Problemen met internet

[kape]

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Firefox::

FF - ProfilePath - c:\users\* Naam\AppData\Roaming\Mozilla\Firefox\Profiles\91r9p4a5.default\

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

FF - Ext: BittorrentBar_NL Community Toolbar: {2d8d9acc-f6d7-4362-8876-a275ca929591} - %profile%\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591}

FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - %profile%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

[pietjenl]

Hier het nieuwe logje. Problemen zijn er nog helaas;

ComboFix 12-05-04.03 - * 04-05-2012 22:40:03.3.4 - x64

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.6005.4722 [GMT 2:00]

Gestart vanuit: c:\users\*\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\*\Desktop\CFScript.txt

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome.manifest

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.js

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.xul

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\install.rdf

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome.manifest

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.js

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.xul

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext\ffjcext.dtd

c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\install.rdf

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-04-04 to 2012-05-04 ))))))))))))))))))))))))))))))

.

.

2012-05-04 20:46 . 2012-05-04 20:46 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{030BB39C-BF8A-4EDF-A8A4-46AC2800AFAD}\offreg.dll

2012-05-04 20:45 . 2012-05-04 20:45 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-05-04 20:45 . 2012-05-04 20:45 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-04 07:36 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{030BB39C-BF8A-4EDF-A8A4-46AC2800AFAD}\mpengine.dll

2012-04-30 13:59 . 2012-04-30 13:59 -------- d-----w- c:\program files (x86)\Fast Image Resizer

2012-04-22 19:09 . 2012-04-22 19:09 388096 ----a-r- c:\users\*\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-04-22 19:09 . 2012-04-22 19:09 -------- d-----w- c:\program files (x86)\Trend Micro

2012-04-16 17:34 . 2012-04-16 17:34 -------- d-----w- c:\windows\SysWow64\Dell

2012-04-16 17:00 . 2012-04-18 15:01 -------- d-----w- c:\program files\Dell Support Center

2012-04-16 16:56 . 2012-04-16 16:57 -------- d-----w- c:\users\*\AppData\Roaming\PCDr

2012-04-13 20:15 . 2012-04-13 20:15 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-04-13 20:14 . 2012-04-13 20:14 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-04-13 20:14 . 2012-04-13 20:14 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-04-07 21:58 . 2012-04-07 21:58 -------- d-----w- c:\program files\Microsoft Silverlight

2012-04-07 21:58 . 2012-04-07 21:58 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-13 20:15 . 2011-08-28 12:51 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-04-13 08:46 . 2012-04-01 19:15 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-04-04 13:56 . 2012-03-30 15:21 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-31 19:01 . 2012-03-31 19:02 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AD5BC8D-9C43-4853-86D7-C92B2F1C63F0}\gapaengine.dll

2012-03-20 01:51 . 2012-03-30 17:33 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD7ACF03-2F53-4B8C-BD37-37BF5A178A06}\mpengine.dll

2012-02-15 06:27 . 2012-03-31 09:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-02-15 05:44 . 2012-03-31 09:38 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-02-15 04:47 . 2012-03-31 09:38 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-02-15 04:46 . 2012-03-31 09:38 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-02-10 06:18 . 2012-03-31 09:39 1541120 ----a-w- c:\windows\system32\DWrite.dll

2012-02-10 06:17 . 2012-03-31 09:39 1837568 ----a-w- c:\windows\system32\d3d10warp.dll

2012-02-10 06:17 . 2012-03-31 09:39 902656 ----a-w- c:\windows\system32\d2d1.dll

2012-02-10 06:17 . 2012-03-31 09:39 320512 ----a-w- c:\windows\system32\d3d10_1core.dll

2012-02-10 06:17 . 2012-03-31 09:39 197120 ----a-w- c:\windows\system32\d3d10_1.dll

2012-02-10 05:41 . 2012-03-31 09:39 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-02-10 05:41 . 2012-03-31 09:39 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll

2012-02-10 05:41 . 2012-03-31 09:39 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2012-02-10 05:41 . 2012-03-31 09:39 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll

2012-02-10 05:41 . 2012-03-31 09:39 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

.

