Vraag & Antwoord

Beveiliging & privacy

laptop loopt vast; foutmelding beveiligingsopties

75 antwoorden
  • Hallo Eline, we gaan kijken - graag de drie logs in één keer posten. [color=#008000:d75a36a176][b:d75a36a176]Stap •1•[/b:d75a36a176][/color:d75a36a176] [b:d75a36a176]Download[/b:d75a36a176] [img:d75a36a176]http://www.imgdumper.nl/uploads7/52186926184c4/52186926180a1-adwcleaner_nieuw.png[/img:d75a36a176][url=http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner][b:d75a36a176] AdwCleaner by Xplode[/b:d75a36a176][/url]. [b:d75a36a176]Downloadlokatie[/b:d75a36a176]: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen! [b:d75a36a176]Opmerkingen[/b:d75a36a176]: [list:d75a36a176]Alle openstaande programma's en webpagina's dienen afgesloten te zijn. [*:d75a36a176]Dat na opstarten van [b:d75a36a176]AdwCleaner[/b:d75a36a176] de snelkoppelingen verdwijnen van bureaublad, is normaal.[/list:u:d75a36a176] [b:d75a36a176]AdwCleaner opstarten[/b:d75a36a176]: [list:d75a36a176][*:d75a36a176][b:d75a36a176][color=#0000FF:d75a36a176]Windows 2000[/color:d75a36a176][/b:d75a36a176] en [color=#0000FF:d75a36a176][b:d75a36a176]Windows XP[/b:d75a36a176][/color:d75a36a176]: dubbelklik op adwcleaner.exe. [*:d75a36a176][color=#0000FF:d75a36a176][b:d75a36a176]Windows Vista[/b:d75a36a176][/color:d75a36a176], [color=#0000FF:d75a36a176][b:d75a36a176]Windows 7[/b:d75a36a176][/color:d75a36a176] en [color=#0000FF:d75a36a176][b:d75a36a176]Windows 8[/b:d75a36a176][/color:d75a36a176]: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".[/list:u:d75a36a176] [b:d75a36a176]AdwCleaner is opgestart[/b:d75a36a176]: [list:d75a36a176][*:d75a36a176]Klik op de knop [b:d75a36a176]Scan[/b:d75a36a176] [*:d75a36a176]Is de scan gereed, klik dan op de knop [b:d75a36a176]Clean[/b:d75a36a176] [*:d75a36a176]Klik bij [b:d75a36a176]AdwCleaner – Afsluiting van de programma's[/b:d75a36a176] op [b:d75a36a176]OK[/b:d75a36a176] [*:d75a36a176]Klik bij [b:d75a36a176]AdwCleaner – Herstarten noodzakelijk[/b:d75a36a176] op [b:d75a36a176]OK[/b:d75a36a176][/list:u:d75a36a176] [b:d75a36a176]AdwCleaner logbestand[/b:d75a36a176]: [list:d75a36a176][*:d75a36a176]Nadat de PC opnieuw is opgestart, opent een logfile. [*:d75a36a176]Ingeval het log niet opent, is dit alsnog terug te vinden in C:\AdwCleaner\[b:d75a36a176]AdwCleaner[R1].txt[/b:d75a36a176] [*:d75a36a176]Post vervolgens de inhoud van dit log in je volgende bericht.[/list:u:d75a36a176] [color=#008000:d75a36a176][b:d75a36a176]Stap •2•[/b:d75a36a176][/color:d75a36a176] [b:d75a36a176]Download[/b:d75a36a176] [img:d75a36a176]http://www.imgdumper.nl/uploads7/51e281a62c587/51e281a62c183-Junkware_Removal_Tool_icon_Canned_1351185104.png.jpg[/img:d75a36a176] [url=http://thisisudax.org/downloads/JRT.exe][b:d75a36a176]Junkware Removal Tool by Thisisu[/b:d75a36a176][/url]. [b:d75a36a176]Downloadlokatie[/b:d75a36a176]: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen! [b:d75a36a176]Opmerkingen[/b:d75a36a176]: [list:d75a36a176][*:d75a36a176]Alle openstaande programma's en webpagina's dienen afgesloten te zijn. [*:d75a36a176]Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.: [*:d75a36a176][url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608][b:d75a36a176][color=#0000FF:d75a36a176]Hier[/color:d75a36a176][/b:d75a36a176][/url] en [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607][b:d75a36a176][color=#0000FF:d75a36a176]hier[/color:d75a36a176][/b:d75a36a176][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [*:d75a36a176]Dat tijdens de scan van [b:d75a36a176]JRT.exe[/b:d75a36a176] tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.[/list:u:d75a36a176] [b:d75a36a176]Junkware Removal Tool by Thisisu opstarten[/b:d75a36a176]: [list:d75a36a176][*:d75a36a176][b:d75a36a176][color=#0000FF:d75a36a176]Windows 2000[/color:d75a36a176][/b:d75a36a176] en [color=#0000FF:d75a36a176][b:d75a36a176]Windows XP[/b:d75a36a176][/color:d75a36a176]: dubbelklik op [b:d75a36a176]JRT.exe[/b:d75a36a176]. [*:d75a36a176][color=#0000FF:d75a36a176][b:d75a36a176]Windows Vista[/b:d75a36a176][/color:d75a36a176], [color=#0000FF:d75a36a176][b:d75a36a176]Windows 7[/b:d75a36a176][/color:d75a36a176] en [color=#0000FF:d75a36a176][b:d75a36a176]Windows 8[/b:d75a36a176][/color:d75a36a176]: via rechtsklik op [b:d75a36a176]JRT.exe[/b:d75a36a176] en kies voor "Als Administrator uitvoeren". [*:d75a36a176][b:d75a36a176]JRT.exe[/b:d75a36a176] zal daarna Windows gaan scannen. [*:d75a36a176]Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig. [*:d75a36a176]Indien de scan voltooid is, zal een logje ([b:d75a36a176]JRT.txt[/b:d75a36a176]) op het bureaublad opgeslagen worden en automatisch openen. [*:d75a36a176]Post de inhoud van dit log in je volgende bericht.[/list:u:d75a36a176] [color=#008000:d75a36a176][b:d75a36a176]Stap •3•[/b:d75a36a176][/color:d75a36a176] [b:d75a36a176]Download [img:d75a36a176]http://www.imgdumper.nl/uploads7/51f8d0367469c/51f8d03670fd5-RogueKiller_icon_Canned_def.jpg[/img:d75a36a176] [url=http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe]RogueKiller 32 bit (x86)[/url] of [url=http://www.sur-la-toile.com/RogueKiller/RogueKillerX64.exe]RogueKiller 64 bit (x64)[/url][/b:d75a36a176] [b:d75a36a176]Downloadlokatie[/b:d75a36a176]: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen! [b:d75a36a176]RogueKiller opstarten[/b:d75a36a176]: [list:d75a36a176][*:d75a36a176]Sluit nu eerst alle nog openstaande programmavensters! [*:d75a36a176][b:d75a36a176][color=#0000FF:d75a36a176]Windows 2000[/color:d75a36a176][/b:d75a36a176] en [color=#0000FF:d75a36a176][b:d75a36a176]Windows XP[/b:d75a36a176][/color:d75a36a176]: dubbelklik op RogueKiller.exe. [*:d75a36a176][color=#0000FF:d75a36a176][b:d75a36a176]Windows Vista[/b:d75a36a176][/color:d75a36a176], [color=#0000FF:d75a36a176][b:d75a36a176]Windows 7[/b:d75a36a176][/color:d75a36a176] en [color=#0000FF:d75a36a176][b:d75a36a176]Windows 8[/b:d75a36a176][/color:d75a36a176]: rechtsklik op RogueKiller.exe en dan kiezen voor Als Administrator uitvoeren.[/list:u:d75a36a176] [b:d75a36a176]Scannen[/b:d75a36a176]: [list:d75a36a176][*:d75a36a176][b:d75a36a176]Sluit voordat RogueKiller gaat scannen, eerst alle andere openstaande vensters![/b:d75a36a176] [*:d75a36a176]Na opstarten begint RogueKiller meteen een pre-scan, dus wacht tot de scan klaar is. [*:d75a36a176]Let op - activeer de volgende opties in RogueKiller: [list:d75a36a176] [*:d75a36a176] MBR Scan [*:d75a36a176] Check Faked [*:d75a36a176] Anti-Rootkit[/list:u:d75a36a176] [*:d75a36a176]Klik vervolgens op de knop [b:d75a36a176]Scan[/b:d75a36a176] [*:d75a36a176]Wacht tot het einde van de scan. [*:d75a36a176]Een log wordt aangemaakt en geplaatst op het bureaublad.[/list:u:d75a36a176] [b:d75a36a176]Hoe nu verder[/b:d75a36a176]: [list:d75a36a176][*:d75a36a176][b:d75a36a176][color=#008000:d75a36a176]Doe verder nog niks maar plaats eerst de inhoud van dat log in jouw volgende bericht en sluit RogueKiller.[/color:d75a36a176][/b:d75a36a176][/list:u:d75a36a176]
  • Bedankt voor je hulp! Hier de resultaten: # AdwCleaner v3.000 - Report created 24/08/2013 at 10:22:52 # Updated 20/08/2013 by Xplode # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits) # Username : Annelie - PC_VAN_BOUIUS # Running from : C:\Users\Annelie\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AVG Security Toolbar Folder Deleted : C:\ProgramData\boost_interprocess Folder Deleted : C:\ProgramData\InstallMate Folder Deleted : C:\ProgramData\SoftSafe Folder Deleted : C:\ProgramData\Trymedia Folder Deleted : C:\ProgramData\Alawar Stargaze Folder Deleted : C:\ProgramData\AlawarWrapper Folder Deleted : C:\ProgramData\Brrowse2save Folder Deleted : C:\Program Files\Bandoo Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\iMesh Applications Folder Deleted : C:\Program Files\Trymedia Folder Deleted : C:\Users\Annelie\AppData\Local\Conduit Folder Deleted : C:\Users\Annelie\AppData\Local\iMesh Folder Deleted : C:\Users\Annelie\AppData\LocalLow\AVG Security Toolbar Folder Deleted : C:\Users\Annelie\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Annelie\AppData\LocalLow\FunWebProducts Folder Deleted : C:\Users\Annelie\AppData\LocalLow\mediabarim Folder Deleted : C:\Users\Annelie\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Annelie\AppData\LocalLow\MyAshampoo Folder Deleted : C:\Users\Annelie\AppData\Roaming\DriverCure Folder Deleted : C:\Users\Annelie\AppData\Roaming\dvdvideosoftiehelpers Folder Deleted : C:\Users\Annelie\AppData\Roaming\iWin Folder Deleted : C:\Users\Annelie\AppData\Roaming\ParetoLogic Folder Deleted : C:\Users\Annelie\AppData\Roaming\Systweak Folder Deleted : C:\Users\Annelie\AppData\Roaming\Alawar Stargaze Folder Deleted : C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games Folder Deleted : C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\Extensions\p9n9_awgb@avmav-.net File Deleted : C:\Windows\system32\roboot.exe File Deleted : C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [p9n9_awgb@avmav-.net] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\ Key Deleted : HKLM\SOFTWARE\Classes\AppID\ Key Deleted : HKLM\SOFTWARE\Classes\AppID\ Key Deleted : HKLM\SOFTWARE\Classes\AppID\ Key Deleted : HKLM\SOFTWARE\Classes\AppID\ Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\ Key Deleted : HKLM\SOFTWARE\Classes\CLSID\ Key Deleted : HKLM\SOFTWARE\Classes\CLSID\ Key Deleted : HKLM\SOFTWARE\Classes\CLSID\ Key Deleted : HKLM\SOFTWARE\Classes\CLSID\ Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\ Key Deleted : HKLM\SOFTWARE\Classes\Interface\ Key Deleted : HKLM\SOFTWARE\Classes\Interface\ Key Deleted : HKLM\SOFTWARE\Classes\Interface\ Key Deleted : HKLM\SOFTWARE\Classes\Interface\ Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\ Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\ Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\ Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\ Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\ Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\ Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\ Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\ Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\ Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\ Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\ Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2DB9E23-17E8-4A40-BF7F-BC17D974E1DD} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\ Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\ Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED736C84-975C-4D72-A847-0AB2199C8CB6} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\ Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\systweak Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\ Key Deleted : HKCU\Software\ Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\conduitEngine Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\MyAshampoo\toolbar Key Deleted : HKLM\Software\PIP Key Deleted : HKLM\Software\SProtector Key Deleted : HKLM\Software\systweak Key Deleted : HKLM\Software\ Key Deleted : HKLM\Software\MyAshampoo Key Deleted : HKLM\Software\ Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1 Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16502 Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] -\\ Mozilla Firefox v [ File : C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [11539 octets] - [24/08/2013 10:12:11] AdwCleaner[R1].txt - [11600 octets] - [24/08/2013 10:21:08] AdwCleaner[S0].txt - [8265 octets] - [24/08/2013 10:22:52] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8325 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.4 (08.22.2013:1) OS: Windows Vista (TM) Home Premium x86 Ran by Annelie on za 24-08-2013 at 10:33:47,24 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\uniblue Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B33E9814-8BB4-4A1C-9BDD-D5E81BD5C091} ~~~ Files Successfully deleted: [File] C:\Windows\system32\shoB9A8.tmp Successfully deleted: [File] C:\Windows\system32\shoF323.tmp ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\big fish games" Successfully deleted: [Folder] "C:\ProgramData\fighters" Successfully deleted: [Folder] "C:\Users\Annelie\AppData\Roaming\big fish games" Successfully deleted: [Folder] "C:\Users\Annelie\AppData\Roaming\fighters" Successfully deleted: [Folder] "C:\Users\Annelie\AppData\Roaming\goforfiles" Successfully deleted: [Folder] "C:\Users\Annelie\AppData\Roaming\uniblue\speedupmypc" Successfully deleted: [Folder] "C:\Program Files\goforfiles" Successfully deleted: [Empty Folder] C:\Users\Annelie\appdata\local\{A2729467-2A7C-4E8D-895F-A60E324BED1F} Successfully deleted: [Empty Folder] C:\Users\Annelie\appdata\local\{A8ACDE4D-647B-4C28-B02C-6A3C3194A568} Successfully deleted: [Empty Folder] C:\Users\Annelie\appdata\local\{BBC54A1F-83A2-4E88-B0C5-A57F0DA7A451} Successfully deleted: [Empty Folder] C:\Users\Annelie\appdata\local\{E40BE0F5-FDEB-4523-89F2-6221F6CFECA9} ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on za 24-08-2013 at 10:35:41,55 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ RogueKiller V8.6.6 [Aug 19 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ besturingssysteem : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Gestart vanuit : Veilige modus met netwerk ondersteuning Gebruiker : Annelie [Administrator rechten] Modus : Scan -- Datum : 08/24/2013 10:39:03 | ARK || FAK || MBR | ¤¤¤ Kwaadaardige processen : 0 ¤¤¤ ¤¤¤ Register verwijzingen : 7 ¤¤¤ [RUN][SUSP PATH] HKCU\[...]\Run : Google Update ("C:\Users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> gevonden [RUN][SUSP PATH] HKUS\S-1-5-21-3664994681-2771770649-958364049-1000\[...]\Run : Google Update ("C:\Users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> gevonden [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> gevonden [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> gevonden [HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> gevonden [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> gevonden [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden ¤¤¤ geplande taken : 2 ¤¤¤ [V1][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-3664994681-2771770649-958364049-1000UA.job : C:\Users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> gevonden [V1][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-3664994681-2771770649-958364049-1000Core.job : C:\Users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> gevonden ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ webbrowsers : 0 ¤¤¤ ¤¤¤ Speciale Files / Folders: ¤¤¤ ¤¤¤ Driver : [Niet geladen 0xc000035f] ¤¤¤ ¤¤¤ Externe Hives: ¤¤¤ ¤¤¤ Infectie : ¤¤¤ ¤¤¤ HOSTS Bestand: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Controle: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK1652GSX +++++ --- User --- [MBR] 95317f4ed211d593ce5e8f6e58c6d935 [BSP] 7296854703d6b267fd937391933a27d1 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 76154 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 159037440 | Size: 74971 Mo User = LL1 ... OK! User = LL2 ... OK! Gereed : << RKreport[0]_S_08242013_103903.txt >>
  • [b:c91f02b485]Download [img:c91f02b485]http://www.imgdumper.nl/uploads6/51c590ce3cf4a/51c590ce361e7-ComboFix_resized_2.png[/img:c91f02b485][color=#008000:c91f02b485][b] ComboFix[/b:c91f02b485][/color:c91f02b485] via één van deze locaties[/B]: [list:c91f02b485][*:c91f02b485][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:c91f02b485]Bleepingcomputer[/b:c91f02b485][/url] [*:c91f02b485][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:c91f02b485]ForoSpyware[/b:c91f02b485][/url] [*:c91f02b485][url=http://subs.geekstogo.com/ComboFix.exe][b:c91f02b485]Geekstogo[/b:c91f02b485][/url][/list:u:c91f02b485] [b:c91f02b485]Downloadlokatie[/b:c91f02b485]: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen! [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:c91f02b485][color=#0000FF:c91f02b485]Hier[/color:c91f02b485][/b:c91f02b485][/url] vind je extra informatie over ComboFix. [color=#FF0000:c91f02b485][b:c91f02b485]Antivirusprogramma en actieve malwarescanners dienen al voor je [b]ComboFix[/b:c91f02b485] start gedeaktiveert zijn![/b][/color:c91f02b485] [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608][b:c91f02b485][color=#0000FF:c91f02b485]Hier[/color:c91f02b485][/b:c91f02b485][/url] en [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607][b:c91f02b485][color=#0000FF:c91f02b485]hier[/color:c91f02b485][/b:c91f02b485][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:c91f02b485]Opmerkingen[/b:c91f02b485]: [list:c91f02b485][*:c91f02b485]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:c91f02b485] [b:c91f02b485]ComboFix opstarten[/b:c91f02b485]: [list:c91f02b485][*:c91f02b485][color=#0000FF:c91f02b485][b:c91f02b485]Windows Vista[/b:c91f02b485][/color:c91f02b485], [color=#0000FF:c91f02b485][b:c91f02b485]Windows 7[/b:c91f02b485][/color:c91f02b485] en [color=#0000FF:c91f02b485][b:c91f02b485]Windows 8[/b:c91f02b485][/color:c91f02b485]: via rechtsklik op [b:c91f02b485]ComboFix.exe[/b:c91f02b485] en kies voor "Als Administrator uitvoeren".[/list:u:c91f02b485] [b:c91f02b485]ComboFix is opgestart[/b:c91f02b485]: [list:c91f02b485][*:c91f02b485]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:c91f02b485]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:c91f02b485]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:c91f02b485]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:c91f02b485]Post de inhoud van dit logbestand in je volgende bericht. [*:c91f02b485]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:c91f02b485] [b:c91f02b485]Belangrijke opmerking[/b:c91f02b485]: [list:c91f02b485][*:c91f02b485][b:c91f02b485][color=#0000FF:c91f02b485]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:c91f02b485][/b:c91f02b485] [*:c91f02b485][b:c91f02b485][color=#FF0000:c91f02b485]Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.[/color:c91f02b485][/b:c91f02b485] [*:c91f02b485][b:c91f02b485][color=#008000:c91f02b485]Start dan de computer opnieuw op.[/color:c91f02b485][/b:c91f02b485][/list:u:c91f02b485]
