full screen springt terug naar desktop

[vermeers]

ComboFix 11-05-01.03 - studio 02/05/2011 14:25:36.3.8 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1033.18.8183.6348 [GMT 2:00]

Gestart vanuit: c:\users\studio\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\studio\Desktop\CFScript.txt

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-04-02 to 2011-05-02 ))))))))))))))))))))))))))))))

.

.

2011-05-02 12:29 . 2011-05-02 12:29 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-05-01 12:32 . 2011-05-01 12:32 -------- d-----w- c:\users\studio\AppData\Roaming\Malwarebytes

2011-05-01 12:31 . 2011-05-01 12:31 -------- d-----w- c:\programdata\Malwarebytes

2011-05-01 12:31 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-05-01 12:31 . 2011-05-01 12:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-05-01 12:31 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-01 12:26 . 2011-04-18 07:15 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FBD26B82-3FBF-48B8-8F7E-0FEDE53A8A95}\mpengine.dll

2011-04-29 08:53 . 2011-04-29 08:53 388096 ----a-r- c:\users\studio\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-04-29 08:53 . 2011-04-29 08:53 -------- d-----w- c:\program files (x86)\Trend Micro

2011-04-27 10:20 . 2011-02-26 06:23 2870272 ----a-w- c:\windows\explorer.exe

2011-04-27 10:20 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\SysWow64\explorer.exe

2011-04-27 10:20 . 2011-03-12 12:03 662528 ----a-w- c:\windows\system32\XpsPrint.dll

2011-04-27 10:20 . 2011-03-12 11:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll

2011-04-26 08:28 . 2011-02-05 12:39 603976 ----a-w- c:\windows\system32\winload.exe

2011-04-26 08:26 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-04-26 08:26 . 2011-03-03 06:14 30208 ----a-w- c:\windows\system32\dnscacheugc.exe

2011-04-26 08:26 . 2011-03-03 05:27 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe

2011-04-26 08:26 . 2011-03-08 06:14 976896 ----a-w- c:\windows\system32\inetcomm.dll

2011-04-26 08:26 . 2011-03-08 05:38 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll

2011-04-26 08:23 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe

2011-04-26 08:21 . 2011-02-23 05:15 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-04-26 08:21 . 2011-02-23 05:15 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-04-26 08:21 . 2011-02-23 05:15 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-04-26 08:21 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys

2011-04-21 14:05 . 2011-04-21 14:05 -------- d-----w- c:\users\studio\AppData\Local\Sunbelt Software

2011-04-21 14:03 . 2011-04-21 14:04 -------- d-----w- c:\programdata\Lavasoft

2011-04-21 14:03 . 2011-04-21 14:03 -------- d-----w- c:\program files (x86)\Lavasoft

2011-04-19 11:36 . 2011-04-25 19:54 -------- d-----w- c:\program files\Dell Support Center

2011-04-19 11:34 . 2011-04-19 11:34 -------- d-----w- c:\users\studio\AppData\Roaming\PCDr

2011-04-05 08:24 . 2011-04-05 08:24 -------- d-----w- c:\programdata\Citrix

2011-04-05 08:24 . 2011-04-05 15:18 -------- d-----w- c:\users\studio\AppData\Roaming\ICAClient

2011-04-05 08:24 . 2011-04-05 08:24 -------- d-----w- c:\users\studio\AppData\Local\Citrix

2011-04-05 08:24 . 2011-04-05 08:24 -------- d-----w- c:\program files (x86)\Citrix

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-03-31 01:18 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-03-04 06:17 . 2011-04-27 10:19 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2011-03-04 06:17 . 2011-04-27 10:19 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2011-02-19 06:37 . 2011-03-09 09:11 1135104 ----a-w- c:\windows\system32\FntCache.dll

2011-02-19 06:37 . 2011-03-09 09:11 1540608 ----a-w- c:\windows\system32\DWrite.dll

2011-02-19 06:36 . 2011-03-09 09:11 902656 ----a-w- c:\windows\system32\d2d1.dll

2011-02-19 05:32 . 2011-03-09 09:11 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll

2011-02-19 05:32 . 2011-03-09 09:11 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2011-02-02 16:11 . 2010-08-04 15:19 270720 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((( SnapShot@2011-05-02_10.50.11 )))))))))))))))))))))))))))))))))))))))))

.

