Nog een keer Mystart credibar

[froos]

ComboFix 12-08-05.02 - Frans rOOS 07-08-2012 10:34:08.3.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2999.1837 [GMT 2:00]

Gestart vanuit: c:\users\Frans rOOS\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Frans rOOS\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

FILE ::

"C:\timestmp.tmp"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Perion

c:\program files (x86)\Perion\NewTab\data.txt

c:\program files (x86)\Perion\NewTab\newTab.crx

c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DIFxAPI.dll

c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DifXInstall64.exe

c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DIFxInstallLog.txt

c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\GEARAspiWDM.inf

c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\gearaspiwdmx64.cat

c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\x64\GEARAspi.dll

c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\x64\GEARAspi64.dll

c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\x64\GEARAspiWDM.sys

C:\timestmp.tmp

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-07 to 2012-08-07 ))))))))))))))))))))))))))))))

.

.

2012-08-07 08:43 . 2012-08-07 08:43 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-06 10:13 . 2012-08-06 10:13 -------- d-----w- c:\users\Frans rOOS\AppData\Local\DDMSettings

2012-08-06 10:11 . 2012-08-06 10:14 -------- d-----w- c:\users\Frans rOOS\AppData\Roaming\DivX

2012-08-06 10:11 . 2012-08-06 10:11 -------- d-----w- c:\program files\DivX

2012-08-06 10:11 . 2012-08-06 10:11 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared

2012-08-06 10:09 . 2012-08-06 10:12 -------- d-----w- c:\program files (x86)\DivX

2012-08-06 10:08 . 2012-08-06 10:12 -------- d-----w- c:\programdata\DivX

2012-08-04 08:54 . 2012-08-04 08:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-08-04 08:54 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-03 14:56 . 2012-08-03 14:56 388096 ----a-r- c:\users\Frans rOOS\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-03 14:56 . 2012-08-03 14:56 -------- d-----w- C:\Trend Micro

2012-08-03 14:18 . 2012-08-03 14:18 -------- d-----w- c:\users\Frans rOOS\AppData\Roaming\Malwarebytes

2012-08-03 14:17 . 2012-08-03 14:17 -------- d-----w- c:\programdata\Malwarebytes

2012-08-03 12:07 . 2012-08-03 12:07 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-01 21:54 . 2012-08-03 07:50 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-08-01 20:34 . 2012-08-01 21:05 -------- d-----w- c:\users\Frans rOOS\Tracing

2012-08-01 20:31 . 2012-08-01 20:31 -------- d-----w- c:\windows\nl

2012-08-01 20:29 . 2012-08-01 20:29 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\53d0e5721cd702402\MeshBetaRemover.exe

2012-08-01 20:29 . 2012-08-01 20:29 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\534f306b1cd702401\DSETUP.dll

2012-08-01 20:29 . 2012-08-01 20:29 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\534f306b1cd702401\DXSETUP.exe

2012-08-01 20:29 . 2012-08-01 20:29 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\534f306b1cd702401\dsetup32.dll

2012-08-01 20:19 . 2009-05-18 11:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2012-08-01 20:19 . 2008-04-17 10:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll

2012-08-01 20:19 . 2008-04-17 10:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll

2012-08-01 20:18 . 2012-08-01 20:19 -------- d-----w- c:\program files\iTunes

2012-08-01 20:18 . 2012-08-01 20:19 -------- d-----w- c:\program files (x86)\iTunes

2012-08-01 20:18 . 2012-08-01 20:18 -------- d-----w- c:\program files\iPod

2012-08-01 20:18 . 2012-08-01 20:18 -------- d-----w- c:\program files (x86)\Apple Software Update

2012-08-01 20:18 . 2012-08-01 20:18 -------- d-----w- c:\program files\Common Files\Apple

2012-08-01 20:17 . 2012-08-01 20:17 -------- d-----w- c:\program files\Bonjour

2012-08-01 20:17 . 2012-08-01 20:17 -------- d-----w- c:\program files (x86)\Bonjour

2012-07-28 21:12 . 2012-07-28 21:12 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-07-28 21:12 . 2012-07-28 21:12 -------- d-----w- c:\program files (x86)\Oracle

2012-07-28 21:12 . 2012-07-05 20:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-07-28 21:12 . 2012-07-05 20:06 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-07-18 09:39 . 2012-07-18 09:39 -------- d-----w- c:\program files (x86)\Common Files\Skype

2012-07-17 20:29 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-07-17 19:25 . 2012-07-17 19:25 -------- d-----w- c:\users\Frans rOOS\AppData\Roaming\Template