  • Ik heb het e.e.a. nog steeds in de veilige modus gedaan. Kreeg tijdens de uitvoering van combifix wel een waarschuwing dat de realtime scanner van Avast actief zou zijn. Ik zie echter rechtsonderin geen Avast pictogram. Ik heb toen Avast proberen te openen via het pictogram op het bureaublad, maar toen gaf de pc de volgende fout: Failed to load language dll [1033/UlLangeRes,dll]. Ik heb Combifix maar gewoon laten draaien. Dit is het resultaat: ComboFix 13-08-22.01 - Annelie 24-08-2013 11:09:09.1.2 - x86 NETWORK Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.2939.2337 [GMT 2:00] Gestart vanuit: c:\users\Annelie\Desktop\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\prefs.js c:\users\Annelie\AppData\Roaming\Roaming c:\windows\unin0413.exe c:\windows\wininit.ini . . (((((((((((((((((((( Bestanden Gemaakt van 2013-07-24 to 2013-08-24 )))))))))))))))))))))))))))))) . . 2013-08-24 09:17 . 2013-08-24 09:17 -------- d-----w- c:\users\Annelie\AppData\Local\temp 2013-08-24 08:33 . 2013-08-24 08:33 -------- d-----w- c:\windows\ERUNT 2013-08-24 08:12 . 2013-08-24 08:23 -------- d-----w- C:\AdwCleaner 2013-08-23 13:40 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{15DB44C6-14A4-427F-951C-DFDB1E73128C}\mpengine.dll 2013-08-22 19:06 . 2013-08-22 19:06 -------- d-----w- c:\program files\Youda Mystery The Stanwick Legacy 2013-08-22 18:01 . 2013-08-22 18:01 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} 2013-08-22 18:00 . 2013-08-22 18:37 -------- d-----w- c:\program files\IObit 2013-08-22 17:57 . 2013-08-22 18:00 -------- d-----w- c:\users\Annelie\AppData\Roaming\Wise Registry Cleaner 2013-08-22 17:56 . 2013-08-22 17:56 -------- d-----w- c:\program files\Wise 2013-08-22 15:19 . 2009-06-04 17:43 330264 ----a-w- c:\windows\system32\drivers\iaStor.sys 2013-08-19 19:38 . 2013-08-19 19:38 -------- d-----w- c:\users\Annelie\AppData\Local\iLinc 2013-08-17 07:47 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-08-17 07:47 . 2013-08-17 07:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-08-15 19:14 . 2013-08-15 19:14 -------- d-----w- c:\users\Annelie\AppData\Roaming\DieselPuppet 2013-08-14 13:12 . 2013-08-14 13:12 -------- d-----w- C:\Intel 2013-08-14 13:08 . 2013-08-14 13:08 80488 ----a-w- c:\windows\system32\RtNicProp32.dll 2013-08-14 13:08 . 2013-08-14 13:08 454288 ----a-w- c:\windows\system32\drivers\Rtlh86.sys 2013-08-14 13:04 . 2013-08-14 13:04 852824 ----a-w- c:\windows\system32\RTKSMSettingsIPC.dll 2013-08-14 12:59 . 2013-08-22 18:01 -------- d-----w- c:\programdata\IObit 2013-08-14 12:59 . 2013-08-22 18:06 -------- d-----w- c:\users\Annelie\AppData\Roaming\IObit 2013-08-14 12:19 . 2013-06-15 11:23 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2013-08-14 12:19 . 2013-06-15 13:22 15872 ----a-w- c:\windows\system32\icaapi.dll 2013-08-14 12:19 . 2013-07-05 04:53 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-08-14 12:19 . 2013-07-17 19:41 2048 ----a-w- c:\windows\system32\tzres.dll 2013-08-14 12:19 . 2013-07-10 09:47 783360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-08-14 12:19 . 2013-07-09 12:10 1205168 ----a-w- c:\windows\system32\ntdll.dll 2013-08-14 12:19 . 2013-07-08 04:55 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-08-14 12:19 . 2013-07-08 04:55 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-08-14 12:18 . 2013-07-08 04:16 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-14 12:18 . 2013-07-08 04:16 992768 ----a-w- c:\windows\system32\crypt32.dll 2013-08-14 12:18 . 2013-07-08 04:20 172544 ----a-w- c:\windows\system32\wintrust.dll 2013-08-14 12:18 . 2013-07-08 04:16 98304 ----a-w- c:\windows\system32\cryptnet.dll 2013-08-09 19:51 . 2013-08-09 19:51 -------- d-----w- c:\users\Annelie\AppData\Roaming\AlawarEntertainment . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-14 13:09 . 2009-07-17 14:48 268832 ----a-w- c:\windows\system32\igfxsrvc.exe 2013-08-14 13:09 . 2009-07-17 14:48 138784 ----a-w- c:\windows\system32\igfxtray.exe 2013-08-14 13:09 . 2008-08-19 11:04 57856 ----a-w- c:\windows\system32\igfxsrvc.dll 2013-08-14 13:09 . 2008-08-19 11:04 261632 ----a-w- c:\windows\system32\igfxTMM.dll 2013-08-14 13:09 . 2009-07-17 14:48 86016 ----a-w- c:\windows\system32\igfxrnld.lrc 2013-08-14 13:09 . 2008-08-19 11:04 828928 ----a-w- c:\windows\system32\igfxress.dll 2013-08-14 13:09 . 2009-07-17 14:48 173600 ----a-w- c:\windows\system32\igfxpers.exe 2013-08-14 13:09 . 2008-08-19 11:04 228864 ----a-w- c:\windows\system32\igfxdev.dll 2013-08-14 13:09 . 2009-07-17 14:48 172064 ----a-w- c:\windows\system32\hkcmd.exe 2013-08-14 13:09 . 2008-08-19 11:04 95232 ----a-w- c:\windows\system32\hccutils.dll 2013-08-14 13:08 . 2009-11-12 06:24 100896 ----a-w- c:\windows\system32\RTNUninst32.dll 2013-08-14 13:04 . 2008-11-19 13:01 3237448 ----a-w- c:\windows\system32\RtkAPO.dll 2013-07-25 07:46 . 2013-07-25 07:46 97008 ----a-w- c:\windows\system32\drivers\RapportKELL.sys 2013-07-14 07:47 . 2012-03-30 05:56 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-07-14 07:47 . 2011-05-24 13:12 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-06-28 09:59 . 2013-03-05 06:06 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-06-28 09:59 . 2011-04-29 16:02 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-06-28 09:59 . 2011-04-29 16:02 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-06-27 18:19 . 2013-06-27 18:19 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-06-27 18:19 . 2012-06-24 15:01 867240 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-06-27 18:19 . 2010-06-05 13:13 789416 ----a-w- c:\windows\system32\deployJava1.dll 2013-06-04 01:50 . 2013-07-10 06:07 2049024 ----a-w- c:\windows\system32\win32k.sys 2013-06-01 04:06 . 2013-07-10 06:07 505344 ----a-w- c:\windows\system32\qedit.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2013-08-14 11930696] "WireLessMouse"="c:\program files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe" [2007-03-06 212992] "KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-08-14 138784] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-08-14 172064] "Persistence"="c:\windows\system32\igfxpers.exe" [2013-08-14 173600] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "TOSHIBA Online Product Information"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^Users^Annelie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeRapid 0.83u1.lnk] path=c:\users\Annelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeRapid 0.83u1.lnk backup=c:\windows\pss\FreeRapid 0.83u1.lnk.Startup backupExtension=.Startup . [HKLM\~\startupfolder\C:^Users^Annelie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk] path=c:\users\Annelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk backup=c:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup . [HKLM\~\startupfolder\C:^Users^Annelie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0 .lnk] path=c:\users\Annelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0 .lnk backup=c:\windows\pss\OpenOffice.org 3.0 .lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2013-08-17 08:09 5703920 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2013-03-22 04:07 248208 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO] 2010-10-26 13:00 1050072 ----a-w- c:\program files\Toshiba TEMPRO\TemproTray.exe . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Google Update"="c:\users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe" /c . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-05-23 119056] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - ECACHE . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2013-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 07:47] . 2013-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 16:29] . 2013-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 16:29] . 2013-08-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3664994681-2771770649-958364049-1000Core.job - c:\users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-06 13:15] . 2013-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3664994681-2771770649-958364049-1000UA.job - c:\users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-06 13:15] . . ------- Bijkomende Scan ------- . mStart Page = hxxp://alawar.co.nl mSearch Bar = hxxp://www.google.com uInternet Settings,ProxyOverride = *.local Trusted Zone: microsoft.com\www TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-{f230d1cd-647f-4856-8538-8c0d39e5ecf2} - (no file) SafeBoot-SolutoService MSConfigStartUp-PowerSuite - c:\program files\Uniblue\PowerSuite\launcher.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-08-24 11:17 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:0000007b . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2013-08-24 11:19:51 ComboFix-quarantined-files.txt 2013-08-24 09:19 . Pre-Run: 15.969.943.552 bytes beschikbaar Post-Run: 16.840.736.768 bytes beschikbaar . - - End Of File - - FE45FED81167A531FD4FB8A68FC8B71A 5C616939100B85E558DA92B899A0FC36
