Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

N.a.v Eset Online Scanner

ks
24 antwoorden
  • Goedeavond

    Graag eventjes controle van mijn laptop n.a.v Eset online scan.

    Die heeft 5 besmettings gevonden.

    Alvast bedankt voor de moeite.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 18:48:03, on 19-11-2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
    C:\Windows\PLFSetI.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    C:\Program Files (x86)\Launch Manager\LMworker.exe
    C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\plugin-container.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.weerdirect.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com
    dr.aspx?b=ACAW&l=0413&m=aspire_5736z&r=27361110f025l04f4z105v47424458
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
    O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
    O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
    O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
    O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll
    O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll
    O9 - Extra button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~2\sbhook.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
    O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files (x86)\Secunia\PSI\sua.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 11831 bytes


    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Databaseversie: 8194

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 9.0.8112.16421

    19-11-2011 18:53:22
    mbam-log-2011-11-19 (18-53-22).txt

    Scantype: Snelle scan
    Objecten gescand: 171177
    Verstreken tijd: 3 minuut/minuten, 54 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)
  • Hoi K.S., weet je nog wat ESET-Online aan "virussen" had gevonden?
    Het log moet je kunnen terugvinden in de map [b:151cf64d8c]C:\Program Files (x86)\ESET\ESET Online Scanner[/b:151cf64d8c] als log.txt.
  • Goedemorgen Abraham

    Hierbij de gevraagde log.

    ESETSmartInstaller@High as downloader log:
    all ok
    # version=7
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6583
    # api_version=3.0.2
    # EOSSerial=a0f30d2ec9e8c54bb91f5f2a750989ac
    # end=finished
    # remove_checked=true
    # archives_checked=false
    # unwanted_checked=true
    # unsafe_checked=false
    # antistealth_checked=true
    # utc_time=2011-11-19 05:37:00
    # local_time=2011-11-19 06:37:00 (+0100, West-Europa (standaardtijd))
    # country="Netherlands"
    # lang=1033
    # osver=6.1.7601 NT Service Pack 1
    # compatibility_mode=512 16777215 100 0 29023976 29023976 0 0
    # compatibility_mode=768 16777215 100 0 31897673 31897673 0 0
    # compatibility_mode=1280 16777215 100 0 18401452 18401452 0 0
    # compatibility_mode=2304 16777215 100 0 0 0 0 0
    # compatibility_mode=5893 16776574 100 70 19945168 73349651 0 0
    # compatibility_mode=8192 67108863 100 0 3657 3657 0 0
    # scanned=160578
    # found=5
    # cleaned=5
    # scan_time=4419
    C:\Users\Gebruiker\Downloads\installer_paint_shop_pro_x3_13_0_Nederlands_Dutch(2).exe Win32/Toggle application (deleted - quarantined) 00000000000000000000000000000000 C
    C:\Users\Gebruiker\Downloads\installer_paint_shop_pro_x3_13_0_Nederlands_Dutch.exe Win32/Toggle application (deleted - quarantined) 00000000000000000000000000000000 C
    C:\Users\Gebruiker\Downloads\registrybooster.exe Win32/RegistryBooster application (deleted - quarantined) 00000000000000000000000000000000 C
    C:\Users\Gebruiker\Downloads\RegistryReviverInstall.exe Win32/RegistryReviver application (deleted - quarantined) 00000000000000000000000000000000 C
    C:\Users\Gebruiker\Downloads\speedupmypc.exe multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
  • Hallo Klaas, je mag het volgende gaan doen:

