MBAM loop vast

don88 · 31 oktober 2013

Zoek.exe Version 4.0.0.5 Updated 26-October-2013

Tool run by donald on do 31/10/2013 at 14:26:09,43.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\donald\AppData\Local\Temp\Temp1_zoek.zip\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results2013-10-28-171642.log 241504 bytes

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_USERS\S-1-5-21-3088945599-3311189199-218311579-1002\Software\Microsoft\Windows\CurrentVersion\Run]

"BackgroundContainer"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"BackgroundContainer"=-

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\\PROGRA~2\\OPTIMI~1 not found

C:\Users\donald\AppData\Locallow\DivX_Browser_Bar deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 deleted

==== EOF on do 31/10/2013 at 14:27:54,53 ======================

Jion · 31 oktober 2013

Download AdwCleaner by Xplode naar je bureaublad.

Sluit alle openstaande vensters.
Dubbelklik op AdwCleaner om hem te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Klik vervolgens op Scan.
Klik vervolgens op Clean als er items zijn gevonden.
Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt.

Post aansluitend de inhoud van dit log in je volgende bericht.

don88 · 1 november 2013

# AdwCleaner v3.010 - Report created 01/11/2013 at 14:01:36

# Updated 20/10/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : donald - DONALD-PC

# Running from : C:\Users\donald\Downloads\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3288691

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49271347-03F7-466B-9C99-4F93FC39D9D5}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ACBC74F-A111-4F0E-B3D7-B0C49C3FA00F}

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\lollipop

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\smartbar

Key Deleted : HKCU\Software\AppDataLow\Software\DivX_Browser_Bar

Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\SearchProtect

Key Deleted : HKLM\Software\DivX_Browser_Bar

Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\donald\AppData\Roaming\Mozilla\Firefox\Profiles\x0avayax.default\prefs.js ]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\donald\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [2645 octets] - [01/11/2013 13:59:10]

AdwCleaner[s0].txt - [2419 octets] - [01/11/2013 14:01:36]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2479 octets] ##########

Jion · 1 november 2013

Merk je nu nog problemen?

don88 · 7 november 2013

ondervind soms nog problemen met firefox en skype, die soms niet willen opstarten of afsluiten ook al gebruik ik taakbeheer

Jion · 7 november 2013

Download ComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
Illegal operation attempted on a registry key that has been marked for deletion.

don88 · 11 november 2013

ComboFix 13-11-10.02 - donald 11/11/2013 13:54:54.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3828.2005 [GMT 1:00]

Gestart vanuit: c:\users\donald\Downloads\ComboFix.exe

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\security\Database\tmp.edb

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-10-11 to 2013-11-11 ))))))))))))))))))))))))))))))

.

2013-11-11 13:11 . 2013-11-11 13:11 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2013-11-11 13:11 . 2013-11-11 13:11 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-11-11 13:04 . 2013-10-15 23:20 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B9D81419-0A2E-4E85-9EEA-57FB5956A389}\mpengine.dll

2013-11-11 13:04 . 2013-09-03 12:35 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-11-11 02:56 . 2013-11-11 02:56 -------- d-----w- C:\3263188b03de80734ec98d

2013-11-11 02:52 . 2013-11-11 02:52 -------- d-----w- c:\program files\Microsoft Silverlight

2013-11-11 02:52 . 2013-11-11 02:52 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2013-11-11 02:31 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2013-11-11 02:31 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2013-11-11 02:31 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll

2013-11-11 02:31 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll

2013-11-11 02:31 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe

2013-11-11 02:31 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2013-11-11 02:31 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll

2013-11-10 22:36 . 2013-11-10 22:36 -------- d-----w- c:\program files (x86)\SearchProtect

2013-11-10 19:42 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll

2013-11-10 19:42 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll

2013-11-10 19:42 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll

2013-11-10 19:42 . 2012-10-03 17:44 18944 ----a-w- c:\windows\system32\netevent.dll

2013-11-10 19:42 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll

2013-11-10 19:42 . 2012-10-03 17:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll

2013-11-10 19:42 . 2012-10-03 16:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll

2013-11-10 19:42 . 2012-10-03 16:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll

2013-11-10 19:42 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll

2013-11-10 19:42 . 2012-10-03 16:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2013-11-10 19:42 . 2012-01-13 07:12 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll

2013-11-10 19:40 . 2013-08-29 02:17 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-11-10 19:39 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys

2013-11-10 19:38 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe

2013-11-10 19:38 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe

2013-11-10 19:38 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll

2013-11-10 19:38 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll

2013-11-10 19:38 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys

2013-11-10 19:38 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll

2013-11-10 19:38 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll

2013-11-10 19:38 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll

2013-11-10 19:38 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe

2013-11-10 19:38 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe

2013-11-10 19:04 . 2013-11-10 19:04 -------- d-----w- c:\program files (x86)\eMu3Ds

2013-11-10 19:01 . 2013-11-10 19:01 -------- d-----w- c:\program files (x86)\Microsoft.NET

2013-11-10 13:43 . 2013-11-10 13:43 -------- d-----w- c:\programdata\SystemRequirementsLab

2013-11-10 13:43 . 2013-11-10 13:43 -------- d-----w- c:\program files (x86)\SystemRequirementsLab

2013-11-10 12:46 . 2013-11-10 13:43 -------- d-----w- c:\program files (x86)\StarCraft II

2013-11-10 12:46 . 2013-11-10 12:46 -------- d-----w- c:\programdata\Blizzard Entertainment

2013-11-10 12:46 . 2013-11-10 12:46 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment

2013-11-10 12:45 . 2013-11-10 12:45 -------- d-----w- c:\programdata\Battle.net

2013-11-09 12:44 . 2013-11-09 12:44 -------- d-----w- c:\programdata\YTD Video Downloader

2013-11-09 12:43 . 2013-11-09 12:43 -------- d-----w- c:\program files (x86)\GreenTree Applications

2013-11-09 12:43 . 2013-11-09 15:50 -------- d-----w- c:\program files (x86)\MyPC Backup

2013-11-08 16:45 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll

2013-11-08 16:45 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll

2013-11-08 16:45 . 2013-11-08 16:45 -------- d-----w- c:\program files (x86)\Grinding Gear Games

2013-11-06 15:55 . 2013-11-06 15:55 -------- d-----w- c:\programdata\NCH Software

2013-11-06 15:55 . 2013-11-06 15:55 -------- d-----w- c:\program files (x86)\NCH Software

2013-11-04 20:46 . 2013-11-04 20:46 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories

2013-11-02 16:22 . 2013-11-02 17:00 -------- d-----w- c:\program files (x86)\Common Files\Steam

2013-11-02 16:22 . 2013-11-11 12:29 -------- d-----w- c:\program files (x86)\Steam

2013-11-01 12:58 . 2013-11-01 13:01 -------- d-----w- C:\AdwCleaner

2013-10-28 16:59 . 2013-10-28 17:16 -------- d-----w- c:\windows\system32\drivers\etc

2013-10-28 16:58 . 2013-10-31 13:27 -------- d-----w- C:\zoek_backup

2013-10-28 11:52 . 2013-10-28 11:54 -------- d-----w- c:\program files\trend micro

2013-10-28 11:52 . 2013-10-28 11:52 -------- d-----w- C:\rsit

2013-10-27 11:20 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll

2013-10-27 11:20 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll

2013-10-27 11:18 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll

2013-10-27 11:17 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll

2013-10-27 11:17 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll

2013-10-27 11:17 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll

2013-10-27 11:17 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll

2013-10-27 11:17 . 2013-07-20 10:33 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll

2013-10-27 11:17 . 2013-07-20 10:33 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-27 11:05 . 2013-10-27 11:05 -------- d-----w- c:\program files (x86)\MSXML 4.0

2013-10-27 01:02 . 2013-10-27 01:02 -------- d-----w- c:\windows\system32\SPReview

2013-10-27 01:02 . 2013-10-27 01:02 -------- d-----w- c:\windows\system32\EventProviders

2013-10-26 23:25 . 2013-10-26 23:26 -------- d-----w- c:\program files\DivX

2013-10-26 23:24 . 2013-10-26 23:26 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared

2013-10-26 23:24 . 2013-10-26 23:27 -------- d-----w- c:\program files (x86)\DivX

2013-10-26 23:23 . 2013-10-26 23:27 -------- d-----w- c:\programdata\DivX

2013-10-26 23:21 . 2013-10-26 23:22 -------- d-----w- c:\program files (x86)\Google

2013-10-26 13:14 . 2013-10-26 13:14 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-10-26 13:13 . 2013-10-26 13:13 1887232 ----a-w- c:\windows\system32\d3d11.dll

2013-10-26 13:13 . 2013-10-26 13:13 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll

2013-10-26 12:03 . 2013-10-26 12:03 -------- d-----w- c:\program files\ColdTurkey

2013-10-26 11:33 . 2010-11-20 13:27 109056 ----a-w- c:\windows\system32\userenv.dll

2013-10-26 11:32 . 2010-11-20 13:27 5120 ----a-w- c:\windows\system32\msdxm.ocx

2013-10-26 11:31 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll

2013-10-26 11:31 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll

2013-10-26 11:31 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll

2013-10-26 10:55 . 2013-10-26 10:55 -------- d-----w- c:\windows\SysWow64\wbem\en-US

2013-10-26 10:55 . 2013-10-26 10:55 -------- d-----w- c:\windows\system32\wbem\en-US

2013-10-26 10:55 . 2013-10-26 10:55 -------- d-----w- c:\windows\SysWow64\Wat

2013-10-26 10:55 . 2013-10-26 10:55 -------- d-----w- c:\windows\system32\Wat

2013-10-26 01:04 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe

2013-10-25 01:32 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2013-10-25 01:32 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll

2013-10-25 01:32 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll

2013-10-25 01:32 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll

2013-10-25 01:32 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2013-10-25 01:14 . 2011-06-15 10:02 212992 ----a-w- c:\windows\system32\odbctrac.dll

2013-10-25 01:14 . 2011-06-15 10:02 163840 ----a-w- c:\windows\system32\odbccp32.dll

2013-10-25 01:14 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccu32.dll

2013-10-25 01:14 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccr32.dll

2013-10-25 01:14 . 2011-06-15 09:59 126976 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll

2013-10-25 01:14 . 2011-06-15 08:55 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll

2013-10-25 01:14 . 2011-06-15 08:55 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll

2013-10-25 01:14 . 2011-06-15 08:55 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll

2013-10-25 01:14 . 2011-06-15 08:55 163840 ----a-w- c:\windows\SysWow64\odbctrac.dll

2013-10-25 01:14 . 2011-06-15 08:55 122880 ----a-w- c:\windows\SysWow64\odbccp32.dll

2013-10-25 01:14 . 2011-06-15 08:54 94208 ----a-w- c:\program files (x86)\Common Files\System\Ole DB\msdaosp.dll

2013-10-25 01:12 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll

2013-10-25 01:11 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll

2013-10-25 01:11 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll

2013-10-25 01:11 . 2010-11-20 12:58 3072 ----a-w- c:\windows\system32\dpnaddr.dll

2013-10-25 01:11 . 2010-11-20 11:57 2560 ----a-w- c:\windows\SysWow64\dpnaddr.dll

2013-10-25 01:11 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll

2013-10-25 01:11 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll

2013-10-25 01:09 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll

2013-10-25 01:08 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll

2013-10-25 01:08 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll

2013-10-24 22:17 . 2013-10-24 22:17 -------- d-----w- c:\programdata\Oracle

2013-10-24 19:47 . 2013-10-24 19:47 -------- d-----w- c:\program files (x86)\Common Files\Java

2013-10-24 19:46 . 2013-10-24 19:46 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-10-24 19:46 . 2013-10-24 19:46 -------- d-----w- c:\program files (x86)\Java

2013-10-24 15:34 . 2013-10-24 15:34 -------- d-----w- c:\program files (x86)\Common Files\Skype

2013-10-24 15:34 . 2013-10-24 15:34 -------- d-----r- c:\program files (x86)\Skype

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-10-27 10:51 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2013-10-27 10:51 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2013-10-24 14:47 . 2010-06-24 17:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-09-18 20:08 . 2013-09-18 20:08 94208 ----a-w- c:\windows\SysWow64\dpl100.dll

2013-08-29 01:48 . 2013-11-10 19:40 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2013-08-26 09:13 . 2013-08-26 09:13 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-10-30 1820584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-20 487562]

"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]

"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]

"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-18 50472]

"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-09-28 75048]

"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-09-04 240112]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-09-03 518640]

"mobilegeni daemon"="c:\program files (x86)\Mobogenie\DaemonProcess.exe" [2013-10-15 735936]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

"ColdTurkey_notify"="c:\program files\ColdTurkey\ct_notify.exe" [2013-01-01 47104]

"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-08-21 450560]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-12 163040]

"DSUpdateLauncher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" [2010-07-21 18240]

"STToasterLauncher"="c:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe" [2010-08-12 120032]

.

