Ga naar inhoud

Firefox crasht


ricardo425

Aanbevolen berichten

ComboFix 12-08-18.03 - Richard 20/08/2012 8:30.6.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4061.2654 [GMT 2:00]

Gestart vanuit: c:\users\Richard\Downloads\ComboFix.exe

AV: McAfee Antivirus en antispyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Antivirus en antispyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Aanwezig AV is actief

.

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-20 to 2012-08-20 ))))))))))))))))))))))))))))))

.

.

2012-08-20 06:38 . 2012-08-20 06:38 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-08-20 06:38 . 2012-08-20 06:38 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-20 06:38 . 2012-08-20 06:38 -------- d-----w- c:\users\AppData\AppData\Local\temp

2012-08-16 01:03 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys

2012-08-15 23:21 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll

2012-08-15 23:21 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll

2012-08-15 23:21 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll

2012-08-15 23:21 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe

2012-08-15 23:21 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe

2012-08-15 23:21 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll

2012-08-15 23:21 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll

2012-08-15 23:21 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll

2012-08-15 23:21 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll

2012-08-15 23:21 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll

2012-08-15 23:21 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-08-15 23:21 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll

2012-08-15 11:07 . 2012-08-15 11:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-08-13 11:56 . 2012-06-15 10:04 73096 ----a-w- c:\windows\system32\drivers\McPvDrv.sys

2012-08-13 11:56 . 2012-04-20 14:40 196440 ----a-w- c:\windows\system32\drivers\HipShieldK.sys

2012-08-02 16:01 . 2012-08-02 16:02 -------- d-----w- c:\program files (x86)\1ClickDownload

2012-07-30 21:52 . 2012-07-30 21:52 103904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll

2012-07-30 21:52 . 2012-07-30 21:52 103904 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll

2012-07-28 09:21 . 2012-08-01 08:18 -------- d-----w- c:\program files (x86)\Vuze_Remote

2012-07-24 19:12 . 2012-07-28 11:13 -------- d-----w- c:\users\Richard\AppData\Roaming\Skype

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-16 01:00 . 2010-06-15 18:51 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-08-15 13:00 . 2012-04-03 07:57 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-15 13:00 . 2011-05-17 07:06 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-16 08:08 . 2012-07-16 08:08 476976 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2012-07-16 08:08 . 2010-06-14 14:07 472880 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-07-12 15:13 . 2012-06-22 16:23 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll

2012-07-03 11:46 . 2011-07-30 21:01 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-02 12:53 . 2012-07-02 12:53 955840 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-07-02 12:53 . 2012-07-02 12:53 839096 ----a-w- c:\windows\system32\deployJava1.dll

2012-07-02 12:53 . 2010-06-07 10:24 268720 ----a-w- c:\windows\system32\javaws.exe

2012-07-02 12:53 . 2010-06-07 10:24 189360 ----a-w- c:\windows\system32\javaw.exe

2012-07-02 12:53 . 2010-06-07 10:24 188840 ----a-w- c:\windows\system32\java.exe

2012-06-22 05:40 . 2012-07-02 13:58 69672 ----a-w- c:\windows\system32\drivers\cfwids.sys

2012-06-22 05:38 . 2012-07-02 13:58 335784 ----a-w- c:\windows\system32\drivers\mfewfpk.sys

2012-06-22 05:38 . 2011-03-13 15:45 177144 ----a-w- c:\windows\system32\mfevtps.exe

2012-06-22 05:37 . 2012-07-02 13:58 10288 ----a-w- c:\windows\system32\drivers\mfeclnk.sys

2012-06-22 05:36 . 2012-07-02 13:58 106112 ----a-w- c:\windows\system32\drivers\mferkdet.sys

2012-06-22 05:36 . 2012-07-02 13:58 752672 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2012-06-22 05:35 . 2012-07-02 13:58 513456 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2012-06-22 05:34 . 2012-07-02 13:58 300392 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2012-06-22 05:34 . 2012-07-02 13:58 169320 ----a-w- c:\windows\system32\drivers\mfeapfk.sys

2012-06-18 01:12 . 2012-07-02 13:39 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D3CBD17-77DC-4355-AB6B-8CC6A96DE9C9}\mpengine.dll