  • Hoi Eline, verwijder alles wat je van Iobit in jouw Windows hebt. Iobit is een Chinese softwareleverancier die het niet bepaald nauw neemt met andermans software eigendommen! Download de [img:74a1a97478]http://www.imgdumper.nl/uploads6/51a46c3b1810a/51a46c3b17d42-HitmanPro-logo16px.png[/img:74a1a97478] [b:74a1a97478][color=#0000FF:74a1a97478]32 of 64 bit versie van HitmanPro[/color:74a1a97478][/b:74a1a97478] naar het bureaublad. [list:74a1a97478] [*:74a1a97478] [b:74a1a97478][url=https://www.cleverbridge.com/747/cookie?affiliate=21030&redirectto=http%3a%2f%2fdl.surfright.nl%2fHitmanPro.exe&product=69061]HitmanPro (32bit)[/url][/b:74a1a97478] [*:74a1a97478] [b:74a1a97478][url=https://www.cleverbridge.com/747/cookie?affiliate=21030&redirectto=http%3a%2f%2fdl.surfright.nl%2fHitmanPro_x64.exe&product=69061]HitmanPro (64bit)[/url][/b:74a1a97478][/list:u:74a1a97478] [b:74a1a97478][url=http://antimalwaresoftware.nl/handleidingen/hitmanpro-installeren-scannen/]Klik hier[/url][/b:74a1a97478] voor een uitgebreide handleiding van HitmanPro. [list:74a1a97478] [*:74a1a97478] Dubbelklik op "[b:74a1a97478]HitmanPro.exe[/b:74a1a97478]" en klik op "[b:74a1a97478]volgende[/b:74a1a97478]" [*:74a1a97478] Vink de optie "[b:74a1a97478]Ik accepteer de voorwaarden van de gebruikersovereenkomst aan[/b:74a1a97478]" en klik op "[b:74a1a97478]Volgende[/b:74a1a97478]" [*:74a1a97478] Klik in het setup scherm nu nogmaals op "[b:74a1a97478]Volgende[/b:74a1a97478]", nu zal automatisch de scan starten, doe verder niets op de computer totdat de scan gereed is. [*:74a1a97478] Als de scan klaar is klik je op [b:74a1a97478]"volgende"[/b:74a1a97478] [*:74a1a97478] Activeer nu de gratis licentie, hiermee kunt u 30 dagen gratis HitmanPro gebruiken en de gevonden infecties verwijderen. [*:74a1a97478] [i:74a1a97478][color=#FF0000:74a1a97478]Note:[/color:74a1a97478][/i:74a1a97478] indien u reeds eerder gebruik hebt gemaakt van de 30 dagen trial-versie van HitmanPro is het niet meer mogelijk om gratis de gevonden infecties te verwijderen. [*:74a1a97478] Als het verwijderen gereed is klik je onderin het scherm op "[b:74a1a97478]Save log[/b:74a1a97478]" of "[b:74a1a97478]Logbestand opslaan[/b:74a1a97478]" en sla deze op bijvoorbeeld het bureaublad op. Post dit logje. [*:74a1a97478] Klik nu op de knop "[b:74a1a97478]Herstarten[/b:74a1a97478]".[/list:u:74a1a97478]
  • [code:1:7707f6eb86] HitmanPro 3.7.7.203 www.hitmanpro.com Computer name . . . . : PC_VAN_BOUIUS Windows . . . . . . . : 6.0.2.6002.X86/2 Safe Mode Boot . . . : NETWORK User name . . . . . . : PC_van_bouius\Annelie UAC . . . . . . . . . : Disabled License . . . . . . . : Trial (30 days left) Scan date . . . . . . : 2013-08-24 14:06:28 Scan mode . . . . . . : Normal Scan duration . . . . : 3m 12s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : Yes Threats . . . . . . . : 6 Traces . . . . . . . : 201 Objects scanned . . . : 1.857.722 Files scanned . . . . : 26.748 Remnants scanned . . : 377.454 files / 1.453.520 keys Suspicious files ____________________________________________________________ C:\Users\Annelie\AppData\Roaming\LeeGT-Games\Jet Set Go\install\CB98F35\Jet Set Go.exe Size . . . . . . . : 8.369.496 bytes Age . . . . . . . : 855.3 days (2011-04-22 07:11:18) Entropy . . . . . : 7.7 SHA-256 . . . . . : E3C5367A7C8EC47836DEA122B145C62B4CCB36BA5E16FB942B35D11F3329EFEC Version . . . . . : 3.3.0.63135 RSA Key Size . . . : 1024 Authenticode . . . : Invalid Fuzzy . . . . . . : 27.0 Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Program contains PE structure anomalies. This is not typical for most programs. C:\Windows\system32\igfxdev.dll -> Quarantined Size . . . . . . . : 228.864 bytes Age . . . . . . . : 10.0 days (2013-08-14 15:09:43) Entropy . . . . . : 6.5 SHA-256 . . . . . : D8A4AD4FFAB2C0F9A8E5DB8985CC9D0C25C9B7BB03B981249DB812B81E90748C Product . . . . . : Intel(R) Common User Interface Publisher . . . . : Intel Corporation Description . . . : igfxdev Module Version . . . . . : 8.15.10.2869 Copyright . . . . : Copyright 1999-2006, Intel Corporation Fuzzy . . . . . . : 24.0 This file was most recently added as automatic startup. Automatically starts as notification package during interactive logon. Malware tends to start this way. Program starts automatically without user intervention. The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities. Time indicates that the file appeared recently on this computer. Startup HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\ Forensic Cluster -27.9s C:\Windows\System32\DriverStore\FileRepository\netrtx32.inf_14fa1fff\ -27.9s C:\Windows\System32\DriverStore\FileRepository\netrtx32.inf_14fa1fff\component.man -27.9s C:\Windows\System32\DriverStore\FileRepository\netrtx32.inf_14fa1fff\component.man -27.9s C:\Windows\System32\DriverStore\FileRepository\netrtx32.inf_14fa1fff\component.man -27.0s C:\Windows\inf\oem31.inf -26.4s C:\Windows\inf\oem31.PNF -26.4s C:\Windows\inf\oem31.PNF -26.4s C:\Windows\inf\oem31.PNF -24.4s C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem31.CAT -23.7s C:\Windows\System32\DriverStore\FileRepository\netrtx32.inf_14fa1fff\netrtx32.PNF -23.7s C:\Windows\System32\DriverStore\FileRepository\netrtx32.inf_14fa1fff\netrtx32.PNF -11.1s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\d3dx10_40.dll -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.de-DE.resources -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.da-DK.resources -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.ar-SA.resources -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.cs-CZ.resources -10.8s C:\Windows\System32\Gfxres.ar-SA.resources -10.8s C:\Windows\System32\Gfxres.cs-CZ.resources -10.8s C:\Windows\System32\Gfxres.cs-CZ.resources -10.8s C:\Windows\System32\Gfxres.cs-CZ.resources -10.8s C:\Windows\System32\Gfxres.da-DK.resources -10.8s C:\Windows\System32\Gfxres.de-DE.resources -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.el-GR.resources -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.en-US.resources -10.8s C:\Windows\System32\Gfxres.el-GR.resources -10.8s C:\Windows\System32\Gfxres.en-US.resources -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.fi-FI.resources -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.he-IL.resources -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.es-ES.resources -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.fr-FR.resources -10.8s C:\Windows\System32\Gfxres.es-ES.resources -10.8s C:\Windows\System32\Gfxres.fi-FI.resources -10.8s C:\Windows\System32\Gfxres.fr-FR.resources -10.8s C:\Windows\System32\Gfxres.he-IL.resources -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.hu-HU.resources -10.7s C:\Windows\System32\Gfxres.hu-HU.resources -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.it-IT.resources -10.7s C:\Windows\System32\Gfxres.it-IT.resources -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.ja-JP.resources -10.7s C:\Windows\System32\Gfxres.ja-JP.resources -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.nb-NO.resources -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.ko-KR.resources -10.7s C:\Windows\System32\Gfxres.ko-KR.resources -10.7s C:\Windows\System32\Gfxres.nb-NO.resources -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.nl-NL.resources -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.pl-PL.resources -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.pt-BR.resources -10.7s C:\Windows\System32\Gfxres.nl-NL.resources -10.7s C:\Windows\System32\Gfxres.pl-PL.resources -10.7s C:\Windows\System32\Gfxres.pt-BR.resources -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.sk-SK.resources -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.pt-PT.resources -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.ru-RU.resources -10.7s C:\Windows\System32\Gfxres.pt-PT.resources -10.7s C:\Windows\System32\Gfxres.ru-RU.resources -10.7s C:\Windows\System32\Gfxres.sk-SK.resources -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.th-TH.resources -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.sl-SI.resources -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.sv-SE.resources -10.6s C:\Windows\System32\Gfxres.sl-SI.resources -10.6s C:\Windows\System32\Gfxres.sv-SE.resources -10.6s C:\Windows\System32\Gfxres.th-TH.resources -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.zh-CN.resources -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.tr-TR.resources -10.6s C:\Windows\System32\Gfxres.tr-TR.resources -10.6s C:\Windows\System32\Gfxres.zh-CN.resources -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\gfxSrvc.dll -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.zh-TW.resources -10.6s C:\Windows\System32\gfxSrvc.dll -10.6s C:\Windows\System32\Gfxres.zh-TW.resources -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\GfxUI.exe -10.6s C:\Windows\System32\GfxUI.exe -9.