.

((((((((((((((((((((((((((((( SnapShot_2012-05-04_07.29.22 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-07-21 09:21 . 2012-05-04 20:48 60666 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-05-04 10:55 35230 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2010-07-21 09:21 . 2012-05-04 10:55 20738 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2019682446-1621871602-3416362686-1000_UserData.bin

- 2010-07-21 09:21 . 2012-05-04 06:59 20738 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2019682446-1621871602-3416362686-1000_UserData.bin

+ 2010-07-29 19:27 . 2012-05-04 20:47 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-07-29 19:27 . 2012-05-04 07:30 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-07-29 19:27 . 2012-05-04 07:30 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-07-29 19:27 . 2012-05-04 20:47 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-07-29 19:27 . 2012-05-04 20:47 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2010-07-29 19:27 . 2012-05-04 07:30 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2010-07-21 07:59 . 2012-05-04 07:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-07-21 07:59 . 2012-05-04 20:47 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-07-21 07:59 . 2012-05-04 07:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-07-21 07:59 . 2012-05-04 20:47 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2012-05-04 07:28 . 2012-05-04 07:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-05-04 20:46 . 2012-05-04 20:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-05-04 20:46 . 2012-05-04 20:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-05-04 07:28 . 2012-05-04 07:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 05:01 . 2012-05-04 07:28 450776 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-05-04 20:45 450776 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2010-07-21 09:27 . 2012-05-03 16:18 1242944 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2010-07-21 09:27 . 2012-05-04 20:45 1242944 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2009-07-14 02:34 . 2012-05-03 20:42 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat

+ 2009-07-14 02:34 . 2012-05-04 11:07 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2011-02-07 4772720]

"AdobeUpdater"="c:\program files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2010-09-01 2356088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-17 98304]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-09-18 560128]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 0251691327433211mcinstcleanup;McAfee Application Installer Cleanup (0251691327433211);c:\users\ROELRI~1\AppData\Local\Temp\025169~1.EXE [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-07 136176]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 253088]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-07 136176]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-04-10 25072]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-02 89600]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-03-04 658656]

S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-17 2358656]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]

S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]

2009-07-14 01:14 301568 ----a-w- c:\windows\System32\cmd.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 20:15]

.

2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-07 04:36]

.

2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-07 04:36]

.

2012-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2019682446-1621871602-3416362686-1000Core.job

- c:\users\*\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-27 18:43]

.

2012-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2019682446-1621871602-3416362686-1000UA.job

- c:\users\*\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-27 18:43]

.

2012-05-04 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]

.

2012-05-04 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-20 487424]

"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.nl/

mLocal Page = c:\windows\SysWOW64\blank.htm

Trusted Zone: google.com\accounts

Trusted Zone: google.com\www

TCP: DhcpNameServer = 192.168.0.1

DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab

DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://193.173.14.170/activex/AMC.cab

FF - ProfilePath - c:\users\*\AppData\Roaming\Mozilla\Firefox\Profiles\91r9p4a5.default\

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

FF - Ext: BittorrentBar_NL Community Toolbar: {2d8d9acc-f6d7-4362-8876-a275ca929591} - %profile%\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591}

FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - %profile%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}

FF - Ext: SwitchProxy Tool: {27A2FD41-CB23-4518-AB5C-C25BAFFDE531} - %profile%\extensions\{27A2FD41-CB23-4518-AB5C-C25BAFFDE531}

FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung

FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

BHO-{3706EE7C-3CAD-445D-8A43-03EBC3B75908} - (no file)

BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Bonjour\mDNSResponder.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\windows\system32\DRIVERS\o2flash.exe

c:\program files (x86)\TeamViewer\Version6\TeamViewer.exe

.

