4DA1BEE9764D}"=""
              "{14D84035-8772-4131-8654-78EA76CC7E79}"=""
              "{163DE300-AA57-4456-8956-B16B690E8E32}"=""
              "{E34997D4-22D9-4362-ACCA-4E8CD176D965}"=""
              "{4B72A7F0-21E4-4C3D-BAEC-397F9052B7A7}"=""
              "{42B95B34-C7BD-4508-954C-A8A8D61E2F39}"=""
              "{371F7551-E1AB-48B1-808B-6415945EDEDA}"=""
              "{671647D9-670C-430D-96B6-33B4A4769F1A}"=""
              "{6C4A5B09-DB3F-4FB5-9DCF-D7EA06E682BC}"=""
              "{96F8D6AD-E646-4823-8B67-5DB99AB6615E}"=""
              "{F6518143-9179-49EC-B321-FDBB0A76BA30}"=""
              "{DE6E91B2-E66E-4BD2-8336-A44222B288BB}"=""
              "{D6FA97BA-5F11-4ABA-92D6-0890E322A3AE}"=""
              "{3F551FE7-6BEB-4547-A6CD-D0112BD1A32F}"=""
              "{8E2BFE18-53D6-48E2-99F0-63F500C08ED1}"=""
              "{96042F1F-CB3F-440E-942A-963E44BE3F86}"=""
              "{8C8CB900-BEE9-4347-95F0-1CB98B905878}"=""
              "{4B5005B5-39CA-4488-B03E-07FC9C2CCCA3}"=""
              "{76F75A68-CF53-4E48-87AC-5A695E65043E}"=""
              "{AC807239-27E3-4C0E-B7E7-7B03CFE1BA0F}"=""
              "{CB655DB5-8990-4036-A779-92D29DAE07C7}"=""
              "{F3F14808-BF8F-48AE-93BA-0AACC73477B5}"=""
              "{43D0968F-268C-4EDB-AAFE-277C82261C98}"=""
              "{6E1D53F2-A12F-409D-B2DD-8C4A6F768DF7}"=""
              "{4DF64318-494F-4635-8758-A87AED6A4C99}"=""
              "{BEF63FDE-D316-4132-A4FC-B55A690ACC76}"=""
              "{F8110BDC-75BA-4D11-953C-F48FD8109D83}"=""
              "{1D8A8230-2346-4200-9B61-1109BF0AB52E}"=""
              "{BF0F87E8-E013-4E33-8AA3-145CFB640FAE}"=""
              "{41E67F0D-DC22-4FE7-907B-E29442A230C5}"=""
              "{09B2739A-2888-414C-B00E-E7517EBB1773}"=""
              "{D48C3CA2-D53B-41FD-B6BC-4079EA0F774B}"=""
              "{21E2DC97-C347-42C6-9AEB-ED6D61CA46B4}"=""
              "{78300BE5-5F2C-49AC-8015-E7E52D8FCE16}"=""
              "{DEA7DDB5-867F-4815-9A18-A1A19AFC700C}"=""
              "{72E31AA0-0771-492F-BB1E-8D89EF27C77D}"=""
              "{31D6C8C8-3820-499A-B8D8-A1BD8FD757E4}"=""
              "{0934A0D2-1F57-4562-B46C-483D9D4E0950}"=""
              "{3ADEF6A6-046A-4C93-8A63-5CF8429FD100}"=""
              "{DC421756-36EA-41AD-A640-7AF64538A9F6}"=""
              "{82D2F2D9-C188-4038-B7B0-34541B1ED8EE}"=""
              "{8C31FCB3-10D7-42C0-B893-5A2162764FE5}"=""
              "{EC9F4317-1D39-49CF-8B29-CD20875886F3}"=""
              "{42F7BE18-78CE-4C60-8158-B274D1D448CE}"=""
              "{984C61B8-ED6F-43BD-9116-8EF2ACD8FE09}"=""
              "{29839395-1BB9-49B6-9448-2418F3355C07}"=""
              "{0FAC16D7-EE13-4A2A-B767-6E72DA49178C}"=""
              "{B538C369-AE8D-405D-AC56-C23D3E94CEA4}"=""
              "{3FBA0F7B-73E9-4C6E-9C3D-360212C6BA04}"=""
              "{B2AD421C-906B-450B-B293-FBA6DA71EA67}"=""
              "{2582C52F-E380-47E5-9609-DAE0FAF78479}"=""
              "{6DA901F0-0135-48E2-B58A-4EA5528EE17A}"=""
              "{DBE689F6-35D4-4240-9482-701316E410EC}"=""
              "{85E9550E-D501-498D-A7A1-7403E364B40F}"=""
              "{A9DFDE8D-D23B-4C51-8AA6-77AB46842330}"=""
              "{0E61985F-3C0B-49D9-8EC6-04A0F638C392}"=""
              "{96F4F1C0-3C79-4357-9420-F584C3E2593A}"=""
              "{96446F60-4AD7-4CB1-A36B-4CD8C8851030}"=""
              "{920D34C3-4CB8-4A82-9359-CE4160552E42}"=""
              "{A8272709-8439-44DB-9EFE-DE39ABCC8A78}"=""
              "{23FFAC93-A243-499F-B539-C3302CBC9223}"=""
              "{21FCE75C-C92F-46C2-9741-979069AD1120}"=""
              "{0F2CB431-807A-4DE4-9F88-E991FFCB6E04}"=""
              "{5D29DEFE-AEA0-452C-BE51-1574AE9D8AEC}"=""
              "{6FE68738-95AE-47E6-B905-C1D6F90BFB70}"=""
              "{AFCF7524-9EC0-4A75-8C17-BF93F1169189}"=""
              "{AC31AD53-B321-4B32-A42D-3673F123EB6E}"=""
              "{7F8F1E44-CA77-48A7-A677-9DD4EE2BE059}"=""
              "{66147B6C-3F3B-47DE-B385-D888090061C9}"=""
              "{8D9D29FB-5A7F-4246-8445-AF994CBBE680}"=""
              "{B97C93B1-69B5-48A6-A93C-5A5E86E7EB3A}"=""
              "{17CB1C57-B8B3-4762-B12A-8DBAB5C41D69}"=""
              "{53F263E5-4933-4365-8003-42F846F50DD4}"=""
              "{D813398E-CED6-4B42-9B3E-4BE7D30341EB}"=""
              "{C2BE2EA7-DEAC-4084-B636-AAD876625054}"=""
              "{6CF52986-7C96-42E7-8FA4-EBBDE06CE51C}"=""
              "{E7B577BA-3D0F-482F-A533-8D74ABB64494}"=""
              "{CE32E446-AE57-4C74-A98B-F85897C57F5E}"=""
              "{5ED53F12-8716-430A-9F10-03CD5034659A}"=""
              "{A5FDFD10-399A-473A-B8FA-07776CC81DA2}"=""
              .
              [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
              @Denied: (Full) (Everyone)
              .
              ------------------------ Andere Aktieve Processen ------------------------
              .
              c:\windows\system32\atieclxx.exe
              c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
              c:\program files\Intel\IntelDH\CCU\AlertService.exe
              c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
              c:\program files\Bonjour\mDNSResponder.exe
              c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
              c:\program files\Dell Support Center\bin\sprtsvc.exe
              c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
              c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
              c:\windows\system32\taskhost.exe
              c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
              c:\windows\System32\WUDFHost.exe
              c:\windows\system32\conhost.exe
              c:\windows\System32\rundll32.exe
              c:\windows\RtHDVCpl.exe
              c:\program files\iPod\bin\iPodService.exe
              c:\program files\Windows Media Player\wmpnetwk.exe
              c:\windows\system32\sppsvc.exe
              .
              **************************************************************************
              .
              Voltooingstijd: 2013-07-28 19:25:34 - machine werd herstart
              ComboFix-quarantined-files.txt 2013-07-28 17:25
              .
              Pre-Run: 68.459.147.264 bytes beschikbaar
              Post-Run: 68.229.398.528 bytes beschikbaar
              .
              - - End Of File - - 873A3EAC4EB206E219B8EA7B7E3FCBE7
              A36C5E4F47E84449FF07ED3517B43A31