2012-06-09 05:43 . 2012-07-11 12:26 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX

2012-06-06 06:06 . 2012-07-11 12:26 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-11 12:26 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-11 12:26 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-11 12:26 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-11 12:26 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-11 12:26 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-07-02 13:56 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-07-02 13:56 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-07-02 13:56 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-07-02 13:56 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-07-02 13:56 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-07-02 13:56 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-07-02 13:56 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-07-02 13:56 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:15 . 2012-07-02 13:56 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 05:50 . 2012-07-11 12:26 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-11 12:26 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:48 . 2012-07-11 12:26 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:45 . 2012-07-11 12:26 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-11 12:26 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-11 12:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-11 12:26 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-11 12:26 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-11 12:26 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-16_20.29.30 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-06-07 10:43 . 2012-08-20 05:50 64950 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

- 2009-07-14 05:10 . 2012-08-15 11:23 40722 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-08-20 05:50 40722 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2010-06-14 13:48 . 2012-08-20 05:50 20614 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-810726386-2924154629-2946816220-1000_UserData.bin

+ 2010-06-14 12:46 . 2012-08-20 05:48 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-06-14 12:46 . 2012-08-16 20:06 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-06-14 12:46 . 2012-08-20 05:48 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-06-14 12:46 . 2012-08-16 20:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-08-20 05:48 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-08-16 20:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:46 . 2012-08-17 06:30 93680 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

- 2012-08-16 20:29 . 2012-08-16 20:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-20 06:39 . 2012-08-20 06:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-20 06:39 . 2012-08-20 06:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-08-16 20:29 . 2012-08-16 20:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-14 05:01 . 2012-08-20 06:38 414460 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2012-08-16 20:28 414460 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-06-15 18:53 . 2012-08-19 20:58 2614144 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2010-06-15 18:53 . 2012-08-16 20:28 2614144 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2011-05-22 19:19 . 2012-08-20 06:39 47254764 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-810726386-2924154629-2946816220-1000-12288.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]

"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]

"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-02-22 1226024]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-06-21 1527896]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]

R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-06-22 106112]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-20 113120]

R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2008-10-24 43008]

R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064]

R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2008-10-24 43008]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-04-19 50688]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2012-06-15 73096]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-06-22 335784]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728]

S2 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-06-22 218320]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-06-22 177144]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]

S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-06-22 69672]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 138752]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-06-22 513456]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-19 239616]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - mfeavfk01

.

Inhoud van de 'Gedeelde Taken' map

.

2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 13:00]

.

2012-08-13 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-03-28 23:04]

.

2012-08-20 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-03-28 23:04]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-21 8306208]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: Free YouTube Download - c:\users\Richard\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

IE: Free YouTube to MP3 Converter - c:\users\Richard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 195.130.131.130 195.130.130.2

FF - ProfilePath - c:\users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}"=hex:51,66,7a,6c,4c,1d,38,12,26,bd,a8,

0a,e6,f4,22,0e,f1,4c,12,2a,bb,94,a4,70

"{D28C7E56-2CC6-415C-8727-D71334085926}"=hex:51,66,7a,6c,4c,1d,38,12,38,7d,9f,

d6,f4,62,32,04,f8,31,94,53,31,56,1d,32

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{1D970ED5-3EDA-438D-BFFD-715931E2775B}"=hex:51,66,7a,6c,4c,1d,38,12,bb,0d,84,

19,e8,70,e3,06,c0,eb,32,19,34,bc,33,4f

"{7DB2D5A0-7241-4E79-B68D-6309F01C5231}"=hex:51,66,7a,6c,4c,1d,38,12,ce,d6,a1,

79,73,3c,17,0b,c9,9b,20,49,f5,42,16,25

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,

9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d

"{B164E929-A1B6-4A06-B104-2CD0E90A88FF}"=hex:51,66,7a,6c,4c,1d,38,12,47,ea,77,

b5,84,ef,68,0f,ce,12,6f,90,ec,54,cc,eb

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,08,ee,58,

1a,82,e9,65,3d,9d,e9,17,af,a2,b0,e5,ab

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:0e,c0,4f,bc,ae,76,cc,01

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b0,18,5b,0c,ad,bf,76,4d,ba,25,1d,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b0,18,5b,0c,ad,bf,76,4d,ba,25,1d,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Bonjour\mDNSResponder.exe

c:\windows\SysWOW64\rundll32.exe

c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

.

**************************************************************************

.

Voltooingstijd: 2012-08-20 08:45:03 - machine werd herstart

ComboFix-quarantined-files.txt 2012-08-20 06:45

ComboFix2.txt 2012-08-16 20:34

ComboFix3.txt 2012-08-01 12:34

.

Pre-Run: 428.112.297.984 bytes beschikbaar

Post-Run: 427.502.342.144 bytes beschikbaar

.

- - End Of File - - 68885C677A4566A06E244D2596FD9C87

Link naar reactie
Delen op andere sites

  • Reacties 28
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Geen probleem; familie gaat altijd voor.

Open een nieuw kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\program files (x86)\1ClickDownload

Sla dit bestand op je bureaublad op als CFScript

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht

Link naar reactie
Delen op andere sites

ComboFix 12-08-21.01 - Richard 21/08/2012 21:43:49.7.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4061.2528 [GMT 2:00]

Gestart vanuit: c:\users\Richard\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Richard\Desktop\CFScript.txt

AV: McAfee Antivirus en antispyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Antivirus en antispyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Aanwezig AV is actief

.

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\1ClickDownload

c:\program files (x86)\1ClickDownload\1clextsetup.exe

c:\program files (x86)\1ClickDownload\1Click.cfg

c:\program files (x86)\1ClickDownload\1ClickDownloader.exe

c:\program files (x86)\1ClickDownload\1ClickSettingsManager.exe

c:\program files (x86)\1ClickDownload\gz.exe

c:\program files (x86)\1ClickDownload\MICHAEL_FLATLEY

c:\program files (x86)\1ClickDownload\ocmainpack.exe

c:\program files (x86)\1ClickDownload\oneclickdownloader10.crx

c:\program files (x86)\1ClickDownload\uninst.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-21 to 2012-08-21 ))))))))))))))))))))))))))))))

.

.

2012-08-21 19:52 . 2012-08-21 19:52 -------- d-----w- c:\users\Public\AppData\Local\temp

2012-08-21 19:52 . 2012-08-21 19:52 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-21 19:52 . 2012-08-21 19:52 -------- d-----w- c:\users\AppData\AppData\Local\temp

2012-08-16 01:03 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys

2012-08-15 23:21 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll

2012-08-15 23:21 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll

2012-08-15 23:21 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll

2012-08-15 23:21 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe

2012-08-15 23:21 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe

2012-08-15 23:21 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll

2012-08-15 23:21 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll

2012-08-15 23:21 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll

2012-08-15 23:21 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll

2012-08-15 23:21 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll

2012-08-15 23:21 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-08-15 23:21 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll

2012-08-15 11:07 . 2012-08-15 11:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-08-13 11:56 . 2012-06-15 10:04 73096 ----a-w- c:\windows\system32\drivers\McPvDrv.sys

2012-08-13 11:56 . 2012-04-20 14:40 196440 ----a-w- c:\windows\system32\drivers\HipShieldK.sys

2012-07-30 21:52 . 2012-07-30 21:52 103904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll

2012-07-30 21:52 . 2012-07-30 21:52 103904 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll

2012-07-28 09:21 . 2012-08-01 08:18 -------- d-----w- c:\program files (x86)\Vuze_Remote

2012-07-24 19:12 . 2012-07-28 11:13 -------- d-----w- c:\users\Richard\AppData\Roaming\Skype

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-16 01:00 . 2010-06-15 18:51 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-08-15 13:00 . 2012-04-03 07:57 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-15 13:00 . 2011-05-17 07:06 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-16 08:08 . 2012-07-16 08:08 476976 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2012-07-16 08:08 . 2010-06-14 14:07 472880 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-07-12 15:13 . 2012-06-22 16:23 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll

2012-07-03 11:46 . 2011-07-30 21:01 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-02 12:53 . 2012-07-02 12:53 955840 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-07-02 12:53 . 2012-07-02 12:53 839096 ----a-w- c:\windows\system32\deployJava1.dll