**************************************************************************

.

Voltooingstijd: 2012-05-04 22:51:37 - machine werd herstart

ComboFix-quarantined-files.txt 2012-05-04 20:51

ComboFix2.txt 2012-05-04 07:34

ComboFix3.txt 2012-01-24 19:58

.

Pre-Run: 308.195.725.312 bytes beschikbaar

Post-Run: 308.128.722.944 bytes beschikbaar

.

- - End Of File - - DE82E7CA88F790DBC1F671DD2A67EA8D

[kape]

Slechts een deel van de opdracht is gelukt. Wil je dit deel nog eens herhalen :

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Firefox::

FF - ProfilePath - c:\users\* Naam\AppData\Roaming\Mozilla\Firefox\Profiles\91r9p4a5.default\

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

FF - Ext: BittorrentBar_NL Community Toolbar: {2d8d9acc-f6d7-4362-8876-a275ca929591} - %profile%\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591}

FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - %profile%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

[pietjenl]

Slechts een deel van de opdracht is gelukt. Wil je dit deel nog eens herhalen :

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Firefox::

FF - ProfilePath - c:\users\* Naam\AppData\Roaming\Mozilla\Firefox\Profiles\91r9p4a5.default\

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

FF - Ext: BittorrentBar_NL Community Toolbar: {2d8d9acc-f6d7-4362-8876-a275ca929591} - %profile%\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591}

FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - %profile%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

ComboFix 12-05-05.05 - * 05-05-2012 10:11:45.4.4 - x64

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.6005.4414 [GMT 2:00]

Gestart vanuit: c:\users\*\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\*\Desktop\CFScript.txt

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png

c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf

c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\preview.png

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-04-05 to 2012-05-05 ))))))))))))))))))))))))))))))

.

.

2012-05-05 08:20 . 2012-05-05 08:20 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45187897-00FB-4D4A-8865-0D66CA23A975}\offreg.dll

2012-05-05 08:19 . 2012-05-05 08:19 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-05-05 08:19 . 2012-05-05 08:19 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-04 21:22 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45187897-00FB-4D4A-8865-0D66CA23A975}\mpengine.dll

2012-04-30 13:59 . 2012-04-30 13:59 -------- d-----w- c:\program files (x86)\Fast Image Resizer

2012-04-22 19:09 . 2012-04-22 19:09 388096 ----a-r- c:\users\*\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-04-22 19:09 . 2012-04-22 19:09 -------- d-----w- c:\program files (x86)\Trend Micro

2012-04-16 17:34 . 2012-04-16 17:34 -------- d-----w- c:\windows\SysWow64\Dell

2012-04-16 17:00 . 2012-04-18 15:01 -------- d-----w- c:\program files\Dell Support Center

2012-04-16 16:56 . 2012-04-16 16:57 -------- d-----w- c:\users\*\AppData\Roaming\PCDr

2012-04-13 20:15 . 2012-04-13 20:15 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-04-13 20:14 . 2012-04-13 20:14 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-04-13 20:14 . 2012-04-13 20:14 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-04-07 21:58 . 2012-04-07 21:58 -------- d-----w- c:\program files\Microsoft Silverlight

2012-04-07 21:58 . 2012-04-07 21:58 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-13 20:15 . 2011-08-28 12:51 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-04-13 08:46 . 2012-04-01 19:15 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-04-04 13:56 . 2012-03-30 15:21 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-31 19:01 . 2012-03-31 19:02 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AD5BC8D-9C43-4853-86D7-C92B2F1C63F0}\gapaengine.dll

2012-03-20 01:51 . 2012-03-30 17:33 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD7ACF03-2F53-4B8C-BD37-37BF5A178A06}\mpengine.dll