    [b:3f4b6ff5f3]Welk programma[/b:3f4b6ff5f3]: ComboFix
    [b:3f4b6ff5f3]Waarvoor/waarom[/b:3f4b6ff5f3]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:3f4b6ff5f3]Moeilijkheidsgraad[/b:3f4b6ff5f3]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:3f4b6ff5f3]Downloadlokatie[/b:3f4b6ff5f3]: Dit programma absoluut naar het bureaublad downloaden!
    [b:3f4b6ff5f3]Download ComboFix via één van deze locaties[/b:3f4b6ff5f3]:
    [list:3f4b6ff5f3][*:3f4b6ff5f3][b:3f4b6ff5f3]Bleepingcomputer[/b:3f4b6ff5f3]
    [*:3f4b6ff5f3][b:3f4b6ff5f3]ForoSpyware[/b:3f4b6ff5f3]
    [*:3f4b6ff5f3][b:3f4b6ff5f3]Geekstogo[/b:3f4b6ff5f3][/list:u:3f4b6ff5f3]
    [b:3f4b6ff5f3]Hier[/b:3f4b6ff5f3] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:3f4b6ff5f3]Hier[/b:3f4b6ff5f3] en [b:3f4b6ff5f3]hier[/b:3f4b6ff5f3] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:3f4b6ff5f3]Voor alle duidelijkheid nogmaals[/b:3f4b6ff5f3]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:3f4b6ff5f3]Opmerkingen[/b:3f4b6ff5f3]:
    [list:3f4b6ff5f3][*:3f4b6ff5f3] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:3f4b6ff5f3]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:3f4b6ff5f3]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:3f4b6ff5f3]
    [b:3f4b6ff5f3]ComboFix is opgestart[/b:3f4b6ff5f3]:
    [list:3f4b6ff5f3][*:3f4b6ff5f3]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:3f4b6ff5f3]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:3f4b6ff5f3]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:3f4b6ff5f3]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:3f4b6ff5f3]Post de inhoud van dit logbestand in je volgende bericht.
    [*:3f4b6ff5f3]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:3f4b6ff5f3]
    [b:3f4b6ff5f3]Belangrijke opmerking[/b:3f4b6ff5f3]:
    [list:3f4b6ff5f3][*:3f4b6ff5f3][b:3f4b6ff5f3]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:3f4b6ff5f3][/b:3f4b6ff5f3]
    [*:3f4b6ff5f3][b:3f4b6ff5f3]Illegal operation attempted on a registery key that has been marked for deletion.[/color:3f4b6ff5f3][/b:3f4b6ff5f3]
    [*:3f4b6ff5f3][b:3f4b6ff5f3]Start dan de computer opnieuw op.[/color:3f4b6ff5f3][/b:3f4b6ff5f3][/list:u:3f4b6ff5f3]
  • Goedemiddag

    Ik had de log gekopieerd, maar ik kon niet meer in ie9 en FF komen.

    Heb toen de computer weer herstart, maar de gekopieerde log kon ik toen niet meer plakken.

    Graag even de link om de log te plaatsen.
    (waar ik hem kan vinden)
  • Dat log vind je terug in C:\Combofix.txt
  • Oke, en bedankt.