2012-07-02 12:53 . 2010-06-07 10:24 268720 ----a-w- c:\windows\system32\javaws.exe

2012-07-02 12:53 . 2010-06-07 10:24 189360 ----a-w- c:\windows\system32\javaw.exe

2012-07-02 12:53 . 2010-06-07 10:24 188840 ----a-w- c:\windows\system32\java.exe

2012-06-22 05:40 . 2012-07-02 13:58 69672 ----a-w- c:\windows\system32\drivers\cfwids.sys

2012-06-22 05:38 . 2012-07-02 13:58 335784 ----a-w- c:\windows\system32\drivers\mfewfpk.sys

2012-06-22 05:38 . 2011-03-13 15:45 177144 ----a-w- c:\windows\system32\mfevtps.exe

2012-06-22 05:37 . 2012-07-02 13:58 10288 ----a-w- c:\windows\system32\drivers\mfeclnk.sys

2012-06-22 05:36 . 2012-07-02 13:58 106112 ----a-w- c:\windows\system32\drivers\mferkdet.sys

2012-06-22 05:36 . 2012-07-02 13:58 752672 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2012-06-22 05:35 . 2012-07-02 13:58 513456 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2012-06-22 05:34 . 2012-07-02 13:58 300392 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2012-06-22 05:34 . 2012-07-02 13:58 169320 ----a-w- c:\windows\system32\drivers\mfeapfk.sys

2012-06-18 01:12 . 2012-07-02 13:39 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D3CBD17-77DC-4355-AB6B-8CC6A96DE9C9}\mpengine.dll

2012-06-09 05:43 . 2012-07-11 12:26 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX

2012-06-06 06:06 . 2012-07-11 12:26 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-11 12:26 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-11 12:26 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-11 12:26 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-11 12:26 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-11 12:26 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-07-02 13:56 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-07-02 13:56 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-07-02 13:56 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-07-02 13:56 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-07-02 13:56 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-07-02 13:56 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-07-02 13:56 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-07-02 13:56 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:15 . 2012-07-02 13:56 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 05:50 . 2012-07-11 12:26 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-11 12:26 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:48 . 2012-07-11 12:26 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:45 . 2012-07-11 12:26 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-11 12:26 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-11 12:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-11 12:26 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-11 12:26 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-11 12:26 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-16_20.29.30 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-06-07 10:43 . 2012-08-21 19:36 65100 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

- 2009-07-14 05:10 . 2012-08-15 11:23 40722 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-08-21 19:36 40722 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2010-06-14 13:48 . 2012-08-21 19:36 20654 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-810726386-2924154629-2946816220-1000_UserData.bin

+ 2010-06-14 12:46 . 2012-08-21 19:44 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-06-14 12:46 . 2012-08-16 20:06 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-06-14 12:46 . 2012-08-21 19:44 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-06-14 12:46 . 2012-08-16 20:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-08-21 19:44 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-08-16 20:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:46 . 2012-08-17 06:30 93680 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

- 2012-08-16 20:29 . 2012-08-16 20:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-21 19:53 . 2012-08-21 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-21 19:53 . 2012-08-21 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-08-16 20:29 . 2012-08-16 20:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-14 05:01 . 2012-08-21 19:52 414460 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2012-08-16 20:28 414460 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-06-15 18:53 . 2012-08-21 07:31 2614144 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2010-06-15 18:53 . 2012-08-16 20:28 2614144 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2011-05-22 19:19 . 2012-08-21 19:52 47280280 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-810726386-2924154629-2946816220-1000-12288.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]

"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]

"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-02-22 1226024]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-06-21 1527896]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]

R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-06-22 106112]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-20 113120]

R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2008-10-24 43008]

R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064]

R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2008-10-24 43008]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-04-19 50688]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2012-06-15 73096]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-06-22 335784]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728]

S2 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-05-11 200728]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-06-22 218320]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-06-22 177144]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]

S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-06-22 69672]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 138752]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-06-22 513456]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-19 239616]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - mfeavfk01

.

Inhoud van de 'Gedeelde Taken' map

.

2012-08-20 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 13:00]

.

2012-08-13 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-03-28 23:04]

.