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\GfxUI.exe.config -9.4s C:\Windows\System32\GfxUI.exe.config -9.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\hccutils.dll -9.4s C:\Windows\System32\hccutils.dll -9.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\hkcmd.exe -9.3s C:\Windows\System32\hkcmd.exe -9.3s C:\Windows\System32\hkcmd.exe -8.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\ig4icd32.dll -8.9s C:\Windows\System32\ig4icd32.dll -5.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igcompkrng500.bin -5.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igd10umd32.dll -5.7s C:\Windows\System32\igd10umd32.dll -4.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igdkmd32.sys -4.3s C:\Windows\System32\drivers\igdkmd32.sys -2.0s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igdumd32.dll -2.0s C:\Windows\System32\igdumd32.dll -0.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igdumdx32.dll -0.2s C:\Windows\System32\igdumdx32.dll -0.0s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfcg500m.bin -0.0s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxcpl.cpl -0.0s C:\Windows\System32\igfxcpl.cpl 0.0s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxdev.dll 0.0s C:\Windows\System32\igfxdev.dll 0.1s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\IGFXDEVLib.dll 0.1s C:\Windows\System32\IGFXDEVLib.dll 0.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxdo.dll 0.2s C:\Windows\System32\igfxdo.dll 0.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxexps.dll 0.2s C:\Windows\System32\igfxexps.dll 0.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxext.exe 0.2s C:\Windows\System32\igfxext.exe 0.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxpers.exe 0.3s C:\Windows\System32\igfxpers.exe 0.3s C:\Windows\System32\igfxpers.exe 0.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxpph.dll 0.3s C:\Windows\System32\igfxpph.dll 0.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrara.lrc 0.3s C:\Windows\System32\igfxrara.lrc 0.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrchs.lrc 0.3s C:\Windows\System32\igfxrchs.lrc 0.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrcht.lrc 0.4s C:\Windows\System32\igfxrcht.lrc 0.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrcsy.lrc 0.4s C:\Windows\System32\igfxrcsy.lrc 0.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrdan.lrc 0.4s C:\Windows\System32\igfxrdan.lrc 0.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrdeu.lrc 0.4s C:\Windows\System32\igfxrdeu.lrc 0.5s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrell.lrc 0.5s C:\Windows\System32\igfxrell.lrc 0.5s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrenu.lrc 0.5s C:\Windows\System32\igfxrenu.lrc 0.5s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxresn.lrc 0.5s C:\Windows\System32\igfxresn.lrc 0.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxress.dll 0.6s C:\Windows\System32\igfxress.dll 0.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrfin.lrc 0.9s C:\Windows\System32\igfxrfin.lrc 0.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrfra.lrc 0.9s C:\Windows\System32\igfxrfra.lrc 0.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrheb.lrc 0.9s C:\Windows\System32\igfxrheb.lrc 1.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrhun.lrc 1.2s C:\Windows\System32\igfxrhun.lrc 1.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrita.lrc 1.2s C:\Windows\System32\igfxrita.lrc 1.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrjpn.lrc 1.2s C:\Windows\System32\igfxrjpn.lrc 1.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrkor.lrc 1.2s C:\Windows\System32\igfxrkor.lrc 1.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrnld.lrc 1.3s C:\Windows\System32\igfxrnld.lrc 1.3s C:\Windows\System32\igfxrnld.lrc 1.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrnor.lrc 1.3s C:\Windows\System32\igfxrnor.lrc 1.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrplk.lrc 1.3s C:\Windows\System32\igfxrplk.lrc 1.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrptb.lrc 1.3s C:\Windows\System32\igfxrptb.lrc 1.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrptg.lrc 1.6s C:\Windows\System32\igfxrptg.lrc 1.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrrus.lrc 1.6s C:\Windows\System32\igfxrrus.lrc 1.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrsky.lrc 1.6s C:\Windows\System32\igfxrsky.lrc 1.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrslv.lrc 1.6s C:\Windows\System32\igfxrslv.lrc 1.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrsve.lrc 1.7s C:\Windows\System32\igfxrsve.lrc 1.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrtha.lrc 1.8s C:\Windows\System32\igfxrtha.lrc 1.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrtrk.lrc 1.8s C:\Windows\System32\igfxrtrk.lrc 1.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxsrvc.dll 1.9s C:\Windows\System32\igfxsrvc.dll 1.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxsrvc.exe 1.9s C:\Windows\System32\igfxsrvc.exe 1.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxTMM.dll 1.9s C:\Windows\System32\igfxTMM.dll 2.0s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxtray.exe 2.0s C:\Windows\System32\igfxtray.exe 2.0s C:\Windows\System32\igfxtray.exe 2.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igkrng500.bin 3.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhcp32.dll 3.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhsip32.dll 3.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhxa32.cpa 4.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhxg32.vp 4.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhxa32.vp 4.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhxc32.vp 4.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhxo32.vp 4.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhxs32.vp 4.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igxpco32.dll 4.2s C:\Windows\System32\iglhxs32.vp 4.2s C:\Windows\System32\igfxCoIn_v2869.dll 4.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\kit49659.inf 4.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\kit49659.cat 6.1s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\TVWSetup.exe 6.1s C:\Windows\System32\TVWSetup.exe Malware remnants ____________________________________________________________ HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}\ (Adware.MyWebSearch) -> Deleted Cookies _____________________________________________________________________ C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:stat.onestat.com C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:tpgpost.122.2o7.net C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\1BRFTBMX.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\2MFSCW7Y.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\342Y21YC.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\4B9ZMF5S.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\4SMYKCD5.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\7MASH8IU.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\8NVU0Q8N.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\9WRWXEJ7.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\D8QHVRHV.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\F241CBXD.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\FE70F8UP.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\HZ8WEXH8.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\N5UE1LXV.txt C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\YVT3IJ2G.txt [/code:1:7707f6eb86]
  • Ik heb overigens alleen een lege map van Iobit kunnen vinden en verwijdert. Zou niet weten wat er nog meer van Iobit op mijn pc staat!