    ComboFix 11-11-20.01 - Gebruiker 20-11-2011 18:03:42.3.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3002.1770 [GMT 1:00]
    Gestart vanuit: c:\users\Gebruiker\Downloads\ComboFix.exe
    AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
    FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
    SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ——-\Service_COMSysApp
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-10-20 to 2011-11-20 ))))))))))))))))))))))))))))))
    .
    .
    2011-11-20 17:16 . 2011-11-20 17:16 ——– d—–w- c:\users\Public\AppData\Local\temp
    2011-11-20 17:16 . 2011-11-20 17:16 ——– d—–w- c:\users\Default\AppData\Local\temp
    2011-11-19 20:13 . 2011-11-20 17:19 ——– d—–w- c:\users\Gebruiker\AppData\Local\Temp
    2011-11-19 16:22 . 2011-11-19 16:22 ——– d—–w- c:\program files (x86)\ESET
    2011-11-10 16:08 . 2011-10-01 05:45 886784 —-a-w- c:\program files\Common Files\System\wab32.dll
    2011-11-10 16:08 . 2011-10-01 04:37 708608 —-a-w- c:\program files (x86)\Common Files\System\wab32.dll
    2011-11-10 16:08 . 2011-09-29 16:29 1923952 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2011-11-10 16:08 . 2011-09-29 04:03 3144704 —-a-w- c:\windows\system32\win32k.sys
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin7.dll
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin6.dll
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin5.dll
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin4.dll
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin3.dll
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin2.dll
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin.dll
    2011-11-05 14:04 . 2011-11-05 14:05 ——– d—–w- c:\program files (x86)\QuickTime
    2011-11-05 14:04 . 2011-11-05 14:04 ——– d—–w- c:\programdata\Apple Computer
    2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2011-10-22 18:36 . 2011-10-22 18:36 ——– d—–w- c:\program files (x86)\Common Files\Java
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-11-12 17:54 . 2011-05-17 14:43 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-03 03:06 . 2010-12-04 18:47 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2011-09-01 05:24 . 2011-10-15 11:09 2309120 —-a-w- c:\windows\system32\jscript9.dll
    2011-09-01 05:17 . 2011-10-15 11:09 1389056 —-a-w- c:\windows\system32\wininet.dll
    2011-09-01 05:12 . 2011-10-15 11:09 2382848 —-a-w- c:\windows\system32\mshtml.tlb
    2011-09-01 02:35 . 2011-10-15 11:09 1798144 —-a-w- c:\windows\SysWow64\jscript9.dll
    2011-09-01 02:28 . 2011-10-15 11:09 1126912 —-a-w- c:\windows\SysWow64\wininet.dll
    2011-09-01 02:22 . 2011-10-15 11:09 2382848 —-a-w- c:\windows\SysWow64\mshtml.tlb
    2011-08-31 15:00 . 2010-11-15 13:41 25416 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-08-27 05:37 . 2011-10-15 08:50 861696 —-a-w- c:\windows\system32\oleaut32.dll
    2011-08-27 05:37 . 2011-10-15 08:50 331776 —-a-w- c:\windows\system32\oleacc.dll
    2011-08-27 04:26 . 2011-10-15 08:50 571904 —-a-w- c:\windows\SysWow64\oleaut32.dll
    2011-08-27 04:26 . 2011-10-15 08:50 233472 —-a-w- c:\windows\SysWow64\oleacc.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-11-20_16.08.21 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2010-07-16 08:53 . 2011-11-20 16:35 66712 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    - 2010-07-16 08:53 . 2011-11-18 16:07 66712 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    - 2009-07-14 05:10 . 2011-11-20 16:08 47886 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 05:10 . 2011-11-20 17:20 47886 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2010-11-14 17:42 . 2011-11-20 17:20 16034 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1540792951-4210785799-4223076911-1000_UserData.bin
    - 2010-08-19 12:05 . 2011-11-20 15:04 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-08-19 12:05 . 2011-11-20 17:18 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-08-19 12:05 . 2011-11-20 15:04 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-08-19 12:05 . 2011-11-20 17:18 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-07-14 04:54 . 2011-11-20 17:18 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2009-07-14 04:54 . 2011-11-20 15:04 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2011-11-20 16:06 . 2011-11-20 16:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2011-11-20 17:18 . 2011-11-20 17:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2011-11-20 17:18 . 2011-11-20 17:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2011-11-20 16:06 . 2011-11-20 16:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2009-07-14 05:01 . 2011-11-20 17:17 228720 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    - 2009-07-14 05:01 . 2011-11-20 16:06 228720 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2010-11-15 15:42 . 2011-11-20 17:17 17793528 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1540792951-4210785799-4223076911-1000-8192.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2010-05-27 02:40 120176 —-a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
    "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
    "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
    "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
    "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
    "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
    "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-02 365336]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~2\sbhook.dll
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [x]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
    R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
    S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
    S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
    S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
    S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
    S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
    S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
    S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
    S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
    S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
    S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
    S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
    S3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [x]
    S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-11-20 c:\windows\Tasks\ParetoLogic Registration3.job
    - c:\windows\system32\rundll32.exe [2009-07-13 01:14]
    .
    2011-01-23 c:\windows\Tasks\ParetoLogic Update Version3.job
    - c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01]
    .
    2011-01-23 c:\windows\Tasks\PC Health Advisor Defrag.job
    - c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2010-09-30 21:40]
    .
    2011-06-14 c:\windows\Tasks\PC Health Advisor.job
    - c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2010-09-30 21:40]
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2010-05-27 02:42 137584 —-a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-06 11057768]
    "mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
    "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
    "PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-10 206208]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
    "combofix"="c:\combofix\CF7466.3XE" [2010-11-20 345088]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_Dlls"=0x1
    "AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~2\x64\sbhook64.dll
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.weerdirect.nl/
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://homepage.acer.com
    dr.aspx?b=ACAW&l=0413&m=aspire_5736z&r=27361110f025l04f4z105v47424458
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    TCP: DhcpNameServer = 192.168.0.1
    FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ma7hckcq.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.weerdirect.nl/
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\S-1-5-21-1540792951-4210785799-4223076911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (S-1-5-21-1540792951-4210785799-4223076911-1000)
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.Email.1"
    .
    [HKEY_USERS\S-1-5-21-1540792951-4210785799-4223076911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (S-1-5-21-1540792951-4210785799-4223076911-1000)
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Bonjour\mDNSResponder.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-11-20 18:36:18 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-11-20 17:36
    ComboFix2.txt 2011-11-20 16:25
    ComboFix3.txt 2011-05-28 13:52
    .
    Pre-Run: 250.149.093.376 bytes beschikbaar
    Post-Run: 249.850.617.856 bytes beschikbaar
    .
    - - End Of File - - 088B656216FCFE1D531397201698DF56
  • Zo Klaas, de volgende stap; vertel ook hou jouw Windows draait!

    Zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
    Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:050d51ec88]Kladblok (of Notepad)[/b:050d51ec88]". .

    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:050d51ec88]KILLALL::

    File::
    c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1540792951-4210785799-4223076911-1000_UserData.bin
    c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1540792951-4210785799-4223076911-1000-8192.dat
    [/color:050d51ec88][/b:050d51ec88]


    Sla dit kladblokbestand op je bureaublad op als [b:050d51ec88]CFScript.txt[/b:050d51ec88].

    [b:050d51ec88]Nu eerst de antivirus deaktiveren![/color:050d51ec88][/b:050d51ec88]


    Sleep CFScript.txt in ComboFix.exe


    [img:050d51ec88]http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif[/img:050d51ec88]

    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.


    Post het Combofix log dat na het opnieuw starten wordt getoond!

    [b:050d51ec88]Belangrijke opmerking[/b:050d51ec88]:
    [list:050d51ec88][*:050d51ec88][b:050d51ec88]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:050d51ec88][/b:050d51ec88]
    [*:050d51ec88][b:050d51ec88]Illegal operation attempted on a registery key that has been marked for deletion.[/color:050d51ec88][/b:050d51ec88]
    [*:050d51ec88][b:050d51ec88]Start dan de computer opnieuw op.[/color:050d51ec88][/b:050d51ec88][/list:u:050d51ec88]
  • Hoi Abraham

    De laptop draait goed hoor, geen problemen.

    ComboFix 11-11-20.01 - Gebruiker 20-11-2011 19:16:41.4.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3002.1844 [GMT 1:00]
    Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Gebruiker\Desktop\CFScript.txt..txt
    AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
    FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
    SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    FILE ::
    "c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1540792951-4210785799-4223076911-1000-8192.dat"
    "c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat"
    "c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat"
    "c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat"
    "c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat"
    "c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat"
    "c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat"
    "c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1540792951-4210785799-4223076911-1000_UserData.bin"
    "c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin"
    "c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin"
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1540792951-4210785799-4223076911-1000-8192.dat
    c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1540792951-4210785799-4223076911-1000_UserData.bin
    c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat . . . . konden niet verwijderd worden
    c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat . . . . konden niet verwijderd worden
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ——-\Service_COMSysApp
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-10-20 to 2011-11-20 ))))))))))))))))))))))))))))))
    .
    .
    2011-11-20 18:30 . 2011-11-20 18:30 ——– d—–w- c:\users\Public\AppData\Local\temp
    2011-11-20 18:30 . 2011-11-20 18:30 ——– d—–w- c:\users\Default\AppData\Local\temp
    2011-11-19 20:13 . 2011-11-20 18:34 ——– d—–w- c:\users\Gebruiker\AppData\Local\Temp
    2011-11-19 16:22 . 2011-11-19 16:22 ——– d—–w- c:\program files (x86)\ESET
    2011-11-10 16:08 . 2011-10-01 05:45 886784 —-a-w- c:\program files\Common Files\System\wab32.dll
    2011-11-10 16:08 . 2011-10-01 04:37 708608 —-a-w- c:\program files (x86)\Common Files\System\wab32.dll
    2011-11-10 16:08 . 2011-09-29 16:29 1923952 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2011-11-10 16:08 . 2011-09-29 04:03 3144704 —-a-w- c:\windows\system32\win32k.sys
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin7.dll
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin6.dll
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin5.dll
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin4.dll
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin3.dll
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin2.dll
    2011-11-05 14:05 . 2011-11-05 14:05 159744 —-a-w- c:\program files (x86)\Internet Explorer\Plugins
    pqtplugin.dll
    2011-11-05 14:04 . 2011-11-05 14:05 ——– d—–w- c:\program files (x86)\QuickTime
    2011-11-05 14:04 . 2011-11-05 14:04 ——– d—–w- c:\programdata\Apple Computer
    2011-10-24 13:29 . 2011-10-24 13:29 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2011-10-24 13:29 . 2011-10-24 13:29 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2011-10-22 18:36 . 2011-10-22 18:36 ——– d—–w- c:\program files (x86)\Common Files\Java
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-11-12 17:54 . 2011-05-17 14:43 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-03 03:06 . 2010-12-04 18:47 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2011-09-01 05:24 . 2011-10-15 11:09 2309120 —-a-w- c:\windows\system32\jscript9.dll
    2011-09-01 05:17 . 2011-10-15 11:09 1389056 —-a-w- c:\windows\system32\wininet.dll
    2011-09-01 05:12 . 2011-10-15 11:09 2382848 —-a-w- c:\windows\system32\mshtml.tlb
    2011-09-01 02:35 . 2011-10-15 11:09 1798144 —-a-w- c:\windows\SysWow64\jscript9.dll
    2011-09-01 02:28 . 2011-10-15 11:09 1126912 —-a-w- c:\windows\SysWow64\wininet.dll
    2011-09-01 02:22 . 2011-10-15 11:09 2382848 —-a-w- c:\windows\SysWow64\mshtml.tlb
    2011-08-31 15:00 . 2010-11-15 13:41 25416 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-08-27 05:37 . 2011-10-15 08:50 861696 —-a-w- c:\windows\system32\oleaut32.dll
    2011-08-27 05:37 . 2011-10-15 08:50 331776 —-a-w- c:\windows\system32\oleacc.dll
    2011-08-27 04:26 . 2011-10-15 08:50 571904 —-a-w- c:\windows\SysWow64\oleaut32.dll
    2011-08-27 04:26 . 2011-10-15 08:50 233472 —-a-w- c:\windows\SysWow64\oleacc.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-11-20_16.08.21 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2009-07-14 04:54 . 2011-11-20 16:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-07-14 04:54 . 2011-11-20 18:33 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-07-14 04:54 . 2011-11-20 18:33 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2011-11-20 16:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2011-11-20 16:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:54 . 2011-11-20 18:33 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2011-11-20 18:32 . 2011-11-20 18:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2011-11-20 16:06 . 2011-11-20 16:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2011-11-20 18:32 . 2011-11-20 18:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2011-11-20 16:06 . 2011-11-20 16:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2010-05-27 02:40 120176 —-a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
    "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
    "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
    "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
    "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
    "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
    "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-02 365336]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~2\sbhook.dll
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [x]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
    R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
    S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
    S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
    S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
    S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
    S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
    S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
    S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
    S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
    S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
    S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
    S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
    S3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [x]
    S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-11-20 c:\windows\Tasks\ParetoLogic Registration3.job
    - c:\windows\system32\rundll32.exe [2009-07-13 01:14]
    .
    2011-01-23 c:\windows\Tasks\ParetoLogic Update Version3.job
    - c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-12 05:01]
    .
    2011-01-23 c:\windows\Tasks\PC Health Advisor Defrag.job
    - c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2010-09-30 21:40]
    .
    2011-06-14 c:\windows\Tasks\PC Health Advisor.job
    - c:\program files (x86)\ParetoLogic\PCHA\PCHA.exe [2010-09-30 21:40]
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2010-05-27 02:42 137584 —-a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-06 11057768]
    "mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
    "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
    "PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-10 206208]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
    "combofix"="c:\combofix\CF21655.3XE" [2010-11-20 345088]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_Dlls"=0x1
    "AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~2\x64\sbhook64.dll
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.weerdirect.nl/
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://homepage.acer.com
    dr.aspx?b=ACAW&l=0413&m=aspire_5736z&r=27361110f025l04f4z105v47424458
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    TCP: DhcpNameServer = 192.168.0.1
    FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ma7hckcq.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.weerdirect.nl/
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\S-1-5-21-1540792951-4210785799-4223076911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (S-1-5-21-1540792951-4210785799-4223076911-1000)
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.Email.1"
    .
    [HKEY_USERS\S-1-5-21-1540792951-4210785799-4223076911-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (S-1-5-21-1540792951-4210785799-4223076911-1000)
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Bonjour\mDNSResponder.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-11-20 19:51:23 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-11-20 18:51
    ComboFix2.txt 2011-11-20 17:36
    ComboFix3.txt 2011-11-20 16:25
    ComboFix4.txt 2011-05-28 13:52
    .
    Pre-Run: 249.672.343.552 bytes beschikbaar
    Post-Run: 249.617.948.672 bytes beschikbaar
    .
    - - End Of File - - 9FCBB19635EDCBDB16EA27A9E7976E03
  • Fijn, dan gaan we opruimen.