2012-07-17 10:10 . 2012-07-19 09:37 -------- d-----r- c:\users\Frans rOOS\Dropbox

2012-07-17 10:08 . 2012-07-19 09:37 -------- d-----w- c:\users\Frans rOOS\AppData\Roaming\Dropbox

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-03 12:07 . 2011-10-18 06:27 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-17 20:21 . 2010-08-30 21:33 59701280 ----a-w- c:\windows\system32\MRT.exe

2012-06-02 22:19 . 2012-06-21 15:35 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-21 15:35 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-21 15:35 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-21 15:35 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-21 15:35 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-21 15:35 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-21 15:35 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-06-21 15:35 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:15 . 2012-06-21 15:35 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-05-15 04:01 . 2012-06-23 19:01 1188864 ----a-w- c:\windows\system32\wininet.dll

2012-05-15 03:59 . 2012-06-23 19:01 64512 ----a-w- c:\windows\system32\jsproxy.dll

2012-05-15 03:03 . 2012-06-23 19:01 981504 ----a-w- c:\windows\SysWow64\wininet.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-06_08.05.10 )))))))))))))))))))))))))))))))))))))))))

.

+ 2011-10-20 23:26 . 2011-10-20 23:26 94208 c:\windows\SysWOW64\dpl100.dll

+ 2010-04-06 08:20 . 2012-08-07 08:20 82972 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-08-07 08:20 40542 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2010-08-18 12:47 . 2012-08-07 08:20 33896 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-928118603-159168090-4003741755-1001_UserData.bin

- 2010-08-18 12:47 . 2012-08-06 07:45 33896 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-928118603-159168090-4003741755-1001_UserData.bin

- 2009-07-14 09:16 . 2012-08-01 20:52 14836 c:\windows\system32\perfh013.dat

+ 2009-07-14 09:16 . 2012-08-07 08:22 14836 c:\windows\system32\perfh013.dat

+ 2010-08-18 11:26 . 2012-08-07 08:19 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-08-18 11:26 . 2012-08-06 07:45 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-08-18 11:26 . 2012-08-06 07:45 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-08-18 11:26 . 2012-08-07 08:19 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-08-06 07:45 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-08-07 08:19 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-08-18 12:47 . 2012-08-07 08:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-08-18 12:47 . 2012-08-06 07:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-08-18 12:47 . 2012-08-07 08:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2010-08-18 12:47 . 2012-08-06 07:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 09:16 . 2012-08-07 08:22 4896 c:\windows\system32\perfc013.dat

- 2009-07-14 09:16 . 2012-08-01 20:52 4896 c:\windows\system32\perfc013.dat

+ 2012-08-07 08:17 . 2012-08-07 08:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-08-06 07:42 . 2012-08-06 07:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-08-06 07:42 . 2012-08-06 07:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-08-07 08:17 . 2012-08-07 08:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2010-02-19 19:27 . 2010-02-19 19:27 843776 c:\windows\SysWOW64\divx_xx16.dll

+ 2010-02-19 19:27 . 2010-02-19 19:27 839680 c:\windows\SysWOW64\divx_xx11.dll

+ 2010-02-19 19:27 . 2010-02-19 19:27 856064 c:\windows\SysWOW64\divx_xx0c.dll

+ 2010-02-19 19:27 . 2010-02-19 19:27 847872 c:\windows\SysWOW64\divx_xx0a.dll

+ 2010-02-19 19:27 . 2010-02-19 19:27 856064 c:\windows\SysWOW64\divx_xx07.dll

+ 2010-02-19 19:27 . 2010-02-19 19:27 720384 c:\windows\SysWOW64\DivX.dll

+ 2010-08-27 08:29 . 2012-08-06 19:17 438096 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

- 2009-07-14 02:36 . 2012-08-01 20:52 647206 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-08-07 08:22 647206 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-08-07 08:22 114830 c:\windows\system32\perfc009.dat

- 2009-07-14 02:36 . 2012-08-01 20:52 114830 c:\windows\system32\perfc009.dat

+ 2009-07-14 05:01 . 2012-08-06 21:27 475876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2012-08-05 21:56 475876 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2011-07-26 18:36 . 2011-07-26 18:36 1629696 c:\windows\Installer\6729f2.msi

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\users\Frans rOOS\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\users\Frans rOOS\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\users\Frans rOOS\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\users\Frans rOOS\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2012-04-04 1261472]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-04-04 36760]

"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"TaskbarNoThumbnail"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux2"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart\0\0sdnclean64.exe

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-04 5160568]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-01 136176]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-05-11 124368]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]

R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]

R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]

R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]

R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-01 136176]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-01 232992]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-07-01 51576]

R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-02-17 156080]

R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-19 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]

S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2011-10-21 44680]

S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2011-10-21 50312]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]

S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2011-10-21 19592]

S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [2011-10-21 189576]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]

S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]

S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]

S2 EaseUS Agent;EaseUS Agent;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2011-10-21 60552]

S2 Guard Agent;Guard Agent;c:\program files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2011-10-21 23176]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]

S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]

S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]

S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]

S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]

S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]

S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-27 1103904]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 12:07]

.