  • [quote:ab4c18ffdb="eline"]Ik heb overigens alleen een lege map van Iobit kunnen vinden en verwijdert. Zou niet weten wat er nog meer van Iobit op mijn pc staat![/quote:ab4c18ffdb] O sorry, ik snap het al. Heb in de combifix log gekeken en alles met Iobit opgezocht en verwijderd. Neem aan dat je het zo bedoelde. :oops:
  • Ik wil graag dat jij nu een Schijfcontrole gaat doen. Klik daarvoor Computer open en vraag vervolgens de [b:276c52a131]Eigenschappen[/b:276c52a131] van --> "C" op. Klik nu op de tab [b:276c52a131]Extra[/b:276c52a131] Klik vervolgens op de knop [b:276c52a131]Nu controleren[/b:276c52a131] in het gedeelte waar staat "Hiermee kunt u het station op fouten controleren". In het nieuwe venstertje zorg je ervoor dat beide opties aangevinkt zijn. Vervolgens krijg je de melding dat Windows voor die actie moet herstarten. Doe dat dan ook. Hierdoor wordt de systeemschijf niet alleen op clusterfouten gecontroleerd, maar ook op fouten in het bestandssysteem die dan gerepareerd worden. Afhankelijk van de omvanggrootte van Windows en de grootte van de schijven, kan deze scan enige tijd in beslag nemen!
  • Ik heb schijfcontrole uitgevoerd. Zowel van de C-schijf als de E-schijf. Heb nu de pc normaal opgestart, maar Int Expl werkt niet (wèl in veilige modus) en Avast werkt ook niet. Daarvan krijg ik die foutmelding: Failed to load language dll [1033\UlLangeRes.dll] Wat is er toch allemaal aan de hand? :o
  • [b:d7b0492daa]Doe de [url=http://www.eset.com/home/products/online-scanner/][img:d7b0492daa]http://www.imgdumper.nl/uploads7/51e818553fadd/51e818553f6fd-EsetCanned.png[/img:d7b0492daa][color=#FF0000:d7b0492daa] ESET online scan (Klik).[/color:d7b0492daa][/url][/b:d7b0492daa] [list:d7b0492daa] [*:d7b0492daa]Klik op de blauwe knop [b:d7b0492daa]Run ESET Online Scanner[/b:d7b0492daa] [*:d7b0492daa]Zet een vinkje bij [b:d7b0492daa]YES, I accept the Terms of Use[/b:d7b0492daa] [*:d7b0492daa]Klik op [b:d7b0492daa]Start[/b:d7b0492daa] [*:d7b0492daa]Sta het [b:d7b0492daa]ActiveX control[/b:d7b0492daa] toe om te installeren. [*:d7b0492daa]Zet een vinkje bij de volgende opties: [list:d7b0492daa][*:d7b0492daa][b:d7b0492daa][i:d7b0492daa]Remove found threats[/i:d7b0492daa][/b:d7b0492daa] [*:d7b0492daa][b:d7b0492daa][i:d7b0492daa]Scan archives[/i:d7b0492daa][/b:d7b0492daa][/list:u:d7b0492daa] [*:d7b0492daa]Klik vervolgens op [b:d7b0492daa]Advanced Settings[/b:d7b0492daa] [list:d7b0492daa][*:d7b0492daa][b:d7b0492daa][i:d7b0492daa]Scan for potentially unwanted applications[/i:d7b0492daa][/b:d7b0492daa] [*:d7b0492daa][b:d7b0492daa][i:d7b0492daa]Scan for potentially unsafe applications[/i:d7b0492daa][/b:d7b0492daa] [*:d7b0492daa][b:d7b0492daa][i:d7b0492daa]Enable Anti-Stealth technology[/i:d7b0492daa][/b:d7b0492daa][/list:u:d7b0492daa] [*:d7b0492daa]Klik op [b:d7b0492daa]Start[/b:d7b0492daa][/list:u:d7b0492daa] [list:d7b0492daa][*:d7b0492daa]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:d7b0492daa]is de scan klaar, daarna mag jij het venster sluiten omdat de scan klaar is. [*:d7b0492daa]Ga vervolgens naar [b:d7b0492daa]C:\Program Files\ESET\ESET Online Scanner[/b:d7b0492daa] (Windows 64-bit: [b:d7b0492daa]C:\Program Files (x86)\ESET\ESET Online Scanner[/b:d7b0492daa]) en klik daar op [b:d7b0492daa]log.txt[/b:d7b0492daa] [*:d7b0492daa]Selekteer, kopieer en plak dan de inhoud van dit log in je volgende bericht. [*:d7b0492daa][b:d7b0492daa][color=#008000:d7b0492daa]Notabene:[/color:d7b0492daa][color=#0000FF:d7b0492daa] deaktiveer tijdelijk de eigen antivirus tijdens de scan, dan is de onlinescan sneller![/color:d7b0492daa][/b:d7b0492daa][/list:u:d7b0492daa] Gebruik je een andere browser dan IE, dan download je een kleine webinstaller, [b:d7b0492daa]esetsmartinstaller_enu.exe[/b:d7b0492daa]. De Eset Online scanner zal vervolgens in een kleiner venster opstarten, je markeert dan eerst de instelling zoals hierboven aangegeven. Klik daarna op de knop "Start" - vervolgens zal eerst de database worden gedownload en is dat gebeurd, start de scan.