c:\users\donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

MyPC Backup.lnk - c:\program files (x86)\MyPC Backup\MyPC Backup.exe [2013-9-19 1953320]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\progra~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer5"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 0145231384174261mcinstcleanup;McAfee Application Installer Cleanup (0145231384174261);c:\users\donald\AppData\Local\Temp\014523~1.EXE;c:\users\donald\AppData\Local\Temp\014523~1.EXE [x]

R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/02/17 05:24;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]

R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]

R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]

R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]

S2 BackupStack;Computer Backup (MyPC Backup);c:\program files (x86)\MyPC Backup\BackupStack.exe;c:\program files (x86)\MyPC Backup\BackupStack.exe [x]

S2 CltMngSvc;Search Protect by Conduit Service;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe [x]

S2 KCTRP;KCTRP;c:\program files\ColdTurkey\KCTRP_srv.exe;c:\program files\ColdTurkey\KCTRP_srv.exe [x]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]

S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x]

S3 AVer7231_x64;AVerMedia 7231 capture service;c:\windows\system32\DRIVERS\AVer7231_x64.sys;c:\windows\SYSNATIVE\DRIVERS\AVer7231_x64.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]

S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys;c:\windows\SYSNATIVE\DRIVERS\qicflt.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - CLKMDRV10_9EC60124

*Deregistered* - mfeavfk01

*Deregistered* - mfenlfk

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-10-26 23:22 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-26 23:21]

.

2013-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-26 23:21]

.

2013-10-24 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2010-08-05 07:47]

.

2013-11-10 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\pcdrcui.exe [2010-08-05 07:47]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-11-09 6539880]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-11-03 2181224]

"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-08-25 283240]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-09-02 161304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-09-02 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-09-02 415256]

"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-03-05 1928976]

"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-09-24 727664]

"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2010-12-10 4775176]

"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\progra~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll c:\windows\System32\nvinitx.dll

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPCC8570C4-4198-45FD-BE72-043261A7DB25&SSPV=

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 195.130.131.131 195.130.130.3

FF - ProfilePath - c:\users\donald\AppData\Roaming\Mozilla\Firefox\Profiles\x0avayax.default\

FF - prefs.js: browser.search.selectedEngine - Conduit Search

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPCC8570C4-4198-45FD-BE72-043261A7DB25&SSPV=

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=407453&p=

FF - ExtSQL: 2013-10-24 17:25; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\donald\AppData\Roaming\Mozilla\Firefox\Profiles\x0avayax.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-UpdaterEX - c:\users\donald\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10a.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]

@Denied: (A 2) (Everyone)

@="IFlashBroker2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-11-11 14:31:14

ComboFix-quarantined-files.txt 2013-11-11 13:31

.

Pre-Run: 559.870.181.376 bytes beschikbaar

Post-Run: 558.568.230.912 bytes beschikbaar

.

- - End Of File - - 65107FC92B6E1E856375D396D1AE506E

Jion · 11 november 2013

Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

Schakel alle antivirus- en antispywareprogramma's uit, want deze kunnen namelijk conflicteren met ComboFix.

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

Open een nieuw leeg Kladblok scherm, kopieer en plak hierin de volgende code.

 
File:: 
c:\users\donald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk 
c:\users\donald\AppData\Local\Temp\014523~1.EXE

Folder:: 
c:\program files (x86)\SearchProtect
c:\programdata\YTD Video Downloader
c:\program files (x86)\MyPC Backup
c:\programdata\NCH Software
c:\program files (x86)\NCH Software

Registry:: 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=-

Driver::
BackupStack
CltMngSvc
mcinstcleanup

Firefox::
FF - prefs.js: browser.search.selectedEngine - Conduit Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPCC8570C4-4198-45FD-BE72-043261A7DB25&SSPV=

Sla dit op op je Bureaublad als CFScript.txt

Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld:

Nu zal ComboFix vanzelf worden gestart.

Start opnieuw op als daarom gevraagd wordt, en post de inhoud van de Combofix.txt in je volgende antwoord.

Inloggen

MBAM loop vast

Aanbevolen berichten

don88

Link naar reactie

Delen op andere sites

Jion

Link naar reactie

Delen op andere sites

don88

Link naar reactie

Delen op andere sites

Jion

Link naar reactie

Delen op andere sites

don88

Link naar reactie

Delen op andere sites

Jion

Link naar reactie

Delen op andere sites

don88

Link naar reactie

Delen op andere sites

Jion

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie