Ga naar inhoud

Vista computer opschonen

maxjuhh3

Door maxjuhh3
in Archief Windows Algemeen

 Delen

Aanbevolen berichten

maxjuhh3 Meewerkend lid

maxjuhh3

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 10-02-20.04 - Maximus 21-02-2010 17:16:45.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3069.2100 [GMT 1:00]

Gestart vanuit: c:\users\Maximus\Documents\ComboFix.exe

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

* Aanwezig AV is actief

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Maximus\AppData\Roaming\.#

c:\users\Maximus\AppData\Roaming\02000000cf56b8f5648C.manifest

c:\users\Maximus\AppData\Roaming\02000000cf56b8f5648O.manifest

c:\users\Maximus\AppData\Roaming\02000000cf56b8f5648P.manifest

c:\users\Maximus\AppData\Roaming\02000000cf56b8f5648S.manifest

c:\windows\system32\ar3GqnwDoZ435IC.vbs

c:\windows\system32\SIntf16.dll

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-01-21 to 2010-02-21 ))))))))))))))))))))))))))))))

.

2010-02-21 16:27 . 2010-02-21 16:28 -------- d-----w- c:\users\Maximus\AppData\Local\temp

2010-02-21 16:27 . 2010-02-21 16:27 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-02-18 16:02 . 2010-02-18 16:02 -------- d-----w- c:\program files\K-Lite Codec Pack

2010-02-17 16:39 . 2010-02-17 16:39 388096 ----a-r- c:\users\Maximus\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe

2010-02-17 16:39 . 2010-02-20 02:00 -------- d-----w- c:\program files\TrendMicro

2010-02-17 14:56 . 2010-02-17 14:56 -------- d-----w- C:\Medion

2010-02-17 14:30 . 2010-02-20 02:01 -------- d-----w- c:\program files\RS2Bot

2010-02-15 17:33 . 2010-02-15 17:33 -------- d-----w- c:\program files\Ubisoft

2010-02-15 13:32 . 2010-02-15 13:32 -------- d-----w- c:\program files\Free Offers from Freeze.com

2010-02-12 13:59 . 2010-02-12 13:59 -------- d-----w- c:\windows\McAfee.com

2010-02-11 17:08 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-02-11 17:08 . 2010-02-20 02:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-02-11 17:08 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-02-11 15:41 . 2010-02-11 15:41 -------- d-----w- C:\rsit

2010-02-09 21:40 . 2009-12-11 11:43 302080 ----a-w- c:\windows\system32\drivers\srv.sys

2010-02-09 21:40 . 2009-12-11 11:43 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys

2010-02-09 21:40 . 2009-12-08 20:01 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe

2010-02-09 21:40 . 2009-12-08 20:01 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe

2010-02-09 21:40 . 2009-12-08 20:01 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys

2010-02-09 21:40 . 2009-12-08 17:26 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2010-02-09 21:39 . 2009-12-04 18:29 1314816 ----a-w- c:\windows\system32\quartz.dll

2010-02-09 21:39 . 2009-12-04 18:30 12288 ----a-w- c:\windows\system32\tsbyuv.dll

2010-02-09 21:39 . 2009-12-04 18:28 22528 ----a-w- c:\windows\system32\msyuv.dll

2010-02-09 21:39 . 2009-12-04 18:28 31744 ----a-w- c:\windows\system32\msvidc32.dll

2010-02-09 21:39 . 2009-12-04 18:28 13312 ----a-w- c:\windows\system32\msrle32.dll

2010-02-09 21:39 . 2009-12-04 18:28 123904 ----a-w- c:\windows\system32\msvfw32.dll

2010-02-09 21:39 . 2009-12-04 18:28 82944 ----a-w- c:\windows\system32\mciavi32.dll

2010-02-09 21:39 . 2009-12-04 18:28 50176 ----a-w- c:\windows\system32\iyuv_32.dll

2010-02-09 21:39 . 2009-12-04 18:27 91136 ----a-w- c:\windows\system32\avifil32.dll

2010-02-09 21:39 . 2009-12-04 15:56 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2010-02-09 21:39 . 2009-12-04 15:56 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2010-02-07 18:29 . 2010-02-07 18:29 -------- d-----w- c:\program files\RealFogs

2010-01-31 14:45 . 2010-01-31 14:45 -------- d-----w- c:\users\Maximus\AppData\Roaming\AVS4YOU

2010-01-31 14:45 . 2010-01-31 14:45 -------- d-----w- c:\programdata\AVS4YOU

2010-01-31 14:44 . 2010-02-02 18:01 -------- d-----w- c:\program files\Common Files\AVSMedia

2010-01-31 14:44 . 2008-08-13 09:22 974848 ----a-w- c:\windows\system32\mfc70.dll

2010-01-31 14:44 . 2008-08-13 09:22 24576 ----a-w- c:\windows\system32\msxml3a.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-02-21 15:38 . 2010-02-21 14:47 -------- d-----w- c:\program files\TribalManager

2010-02-21 01:30 . 2010-02-20 21:51 -------- d-----w- c:\program files\Everest Poker

2010-02-20 21:36 . 2010-02-20 21:36 -------- d-----w- c:\program files\Arthaus Paint & Fotoshop

2010-02-20 21:28 . 2009-12-28 19:56 69 ----a-w- c:\users\Maximus\jagex_runescape_preferences2.dat

2010-02-20 21:27 . 2009-12-28 19:55 41 ----a-w- c:\users\Maximus\jagex_runescape_preferences.dat