  • Gisteravond heb ik deze Eset Online scanner al gedraaid. Dit kwam er uit: ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=048dfceec70424458d62b35a22c1cb99 # engine=14863 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2013-08-22 01:46:36 # local_time=2013-08-22 03:46:36 (+0100, West-Europa (zomertijd)) # country="Netherlands" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=774 16777214 85 93 1058338 153889068 0 0 # compatibility_mode=5892 16776573 100 100 10457 214711924 0 0 # scanned=188170 # found=3 # cleaned=3 # scan_time=6762 sh=2378F9E258834CAD29B65B8EAE83E438F6868C72 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\extensions\gdce@oqleiu.net\content\bg.js" sh=0B63EB5603886EAE6D23D4F4DAE8B9D54FB933B2 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\extensions\p9n9_awgb@avmav-.net\content\bg.js" sh=B936A79935B3945FAE972E0648D0517C49BAD4A6 ft=1 fh=9df2c62a28bf4a96 vn="Win32/DriverBooster.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Annelie\Downloads\driver_booster_setup_beta_1.0.exe" ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=048dfceec70424458d62b35a22c1cb99 # engine=14881 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2013-08-23 05:54:57 # local_time=2013-08-23 07:54:57 (+0100, West-Europa (zomertijd)) # country="Netherlands" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=774 16777214 85 93 1159639 153990369 0 0 # compatibility_mode=5892 16776573 100 100 15269 214813225 0 0 # scanned=188754 # found=0 # cleaned=0 # scan_time=6718 Maar misschien wil je een recentere versie? Dan moet ik helaas tot morgen wachten. Ik ben nu in een jachthaven en de internetverbinding is hier niet zo stabiel
  • Doe de scan nogmaals, als het goed is moet hij deze keer niks vinden. Hoe je dat nu op eenvoudige wijze doet: gebruik Eset nu als [img:e8da7f07b9]http://www.imgdumper.nl/uploads7/51e818553fadd/51e818553f6fd-EsetCanned.png[/img:e8da7f07b9] [color=#008000:e8da7f07b9][b:e8da7f07b9]OnlineScannerApp[/b:e8da7f07b9][/color:e8da7f07b9]. Navigeer naar [b:e8da7f07b9]C:\Program Files\ESET\ESET Online Scanner[/b:e8da7f07b9] en klik met rechts op [color=#0000FF:e8da7f07b9][b:e8da7f07b9]OnlineScannerApp.exe[/b:e8da7f07b9][/color:e8da7f07b9] en kies dan voor Snelkoppeling op het bureaublad plaatsen. Klik nu vervolgens met rechts op [b:e8da7f07b9]OnlineScannerApp[/b:e8da7f07b9] en kies voor "Als administrator opstaren". [img:e8da7f07b9]http://www.imgdumper.nl/uploads7/51f61602e6687/51f61602e3bb4-Eset_OnlineScannerApp.png[/img:e8da7f07b9] [list:e8da7f07b9][*:e8da7f07b9]Zet een vinkje bij de volgende opties: [list:e8da7f07b9][*:e8da7f07b9][b:e8da7f07b9][i:e8da7f07b9]Remove found threats[/i:e8da7f07b9][/b:e8da7f07b9] [*:e8da7f07b9][b:e8da7f07b9][i:e8da7f07b9]Scan archives[/i:e8da7f07b9][/b:e8da7f07b9][/list:u:e8da7f07b9] [*:e8da7f07b9]Klik vervolgens op [b:e8da7f07b9]Advanced Settings[/b:e8da7f07b9] [list:e8da7f07b9][*:e8da7f07b9][b:e8da7f07b9][i:e8da7f07b9]Scan for potentially unwanted applications[/i:e8da7f07b9][/b:e8da7f07b9] [*:e8da7f07b9][b:e8da7f07b9][i:e8da7f07b9]Scan for potentially unsafe applications[/i:e8da7f07b9][/b:e8da7f07b9] [*:e8da7f07b9][b:e8da7f07b9][i:e8da7f07b9]Enable Anti-Stealth technology[/i:e8da7f07b9][/b:e8da7f07b9][/list:u:e8da7f07b9] [*:e8da7f07b9]Klik op [b:e8da7f07b9]Start[/b:e8da7f07b9] en [b:e8da7f07b9]OnlineScannerApp[/b:e8da7f07b9] zal eerst naar updates zoeken en daarna de scan starten.[/list:u:e8da7f07b9]
  • Eset scan heeft inderdaad niets gevonden: ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=048dfceec70424458d62b35a22c1cb99 # engine=14863 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2013-08-22 01:46:36 # local_time=2013-08-22 03:46:36 (+0100, West-Europa (zomertijd)) # country="Netherlands" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=774 16777214 85 93 1058338 153889068 0 0 # compatibility_mode=5892 16776573 100 100 10457 214711924 0 0 # scanned=188170 # found=3 # cleaned=3 # scan_time=6762 sh=2378F9E258834CAD29B65B8EAE83E438F6868C72 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\extensions\gdce@oqleiu.net\content\bg.js" sh=0B63EB5603886EAE6D23D4F4DAE8B9D54FB933B2 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\extensions\p9n9_awgb@avmav-.net\content\bg.js" sh=B936A79935B3945FAE972E0648D0517C49BAD4A6 ft=1 fh=9df2c62a28bf4a96 vn="Win32/DriverBooster.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Annelie\Downloads\driver_booster_setup_beta_1.0.exe" ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=048dfceec70424458d62b35a22c1cb99 # engine=14881 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2013-08-23 05:54:57 # local_time=2013-08-23 07:54:57 (+0100, West-Europa (zomertijd)) # country="Netherlands" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=774 16777214 85 93 1159639 153990369 0 0 # compatibility_mode=5892 16776573 100 100 15269 214813225 0 0 # scanned=188754 # found=0 # cleaned=0 # scan_time=6718 # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=048dfceec70424458d62b35a22c1cb99 # engine=14890 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2013-08-25 09:09:20 # local_time=2013-08-25 11:09:20 (+0100, West-Europa (zomertijd)) # country="Netherlands" # lang=1043 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=771 16777214 33 81 89085 154131632 0 0 # compatibility_mode=5892 16776574 100 100 137634 214954488 0 0 # scanned=186569 # found=0 # cleaned=0 # scan_time=6702
  • Mooi zo. En laat maar weten hoe jou Windows inmiddels draait.
  • Internet Explorer werkt niet meer en Avast ook niet. Krijg dus die foutmelding van Avast: Failed tot load language dll [1033\UlLangeRes.dll] Misschien Avast verwijderen en opnieuw installeren? En Int Expl? Voor de rest lijkt alles weer oké. Ik ontdekte bij computer, vaste schijfstation ook een lokaal station (Q)???!!! :?
  • Je mag Avast opnieuw installeren. Download: http://www.chip.de/downloads/avast-Free-Antivirus_13010163.html Internet Explorer opnieuw instellen: [list:3b9248bbc5][*:3b9248bbc5]klik in IE op de knop [u:3b9248bbc5][color=#0000FF:3b9248bbc5]Extra[/color:3b9248bbc5][/u:3b9248bbc5] en kies [u:3b9248bbc5][color=#0000FF:3b9248bbc5]Internetopties[/color:3b9248bbc5][/u:3b9248bbc5]. [list:3b9248bbc5][*:3b9248bbc5]Of ga via het [u:3b9248bbc5][color=#0000FF:3b9248bbc5]Configuratiescherm[/color:3b9248bbc5][/u:3b9248bbc5] naar [u:3b9248bbc5][color=#0000FF:3b9248bbc5]Internetopties[/color:3b9248bbc5][/u:3b9248bbc5][/list:u:3b9248bbc5] [*:3b9248bbc5]Klik dan op de tab [u:3b9248bbc5][color=#0000FF:3b9248bbc5]Geavanceerd[/color:3b9248bbc5][/u:3b9248bbc5] en daar klik je op de knop [u:3b9248bbc5][color=#0000FF:3b9248bbc5]Opnieuw instellen[/color:3b9248bbc5][/u:3b9248bbc5]. [*:3b9248bbc5]Er volgt eerst en waarschuwing en een overzicht van de gevolgen door de actie! [*:3b9248bbc5]Zet ook een vinkje bij "Persoonlijke instellingen wissen.[/list:u:3b9248bbc5] [list:3b9248bbc5][*:3b9248bbc5]Daarbij wordt een uitgebreide schoonmaakactie uitgevoerd. [*:3b9248bbc5]Ook worden ook invoegtoepassingen (zoals bijv. extra zoekbalken van derden) uitgeschakeld.[/list:u:3b9248bbc5] [list:3b9248bbc5][*:3b9248bbc5]De favorieten blijven behouden. [*:3b9248bbc5]Bevestig dan ook de waarschuwing door nogmaals op de knop [u:3b9248bbc5][color=#0000FF:3b9248bbc5]Opnieuw instellen [/color:3b9248bbc5][/u:3b9248bbc5]te klikken.[/list:u:3b9248bbc5] [b:3b9248bbc5]Na deze actie is Internet Explorer bijna weer als nieuw.[/b:3b9248bbc5] Microsoft Fix voor IE: http://support.microsoft.com/kb/923737/nl
  • En toen ging het mis! Moest Avast eerst verwijderen. Heb via internet aswClear for Avast gebruikt om dit te doen, anders lukte het niet. Toen Avast opnieuw geïnstalleerd. Wilde Avast openen; pc gaf geen reactie, bleef maar draaien. Taakbeheer geprobeert te starten, ging niet, PC liep weer vast, met dezelfde foutmelding als in mijn eerste post (het maken van het dialoogvenster etc) Weer terug bij af? :cry: Later op de dag maar weer verder; ga nu even wat leuks doen...