2012-02-15 06:27 . 2012-03-31 09:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-02-15 05:44 . 2012-03-31 09:38 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-02-15 04:47 . 2012-03-31 09:38 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-02-15 04:46 . 2012-03-31 09:38 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-02-10 06:18 . 2012-03-31 09:39 1541120 ----a-w- c:\windows\system32\DWrite.dll

2012-02-10 06:17 . 2012-03-31 09:39 1837568 ----a-w- c:\windows\system32\d3d10warp.dll

2012-02-10 06:17 . 2012-03-31 09:39 902656 ----a-w- c:\windows\system32\d2d1.dll

2012-02-10 06:17 . 2012-03-31 09:39 320512 ----a-w- c:\windows\system32\d3d10_1core.dll

2012-02-10 06:17 . 2012-03-31 09:39 197120 ----a-w- c:\windows\system32\d3d10_1.dll

2012-02-10 05:41 . 2012-03-31 09:39 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-02-10 05:41 . 2012-03-31 09:39 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll

2012-02-10 05:41 . 2012-03-31 09:39 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2012-02-10 05:41 . 2012-03-31 09:39 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll

2012-02-10 05:41 . 2012-03-31 09:39 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

.

.

((((((((((((((((((((((((((((( SnapShot_2012-05-04_07.29.22 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-07-21 09:21 . 2012-05-05 03:47 60666 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-05-05 03:47 35230 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

- 2010-07-21 09:21 . 2012-05-04 06:59 20738 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2019682446-1621871602-3416362686-1000_UserData.bin

+ 2010-07-21 09:21 . 2012-05-05 03:47 20738 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2019682446-1621871602-3416362686-1000_UserData.bin

+ 2010-07-21 07:39 . 2012-05-04 20:56 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-07-21 07:39 . 2012-05-01 16:09 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-07-21 07:39 . 2012-05-01 16:09 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-07-21 07:39 . 2012-05-04 20:56 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-05-01 16:09 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-05-04 20:56 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-07-29 19:27 . 2012-05-05 08:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-07-29 19:27 . 2012-05-04 07:30 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-07-29 19:27 . 2012-05-05 08:21 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-07-29 19:27 . 2012-05-04 07:30 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-07-29 19:27 . 2012-05-05 08:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2010-07-29 19:27 . 2012-05-04 07:30 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-07-21 07:59 . 2012-05-05 08:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-07-21 07:59 . 2012-05-04 07:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-07-21 07:59 . 2012-05-04 07:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-07-21 07:59 . 2012-05-05 08:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-05-05 08:20 . 2012-05-05 08:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-05-04 07:28 . 2012-05-04 07:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-05-05 08:20 . 2012-05-05 08:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-05-04 07:28 . 2012-05-04 07:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2010-08-22 09:00 . 2012-05-05 07:40 312422 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

- 2010-08-22 09:00 . 2012-05-02 07:00 312422 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

- 2009-07-14 05:01 . 2012-05-04 07:28 450776 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-05-05 08:19 450776 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2010-07-21 09:27 . 2012-05-03 16:18 1242944 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2010-07-21 09:27 . 2012-05-04 20:45 1242944 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2009-07-14 02:34 . 2012-05-03 20:42 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat

+ 2009-07-14 02:34 . 2012-05-05 08:14 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2011-02-07 4772720]

"AdobeUpdater"="c:\program files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2010-09-01 2356088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-17 98304]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-09-18 560128]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 0251691327433211mcinstcleanup;McAfee Application Installer Cleanup (0251691327433211);c:\users\ROELRI~1\AppData\Local\Temp\025169~1.EXE [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-07 136176]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 253088]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-07 136176]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-04-10 25072]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-02 89600]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-03-04 658656]

S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-17 2358656]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]

S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]

2009-07-14 01:14 301568 ----a-w- c:\windows\System32\cmd.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-05-05 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 20:15]

.

2012-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-07 04:36]

.

2012-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-07 04:36]

.