- 2010-01-01 20:33 . 2011-05-02 10:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-01-01 20:33 . 2011-05-02 12:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-01-01 20:33 . 2011-05-02 10:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-01-01 20:33 . 2011-05-02 12:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-01-02 08:32 . 2011-05-02 12:02 522628 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin

+ 2009-07-14 02:34 . 2011-05-02 12:12 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat

- 2009-07-14 02:34 . 2011-05-02 10:08 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-03-09 26100520]

"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2010-03-08 319792]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

"Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-11-28 1242448]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"dellsupportcenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-09-30 1484856]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-01-25 421160]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2010-10-12 304568]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2009-09-17 165104]

.

c:\users\studio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-20 136176]

R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

S1 appdrv01;Application Driver (01);c:\windows\system32\Drivers\appdrv01.sys [x]

S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]

S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-03-31 92160]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-10-13 149032]

S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe [2009-06-01 36864]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-09-17 656624]

S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-02-03 427192]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - mfeavfk01

.

NETSVCS VEREIST REPARATIES - huidige waarden worden getoond

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

.

.

Inhoud van de 'Gedeelde Taken' map

.

2011-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-26 14:22]

.

2011-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-26 14:22]

.

2011-05-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-106691695-2296535289-504572420-1000Core.job

- c:\users\studio\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-04 15:12]

.

2011-05-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-106691695-2296535289-504572420-1000UA.job

- c:\users\studio\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-04 15:12]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-05-23 7833120]

"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [bU]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-26 16327712]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.Google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]

@Denied: (A 2) (Everyone)

@="IFlashBroker2"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2011-05-02 14:31:18

ComboFix-quarantined-files.txt 2011-05-02 12:31

ComboFix2.txt 2011-05-02 12:21

ComboFix3.txt 2011-05-02 10:52

.

Pre-Run: 702.186.946.560 bytes free

Post-Run: 702.127.562.752 bytes free

.

- - End Of File - - 15C7BE8DC7EF1A0124C05BA2FB20AF0A

[kape]

Hoe staat het nu met de eerder gemelde problemen ?

[vermeers]

Het is precies opgelost. Maar het is al af en toe zo geweest dat het even terug allemaal goed werkte.Dus ga ik nog even afwachten. Ik weet trouwens niet of het nu al de bedoeling was dat het allemaal terug goed werkte.

Heel erg bedankt voor jullie hulp.

Groeten

[kape]

Dan gaan we Combofix al verwijderen en nog even wat opruimen :

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

[vermeers]

Zo alles gedaan

Bedankt

[kape]

Dan wachten we nu nog even af of alles inderdaad echt opgelost is. Indien je meer zekerheid hebt, mag je dan hieronder op "opgelost" tokkelen

[vermeers]

Het was dus een aantal dagen in orde. Maar nu heb precies hetzelfde probleem. Wa is eigenlijk de probleem?

Groeten

[kape]

We zijn in eerste instantie op zoek naar problemen met malware, die de werking negatief beïnvloeden. Wil je eens opnieuw Combofix downloaden, installeren en laten scannen. En hang dan je nieuwe logje in je volgende bericht.

[vermeers]

Ik heb zo een system restore gedaan naar een punt toen het nog gemaakt was. Dus nu is het terug even in orde. Maar ik heb vorige keer ook gezien dat het terug kapot is vanaf dat windows zelf een update doet. En die ene update is telkens al om 3 uur s'nachts geweest. Ik ben niet zeker of het dat is. Maar het is wel toevallig natuurlijk.

[kape]

Dan zal je - om het zeker te weten - weer even moeten wachten tot er nieuwe updates worden aangeboden. Bekijk het even verder ... en dan lezen we later wel hoe dit afgelopen is.