2010-02-19 20:59 . 2008-07-08 21:37 -------- d-----w- c:\program files\Sun

2010-02-19 20:57 . 2008-07-01 14:08 -------- d-----w- c:\program files\Java

2010-02-19 17:08 . 2009-11-23 14:54 -------- d-----w- c:\users\Maximus\AppData\Roaming\DNA

2010-02-18 21:17 . 2008-06-22 20:41 56733 ----a-w- c:\users\Maximus\AppData\Roaming\nvModes.dat

2010-02-15 22:12 . 2009-09-21 17:57 -------- d-----w- c:\programdata\McAfee Security Scan

2010-02-15 17:33 . 2008-04-16 05:00 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-02-11 17:26 . 2009-12-13 21:43 -------- d-----w- c:\program files\Trend Micro

2010-02-10 02:29 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2010-02-09 16:39 . 2008-08-17 13:36 680 ----a-w- c:\users\Maximus\AppData\Local\d3d9caps.dat

2010-01-26 18:40 . 2008-01-21 06:47 50698 ----a-w- c:\windows\system32\perfh013.dat

2010-01-26 18:40 . 2008-01-21 06:47 11730 ----a-w- c:\windows\system32\perfc013.dat

2010-01-20 11:50 . 2008-08-20 19:46 -------- d-----w- c:\program files\Microsoft Silverlight

2010-01-04 19:47 . 2008-04-16 05:53 -------- d-----w- c:\program files\Common Files\Adobe

2010-01-02 06:38 . 2010-01-21 22:38 916480 ----a-w- c:\windows\system32\wininet.dll

2010-01-02 06:32 . 2010-01-21 22:38 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-01-02 06:32 . 2010-01-21 22:38 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-01-02 04:57 . 2010-01-21 22:38 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-12-13 16:04 . 2009-12-13 16:04 2560 ----a-w- c:\windows\_MSRSTRT.EXE

2009-12-13 00:41 . 2009-12-13 00:41 2855 ----a-w- c:\users\Maximus\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

2009-07-02 17:46 2094616 ----a-w- c:\program files\LimewirePlus\tbLim1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}"= "c:\program files\LimewirePlus\tbLim1.dll" [2009-07-02 2094616]

[HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{47E161A0-F4BA-41DD-A17B-D2EB26AD6A02}"= "c:\program files\LimewirePlus\tbLim1.dll" [2009-07-02 2094616]

[HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2008-01-03 00:00 39472 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-09 39408]

"Google Update"="c:\users\Maximus\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-02-19 135664]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk

backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup

backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan.lnk

backup=c:\windows\pss\McAfee Security Scan.lnk.CommonStartup

backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Maximus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]

path=c:\users\Maximus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup

backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2009-09-04 11:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]

2007-07-21 10:18 159744 ----a-w- c:\program files\Apoint2K\Apoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BisonInst0402]

2007-05-08 18:48 53248 ----a-w- c:\windows\BR040286.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]

2009-11-25 13:01 323392 ----a-w- c:\users\Maximus\Program Files\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio]

2007-10-10 04:41 1286144 ------w- c:\acer\Empowering Technology\eAudio\eAudio.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]

2008-03-05 13:15 525360 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]

2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

2007-07-12 14:36 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2009-10-28 19:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]

2008-01-04 10:21 768520 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

2010-01-07 15:07 1394000 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]

2009-10-29 05:54 1218008 ----a-w- c:\program files\McAfee.com\Agent\mcagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McENUI]

2009-07-07 19:02 1176808 ----a-w- c:\progra~1\McAfee\MHN\McENUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2007-11-15 03:03 8534560 ----a-w- c:\windows\System32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2007-11-15 03:03 81920 ----a-w- c:\windows\System32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]

2007-11-15 03:03 86016 ----a-w- c:\windows\System32\nvsvc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]

2008-01-22 09:14 200704 ------w- c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-09-05 00:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2007-09-03 10:39 4702208 ----a-w- c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]

2007-08-03 05:22 1826816 ----a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2009-02-09 15:37 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]

2008-01-29 07:03 303104 ----a-w- c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"VistaSp2"=hex(B):d6,67,55,80,89,34,ca,01

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [20-6-2008 23:20 41456]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [31-10-2008 11:44 203280]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [16-4-2008 14:30 180736]

R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [16-4-2008 14:31 32256]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17-11-2008 7:40 3668480]

S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [19-3-2009 21:24 55280]

S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5-8-2009 21:48 533360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Inhoud van de 'Gedeelde Taken' map

2010-02-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2285587042-1580576303-2642232439-1000Core.job

- c:\users\Maximus\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-19 20:45]

2010-02-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2285587042-1580576303-2642232439-1000UA.job

- c:\users\Maximus\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-19 20:45]

2010-01-15 c:\windows\Tasks\McDefragTask.job

- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-21 10:22]

2010-02-01 c:\windows\Tasks\McQcTask.job

- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-21 10:22]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

uDefault_Search_URL = hxxp://www.google.com/ie

mStart Page = hxxp://nl.intl.acer.yahoo.com

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

Trusted Zone: internet

Trusted Zone: mcafee.com

Trusted Zone: mcafee.com\download

.

- - - - ORPHANS VERWIJDERD - - - -

HKLM-Run-eRecoveryService - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-02-21 17:28

Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Voltooingstijd: 2010-02-21 17:34:35

ComboFix-quarantined-files.txt 2010-02-21 16:34

Pre-Run: 49.327.464.448 bytes beschikbaar

Post-Run: 49.501.929.472 bytes beschikbaar

- - End Of File - - 6A601F56762EA71E0407C156222C7695

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

[-HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

[-HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.