2012-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2019682446-1621871602-3416362686-1000Core.job

- c:\users\*\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-27 18:43]

.

2012-05-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2019682446-1621871602-3416362686-1000UA.job

- c:\users\*\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-27 18:43]

.

2012-05-04 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]

.

2012-05-04 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-20 487424]

"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.nl/

mLocal Page = c:\windows\SysWOW64\blank.htm

Trusted Zone: google.com\accounts

Trusted Zone: google.com\www

TCP: DhcpNameServer = 192.168.0.1

DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab

DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://193.173.14.170/activex/AMC.cab

FF - ProfilePath - c:\users\*\AppData\Roaming\Mozilla\Firefox\Profiles\91r9p4a5.default\

FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

FF - Ext: BittorrentBar_NL Community Toolbar: {2d8d9acc-f6d7-4362-8876-a275ca929591} - %profile%\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591}

FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - %profile%\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}

FF - Ext: SwitchProxy Tool: {27A2FD41-CB23-4518-AB5C-C25BAFFDE531} - %profile%\extensions\{27A2FD41-CB23-4518-AB5C-C25BAFFDE531}

FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung

FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

BHO-{3706EE7C-3CAD-445D-8A43-03EBC3B75908} - (no file)

BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Bonjour\mDNSResponder.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\windows\system32\DRIVERS\o2flash.exe

c:\program files (x86)\TeamViewer\Version6\TeamViewer.exe

.

**************************************************************************

.

Voltooingstijd: 2012-05-05 10:25:31 - machine werd herstart

ComboFix-quarantined-files.txt 2012-05-05 08:25

ComboFix2.txt 2012-05-04 20:51

ComboFix3.txt 2012-05-04 07:34

ComboFix4.txt 2012-01-24 19:58

.

Pre-Run: 307.238.879.232 bytes beschikbaar

Post-Run: 307.166.535.680 bytes beschikbaar

.

- - End Of File - - AFB71BBDA897AC12D3FDAD6C4FB2CFEC

[kape]

Ga in Firefox via Extra en AddOns naar Extensies en verwijder daar volgende extensies :

Conduit Engine

BittorrentBar_NL Community Toolbar

BetterPrivacy

... en bekijk dan eens of dit resultaat geeft ?

[pietjenl]

Ga in Firefox via Extra en AddOns naar Extensies en verwijder daar volgende extensies :

Conduit Engine

BittorrentBar_NL Community Toolbar

BetterPrivacy

... en bekijk dan eens of dit resultaat geeft ?

Helaas nog hetzelfde probleem. Al is alles wel sneller nu! Wat ik nog steeds heb; afbeeldingen worden niet weergegeven op veel sites en google maps werkt niet....

Nog enig idee?

[ledar]

Waar is service pack 1 van win7, en IE9,

De Teamviewer 6 werkt toch niet meer als je die wil gebruiken, de 7 is al een tijdje uit.

mvg ledar

[kweezie wabbit]

Je hebt het service pack 1 voor windows 7 nog niet geinstalleerd.

Is daar een speciale reden voor?

Doe je regelmatig de windows updates?

Je kan het Service Pack 1 downloaden op deze pagina.

Klik op doorgaan en volg de instructies.

Je moet het bestand windows6.1-KB976932-X64.exe nemen.

Na de download dubbelklikken op het bestand om de installatie te starten.

Internet Explorer 9 kan je hier downloaden.

[pietjenl]

Ik heb IE 9 verwijderd omdat ik het idee had dat de problemen na de installatie daarvan juist begonnen. Ik zal hem installeren en ook de service pack binnenhalen.

Ik heb nog steeds de problemen dat sommige pagina's niet of slecht laden. Net viel me op dat als ik CMD > ipconfig /renew doe het weer een tijdje goed gaat?

[stegisoft]

Ga naar netwerkcentrum

Klik op draadloze netwerk beheren.

Ziet je daar meerdere router of draadloos punt?