2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-01 11:59]

.

2012-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-01 11:59]

.

2012-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-928118603-159168090-4003741755-1001Core.job

- c:\users\Frans rOOS\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-18 19:28]

.

2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-928118603-159168090-4003741755-1001UA.job

- c:\users\Frans rOOS\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-18 19:28]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 97792 ----a-w- c:\users\Frans rOOS\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 97792 ----a-w- c:\users\Frans rOOS\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 97792 ----a-w- c:\users\Frans rOOS\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 97792 ----a-w- c:\users\Frans rOOS\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [bU]

"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]

"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [bU]

"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]

"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-10 520760]

"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [bU]

"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [bU]

"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [bU]

"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [bU]

"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.nl/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: ????3?? - c:\users\Frans rOOS\AppData\Roaming\FlashGetBHO\GetUrl.htm

IE: ????3?????? - c:\users\Frans rOOS\AppData\Roaming\FlashGetBHO\GetAllUrl.htm

TCP: DhcpNameServer = 62.45.45.45 62.45.46.46

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

BHO-{95525BD9-6136-4A26-8263-9CEE295D442D} - (no file)

Toolbar-{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file)

ShellIconOverlayIdentifiers-{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} - (no file)

ShellIconOverlayIdentifiers-{C72C6188-BEF2-46E5-A89A-52F0ED75219E} - (no file)

ShellIconOverlayIdentifiers-{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]

"ImagePath"="\"c:\program files (x86)\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files (x86)\MySQL\MySQL Server 5.0\my.ini\" MySQL"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-928118603-159168090-4003741755-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_f3*N}]

@Allowed: (Read) (RestrictedCode)

@="c:\\Users\\Frans rOOS\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"

"contexts"=dword:00000022

.

[HKEY_USERS\S-1-5-21-928118603-159168090-4003741755-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_f3*N}hQèþ”¥c]

@Allowed: (Read) (RestrictedCode)

@="c:\\Users\\Frans rOOS\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"

"contexts"=dword:000000f3

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-08-07 10:46:58

ComboFix-quarantined-files.txt 2012-08-07 08:46

ComboFix2.txt 2012-08-06 08:28

.

Pre-Run: 8.026.857.472 bytes beschikbaar

Post-Run: 8.006.033.408 bytes beschikbaar

.

- - End Of File - - 4B430AD01687B64799AFB48157540AAC

[kape]

En hoe staat het nu met MyStart/Incredibar ?

[froos]

Beste Kape,

Bij het openen van elke nieuwe tab in Chrome heb ik geen MyStart/Incredibar meer.

Daar ben ik dus gelukkig van af.

Mijn hartelijke dank!!!

Kun je me uitleggen wat je allemaal gedaan hebt en waarom?

Frans

[kape]

Kort samengevat hebben we met HijackThis een beeld van de computer gemaakt, met Malwarebytes enkele overbodige zaken verwijderd, met AdwCleaner een grote opruiming gehouden in adware en malware die je vroeger hebt gedownload en met Combofix nog wat dieper gaan kijken in je PC ... om tenslotte de laatste boosdoeners van je MyStart/Incredibar-besmetting aan te pakken.

Nu de problemen opgelost zijn, mag je nog aan de opruiming beginnen :

Verwijder AdwCleaner manueel.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht/Programma’s en bestanden zoeken en typ daar: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten). In Windows 7

• via Start -> Configuratiescherm -> Systeem & Beveiliging -> Systeem -> Systeembeveiliging -> schakel nu systeemherstel uit door de gewenste schijf te selecteren en op "configureren" te klikken.
  
• Klik nu op "verwijderen" om alle herstelpunten te verwijderen.
  
• Klik op "Toepassen" en "OK".
  
• Herstart nu de PC.
  

Indien dit allemaal probleemloos verlopen is, mag je hieronder op "markeer als opgelost" tokkelen !

[froos]

Mission completed, erg bedankt! Ik zal tokkelen.