    [b:7424c95c6b]Stap •1•[/b:7424c95c6b][/color:7424c95c6b]
    ComboFix mag nu verwijderd worden:
    [list:7424c95c6b][*:7424c95c6b] ga daarvoor naar Start - Uitvoeren
    [*:7424c95c6b] kopieer en plak hierin het volgende: [b:7424c95c6b]Combofix /Uninstall[/b:7424c95c6b]
    [*:7424c95c6b] klik daarna op [b:7424c95c6b]OK[/b:7424c95c6b].
    [*:7424c95c6b] indien het goed is, krijg je vervolgens een melding, dat Combofix verwijderd werd.[/list:u:7424c95c6b]

    Voorbeeld:

    [img:7424c95c6b]http://www.emphyrio.be/images/SMUninstall_combofix.png[/img:7424c95c6b]

    Uitvoeren kan ook gestart worden door de toetsen "Windowstoets + R" gelijktijdig in te drukken.

    [i:7424c95c6b]Dit zal Combofix verwijderen inclusief gerelateerde mappen en bestanden,
    herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies,
    gaat verborgen bestanden en systeembestanden terug verbergen
    en reset je Systeemherstel opnieuw.[/i:7424c95c6b]

    [b:7424c95c6b]Stap •2•[/b:7424c95c6b][/color:7424c95c6b]
    [b:7424c95c6b]Welk programma[/b:7424c95c6b]: TFC.
    [b:7424c95c6b]Waarvoor/waarom[/b:7424c95c6b]:grondige reiniging van Windows.
    [b:7424c95c6b]Moeilijkheidsgraad[/b:7424c95c6b]: geen.

    [b:7424c95c6b]Download: Download TFC naar je bureaublad (klick)[/color:7424c95c6b] [/b:7424c95c6b]

    [b:7424c95c6b]TFC opstarten[/b:7424c95c6b]:
    Windows 2000 en Windows XP: start TFC.exe middels dubbelklik op de snelkoppeling.
    Windows Vista en Windows 7: start TFC.exe middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
    [list:7424c95c6b][*:7424c95c6b] Niet schrikken - het tool sluit alle lopende programma's - ergo: verzeker je dus ervan, dat je werk al is opgeslagen!
    [*:7424c95c6b] Vervolgens klik je op de knop [b:7424c95c6b]Start[/b:7424c95c6b] om de scan te starten. Deze scan kan kort of langer duren, wees geduldig en laat TFC zijn taak doen en wacht to TFC klaaar is.
    [*:7424c95c6b] Indien TFC klaar is, dan komt de melding dat de computer opnieuw opgestart wordt.
    [*:7424c95c6b] Gebeurt het afsluiten niet automatisch, start dan zelf de computer opnieuw op.
    [*:7424c95c6b] Noot: TFC vertoont geen log![/list:u:7424c95c6b]

    [b:7424c95c6b]Stap •3•[/b:7424c95c6b][/color:7424c95c6b]
    Doe ook nog een test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is.

    Download naar je bureaublad [b:7424c95c6b]Security Check[/color:7424c95c6b][/b:7424c95c6b].
    [list:7424c95c6b][*:7424c95c6b] Klik/dubbelklik op [b:7424c95c6b]SecurityCheck.exe[/b:7424c95c6b] en let op de instrukties in het zwarte venster.
    [*:7424c95c6b] Een Kladblok document genaamd [b:7424c95c6b]checkup.txt[/b:7424c95c6b] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:7424c95c6b] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:7424c95c6b]
    Post de inhoud van [b:7424c95c6b]checkup.txt [/b:7424c95c6b]in je volgende post.
  • Hoi

    TFC uitgevoerd.

    Beveilingslog

    Results of screen317's Security Check version 0.99.28
    Windows 7 x64 (UAC is enabled)
    Internet Explorer 9
    [b:f051b71574]``````````````````````````````
    [u:f051b71574]Antivirus/Firewall Check:[/u:f051b71574][/b:f051b71574]
    ESET Online Scanner v3
    Kaspersky Internet Security 2011
    [size=1:f051b71574]WMI entry may not exist for antivirus; attempting automatic update.[/size:f051b71574]
    [b:f051b71574]```````````````````````````````
    [u:f051b71574]Anti-malware/Other Utilities Check:[/u:f051b71574][/b:f051b71574]
    Malwarebytes' Anti-Malware
    Java(TM) 6 Update 29
    Adobe Reader X (10.1.1)
    Mozilla Firefox (8.0.)
    [b:f051b71574]````````````````````````````````
    Process Check:
    [u:f051b71574]objlist.exe by Laurent[/u:f051b71574][/b:f051b71574]
    Malwarebytes' Anti-Malware mbamservice.exe
    Malwarebytes' Anti-Malware mbamgui.exe
    Kaspersky Lab Kaspersky Internet Security 2011 avp.exe
    [b:f051b71574]``````````End of Log````````````[/b:f051b71574]
  • De Adobe Flashplayer wordt niet vermeld, maar toch maar de gegevens hiervoor ook.

    Er zijn twee onderdelen in Windows, die altijd de nieuwste versie dienen te zijn en dat zijn Java runtime en Adobe Flash Player.
    Waarom: in die nieuwste versies zijn altijd de ontdekte veiligheidsrisico's uitverbeterd en ook dat vaak het tool zelf beter funktioneert!

    Ga nu eerst naar Configuratiescherm
    [list:3724b27f3b][*:3724b27f3b][b:3724b27f3b]Software[/b:3724b27f3b] - Windows 2000/Windows XP
    [*:3724b27f3b][b:3724b27f3b]Programma's en onderdelen[/b:3724b27f3b] - Windows Vista en Windows 7[/list:u:3724b27f3b]
    en verwijder daar volgende onderdelen:

    Java(TM) 6 Update 29
    Adobe Flash Player

    Herstart je PC opnieuw!

    Vervolgens ga jij eerst met Internet Explorer naar http://get.adobe.com/nl/flashplayer/ om de nieuwste Flasplayer 11.1.102.55 te laten installeren;
    (wil je de [b:3724b27f3b]Gratis Google Toolbar of McAfee Security Scan(optioneel) [/b:3724b27f3b] niet erbij hebben, haal dan eerst het vinkje weg bij die melding!).
    Op deze wijze wordt de Flashplayer niet alleen voor IE maar ook voor Windows geïnstalleerd!

    [b:3724b27f3b]Belangrijk[/b:3724b27f3b]: gebruik je ook andere browsers dan verwijder je eerst via dezelfde weg ook de [b:3724b27f3b]Adobe Flashplayer Plugins[/b:3724b27f3b] en daarna gebruik je dan die andere browsers telkens via hetzelfde internetadres om de nieuwste Flashplayer Plugins te downloaden en na afsluiten van de betreffende browser de nieuwe plugin te installeren!

    Download ook[b:3724b27f3b]Java 7 Update 2 (x86) voor Windows 7/XP/Vista/2000/2003/2008 Offline[/b:3724b27f3b] eerst naar je bureaublad.
    Daarna mag jij de nieuwste Java-versie ook installeren.
  • Hoi Abraham

    Oke doen we.

    Maar ik zit nu achter mijn Desktop, om wat verkopen af te handelen.
    Morgenavond zal ik dat allemaal eventjes bijwerken, en dan kom ik ook met een nieuwe beveilingscheck dan.

    Alvast hartelijk dank voor je inzet.
    En nog een fijne voortzetting van de avond.
  • Goedeavond Abraham

    Deze link geeft bij mij aan, dat er een virus inzit.

    http://get.adobe.com/nl/flashplayer/

    En bij java weet ik niet precies wat ik moet dowloaden.

    Graag hier nader uitleg over.
  • Java: kies voor [b:9301547b9d]SP Secure Mirror (US) - x86 - JRE 8 Dev Preview [EXE][/b:9301547b9d] via http://www.softpedia.com/progDownload/Java-Runtime-Environment-Download-71050.html

    En bij Adobe vermoed ik dat jouw Kaspersky mogelijk op de meeliftende software van McAfee regageert.