2012-08-21 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-03-28 23:04]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-21 8306208]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: Free YouTube Download - c:\users\Richard\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

IE: Free YouTube to MP3 Converter - c:\users\Richard\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 195.130.131.130 195.130.130.2

FF - ProfilePath - c:\users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)

AddRemove-1ClickDownload - c:\program files (x86)\1ClickDownload\uninst.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}"=hex:51,66,7a,6c,4c,1d,38,12,26,bd,a8,

0a,e6,f4,22,0e,f1,4c,12,2a,bb,94,a4,70

"{D28C7E56-2CC6-415C-8727-D71334085926}"=hex:51,66,7a,6c,4c,1d,38,12,38,7d,9f,

d6,f4,62,32,04,f8,31,94,53,31,56,1d,32

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{1D970ED5-3EDA-438D-BFFD-715931E2775B}"=hex:51,66,7a,6c,4c,1d,38,12,bb,0d,84,

19,e8,70,e3,06,c0,eb,32,19,34,bc,33,4f

"{7DB2D5A0-7241-4E79-B68D-6309F01C5231}"=hex:51,66,7a,6c,4c,1d,38,12,ce,d6,a1,

79,73,3c,17,0b,c9,9b,20,49,f5,42,16,25

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,

9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d

"{B164E929-A1B6-4A06-B104-2CD0E90A88FF}"=hex:51,66,7a,6c,4c,1d,38,12,47,ea,77,

b5,84,ef,68,0f,ce,12,6f,90,ec,54,cc,eb

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,08,ee,58,

1a,82,e9,65,3d,9d,e9,17,af,a2,b0,e5,ab

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:0e,c0,4f,bc,ae,76,cc,01

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b0,18,5b,0c,ad,bf,76,4d,ba,25,1d,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b0,18,5b,0c,ad,bf,76,4d,ba,25,1d,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Bonjour\mDNSResponder.exe

c:\windows\SysWOW64\rundll32.exe

c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

.

**************************************************************************

.

Voltooingstijd: 2012-08-21 21:57:41 - machine werd herstart

ComboFix-quarantined-files.txt 2012-08-21 19:57

ComboFix2.txt 2012-08-20 06:45

ComboFix3.txt 2012-08-16 20:34

ComboFix4.txt 2012-08-01 12:34

.

Pre-Run: 427.326.345.216 bytes beschikbaar

Post-Run: 427.208.335.360 bytes beschikbaar

.

- - End Of File - - D9FDE26C6A5F12D0B44445603A8158F8

Link naar reactie
Delen op andere sites

Mooi zo.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /)

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

En hoe zit het met de crashes van Firefox?

Link naar reactie
Delen op andere sites

ComboFix is verwijderd.

Qoobox heb ik nergens gevonden, tenzij het ergens verborgen zit (Tip misschien?)

Heb voorlopig geen crashes meer gehad van Firefox.

Alles lijkt me in orde en zal het wel horen of ik deze discussie als opgelost mag aanklikken.

In ieder geval bedankt nogmaals voor de hulp en raad

Link naar reactie
Delen op andere sites

Die map is normaal niet verborgen en staat direkt op de C.

Als je ze niet meer ziet, is ze verwijderd.

Voor de volledigheid kan je nog het volgende doen.

Download CCleaner. (Als je het nog niet hebt)

Let op bij de installatie.

Haal beide vinkjes weg bij de vraag over de Chrome browser.

Installeer het en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Bevestigen met JA of OK

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, lees dan deze handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar kunnen besmette herstelpunten tussen zitten die je zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen.

Doe dit via Configuratiescherm -> Systeem en Beveiliging -> Systeem -> Systeembeveiliging

Selecteer de schijf waarvan je de herstelpunten wil verwijderen -> klikken op "configureren".

Klik op "verwijderen". Dan krijg je een schermmelding. Klik hier op “Doorgaan”.

Dan worden alle herstelpunten verwijderd op de aangeduide schijf.

Klik na de verwijdering op "OK"

Maak dan meteen een nieuw herstelpunt, zodat je niet hoeft te wachten op een automatisch herstelpunt van het systeem.

Daarna mag je dit onderwerp afsluiten door een klik op de knop +Markeer als opgelost.

Nog veel computerplezier :ciao:

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.