              Comment


              • #8
                Mooi, en hoe staat het met de problemen?

                Windows 10 opstarten in Veilige Modus

                Comment


                • #9
                  Het ziet er vooralsnog goed uit volgens mij. Windows firewall kan ik gewoon weer fatsoenlijk instellen. Zou zo 123 niet weten waar ik nog meer eventuele problemen zou kunnen vinden.. Jij misschien?

                  Verder nog taken voor me? Ik volg ze graag op

                  Mijn dank is iig nu al groot!

                  Comment


                  • #10
                    Download Delfix by Xplode naar het bureaublad.

                    Dubbelklik op Delfix.exe om de tool te starten.
                    Zet nu vinkjes voor de volgende items:
                    • Activate UAC
                    • Remove disinfection tools
                    • Create registry backup
                    • Purge System Restore
                    • Reset system settings

                    Klik nu op "Run" en wacht geduldig tot de tool gereed is.
                    Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

                    Windows 10 opstarten in Veilige Modus

                    Comment


                    • #11
                      Tiptop, dan beschouw ik de problemen vanaf nu als verleden tijd.

                      Mijn dank is enorm!

                      Wees gegroet.

                      Comment


                      • #12
                        Graag gedaan hoor.

                        Windows 10 opstarten in Veilige Modus

                        Comment

                        Sorry, you are not authorized to view this page
                        Working...
                        X