    Die site is veilig hoor.
  • Hoi

    Results of screen317's Security Check version 0.99.28
    Windows 7 x64 (UAC is enabled)
    Internet Explorer 9
    [b:011e373c8d]``````````````````````````````
    [u:011e373c8d]Antivirus/Firewall Check:[/u:011e373c8d][/b:011e373c8d]
    ESET Online Scanner v3
    Kaspersky Internet Security 2011
    [size=1:011e373c8d]WMI entry may not exist for antivirus; attempting automatic update.[/size:011e373c8d]
    [b:011e373c8d]```````````````````````````````
    [u:011e373c8d]Anti-malware/Other Utilities Check:[/u:011e373c8d][/b:011e373c8d]
    Malwarebytes' Anti-Malware
    Java(TM) 8
    Adobe Reader X (10.1.1)
    Mozilla Firefox (8.0.)
    [b:011e373c8d]````````````````````````````````
    Process Check:
    [u:011e373c8d]objlist.exe by Laurent[/u:011e373c8d][/b:011e373c8d]
    Malwarebytes' Anti-Malware mbamservice.exe
    Malwarebytes' Anti-Malware mbamgui.exe
    Kaspersky Lab Kaspersky Internet Security 2011 avp.exe
    [b:011e373c8d]``````````End of Log````````````[/b:011e373c8d]

    Heb nu wel

    Adobe flash Player 11 ActiveX64bit in de Configuratiescherm staan.
  • Hoi Klaas, ik schaam mij een beetje.
    Ik heb je de verkeerde Java feitelijk laten installeren.
    Je beschikt nu niet alleen over de Java runtime, maar ook over ontwikkeltools!

    Feitelijk had het deze moeten zijn: SP Secure Mirror (US) - x86 - JRE 7 Update 1 [EXE]

    Voor de rest ziet je log er goed uit.
  • Goedeavond Abraham

    Dat kan gebeuren, heb inmiddels deze

    SP Secure Mirror (US) - x86 - JRE 7 Update 1 [EXE] gedownload.

    Nogmaals mijn hartelijke dank

    fijne avond.
  • Mooi zo, indien je een en ander weer rechtgezet hebt, dan een laatste tip:

    ga een paar keer per jaar naar [b:6b9e9ec2f1]Secunia PSI (klik)[/b:6b9e9ec2f1] om te controleren of ook alles binnen Windows uptodate is.
    Want alleen dan is Windows op zijn veiligst!

    Klik op de Secunia site eerst op de knop [b:6b9e9ec2f1]Start Scanner[/b:6b9e9ec2f1] en zet vervolgens op de nieuwe pagina eerst een vinkje bij [b:6b9e9ec2f1]Enable thorough system inspection[/b:6b9e9ec2f1] aleer op [b:6b9e9ec2f1]Start[/b:6b9e9ec2f1] te klikken!

    Gebruik je geen Java, dan zal de site niet werken.
    Dan kan je de [b:6b9e9ec2f1]Secunia Personal Software Inspector (PSI)[/b:6b9e9ec2f1] downloaden en installeren.
    N.B.: na installatie start dit tool automatisch met Windows, maar dat is echt niet nodig en kan uitgescakeld worden!
    http://secunia.com/vulnerability_scanning/personal/
  • Goedeavond

    Bedankt voor de tip, zullen we zeker doen.

    Heb nu nog ff een vraag over mijn Desktop.

    Heb ik hier wel de goeie Flashplayer en Java opstaan.

    Windows 7 Home Premium 34 bits.

    Results of screen317's Security Check version 0.99.18
    Windows 7 Service Pack 1 (UAC is enabled)
    Internet Explorer 8
    [b:60fc45ef32]``````````````````````````````
    [u:60fc45ef32]Antivirus/Firewall Check:[/u:60fc45ef32][/b:60fc45ef32]
    Kaspersky Internet Security 2011
    [size=1:60fc45ef32]WMI entry may not exist for antivirus; attempting automatic update.[/size:60fc45ef32]
    [b:60fc45ef32]```````````````````````````````
    [u:60fc45ef32]Anti-malware/Other Utilities Check:[/u:60fc45ef32][/b:60fc45ef32]
    Malwarebytes' Anti-Malware
    CCleaner
    Java(TM) 7 Update 1
    [b:60fc45ef32]Out of date Java installed![/b:60fc45ef32][/color:60fc45ef32]
    [b:60fc45ef32]Flash Player Out of Date![/color:60fc45ef32][/b:60fc45ef32]
    Adobe Reader X (10.1.1)
    [b:60fc45ef32]````````````````````````````````
    Process Check:
    [u:60fc45ef32]objlist.exe by Laurent[/u:60fc45ef32][/b:60fc45ef32]
    Malwarebytes' Anti-Malware mbamservice.exe
    Malwarebytes' Anti-Malware mbamgui.exe
    Kaspersky Lab Kaspersky Internet Security 2011 avp.exe
    [b:60fc45ef32]``````````End of Log````````````[/b:60fc45ef32]

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.