  • Download [url=http://www.tweaking.com/content/page/windows_repair_all_in_one.html][b:c914cf4881][color=#FF0000:c914cf4881]Windows Repair All in One[/color:c914cf4881][/b:c914cf4881][/url]. [b:c914cf4881]Lees deze lange handleiding A.U.B. helemaal door voordat u begint.[/b:c914cf4881] [b:c914cf4881][color=#008000:c914cf4881]Notabene:[/color:c914cf4881] sluit voordat Windows Repair All in One de fix gaat doen, eerst alle andere openstaande vensters![/b:c914cf4881] [list:c914cf4881] [*:c914cf4881] Dubbelklik op "[b:c914cf4881][color=#008000:c914cf4881]tweaking.com_windows_repair_aio_setup.exe[/color:c914cf4881][/b:c914cf4881]" om de installatie daarvan te starten. [*:c914cf4881] [color=#0000FF:c914cf4881][b:c914cf4881]Windows Vista, 7 & 8[/b:c914cf4881][/color:c914cf4881]: rechtsklik op de setup.exe en dan kiezen voor Als Administrator uitvoeren. [*:c914cf4881] Klik in het scherm dat verschijnt op "[b:c914cf4881]Next[/b:c914cf4881]" om het programma op de computer te installeren. [*:c914cf4881] Volg de verder instructies van de installatie op, wanneer de installatie gereed is klikt u op "[b:c914cf4881]Next[/b:c914cf4881]" en daarna op "[b:c914cf4881]Finish[/b:c914cf4881]" [*:c914cf4881] Hierna wordt het programma automatisch opgestart. [*:c914cf4881] Indien wordt aangegeven, dat er een [b:c914cf4881]update[/b:c914cf4881] beschikbaar is, klikt u op [b:c914cf4881]JA[/b:c914cf4881] om hier mee akkoord te gaan. [list:c914cf4881] [*:c914cf4881] Indien u niet beschikt over een werkende internetverbinding, dan kiest u de optie "[b:c914cf4881]NEE[/b:c914cf4881]".[/list:u:c914cf4881] [*:c914cf4881] In het scherm wat nu verschijnt klik u op "[b:c914cf4881]Next[/b:c914cf4881]" zoals op de onderstaande afbeelding. [img:c914cf4881]http://www.imgdumper.nl/uploads6/50e858705fe93/50e858705e33a-WRAIO-b.png[/img:c914cf4881] [*:c914cf4881] Klik in het vervolg scherm / tabblad [b:c914cf4881]Step1[/b:c914cf4881] wederom op "[b:c914cf4881]Next[/b:c914cf4881]" [*:c914cf4881] Klik in het volgende scherm [b:c914cf4881]Step2[/b:c914cf4881] wederom op "[b:c914cf4881]Next[/b:c914cf4881]" [*:c914cf4881] Bij het volgende scherm [b:c914cf4881]Step3[/b:c914cf4881] klikt u op "[b:c914cf4881]Do it[/b:c914cf4881]" om de System File Checker uit te voeren zoals u kunt zien op de onderstaande afbeelding. [img:c914cf4881]http://www.imgdumper.nl/uploads6/50e859733bd22/50e859733a1c7-WRAIO-c.png[/img:c914cf4881] [*:c914cf4881] Er zal nu automatisch een CMD / DOS achtig scherm openen, druk hier op een toets om door te gaan. [img:c914cf4881]http://www.imgdumper.nl/uploads6/50e859d3a0b45/50e859d39eff0-WRAIO-d.png[/img:c914cf4881] [*:c914cf4881] Als deze scan gereed is klikt u wederom op "[b:c914cf4881]Next[/b:c914cf4881]" [*:c914cf4881] Klik in het volgende scherm [b:c914cf4881]Step4[/b:c914cf4881] wederom op "[b:c914cf4881]Next[/b:c914cf4881]" [*:c914cf4881] Klik hierna onder het tabblad [b:c914cf4881]Start repairs[/b:c914cf4881] op de knop [b:c914cf4881]Start[/b:c914cf4881] zoals op de onderstaande afbeelding. [img:c914cf4881]http://www.imgdumper.nl/uploads6/50e85bad2cdb8/50e85bad2ae7c-WRAIO-e.png[/img:c914cf4881] [*:c914cf4881] Er zal nu een melding verschijnen met de mededeling om een herstelpunt en register back-up aan te maken, klik hier op [b:c914cf4881]JA[/b:c914cf4881]. [img:c914cf4881]http://www.imgdumper.nl/uploads6/50e85c0027382/50e85c00267cc-WRAIO-f.png[/img:c914cf4881] [*:c914cf4881] Hierna verschijnt het volgende scherm. [img:c914cf4881]http://www.imgdumper.nl/uploads6/50e85c55ebef8/50e85c55e8459-WRAIO-g.png[/img:c914cf4881] [*:c914cf4881] Voer nu verder niets uit op de computer, laat het programma zijn werk doen. [*:c914cf4881] Als het bovenstaande scherm is gesloten druk dan nogmaals op [b:c914cf4881]Start[/b:c914cf4881]. [*:c914cf4881] Standaard staan nu alle items aangevinkt, laat deze zo staan en klik op de knop [b:c914cf4881]start[/b:c914cf4881] zoals u kunt zien op de onderstaande afbeelding. [img:c914cf4881]http://www.imgdumper.nl/uploads6/50e85d423523e/50e85d4231b8f-WRAIO-h.png[/img:c914cf4881] [*:c914cf4881] Laat het programma nu zijn werk doen en doe verder niets op het systeem, er zullen nu van allerlei CMD schermen verschijnen klik deze dan ook nooit weg. [*:c914cf4881] Ik het rode kader op de onderstaande afbeelding ziet u de voorgang van de tool. [img:c914cf4881]http://www.imgdumper.nl/uploads6/50e85f3bddd01/50e85f3bd67d4-WRAIO-i.png[/img:c914cf4881] [*:c914cf4881] Als het erop lijkt alsof de tool niets meer doet, laat het systeem dan nog steeds met rust en wacht af tot het volgende scherm verschijnt. [*:c914cf4881] Wanneer in een volgende scherm daarom gevraagd wordt, klikt u op "[b:c914cf4881]JA[/b:c914cf4881]" [img:c914cf4881]http://www.imgdumper.nl/uploads6/50e8621861f05/50e862186134e-WRAIO-j.png[/img:c914cf4881] [*:c914cf4881] De computer wordt nu vanzelf na 30 seconden opnieuw opgestart.[/list:u:c914cf4881]
  • Ik heb al eens eerder met succes gebruikt gemaakt van dit forum; kijken of dit nu weer lukt: Sinds een paar dagen loopt mijn laptop (Vista, ongeveer 5 jaar oud) vast. Reageert dan ook niet meer op normaal afsluiten. dit doe ik dan met de aan/uit knop. Veilige modus gaat goed. Als de laptop vast loopt en ik probeer taakbeheer op te starten, dan komt er een foutmelding: Het maken van het dialoogvester voor beveiligingsopties door het proces voor aan...(meer tekst past niet in het kader) Ik druk op OK; krijg een zwart scherm en sta weer vast. Heb verschillende scanners gedraaid: Avast, CCleaner, SuperAntispyware, Malwarebytes. De laatstgenoemde vond niets, dus niet nodig een logje te plaatsen. Heb een Hijackthis log gemaakt. Ik hoop dat er iemand is die hier na wil kijken en mij kan helpen! : Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 8:13:42, on 24-8-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16502) CHROME: 29.0.1547.57 Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Hijackthis\HijackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://alawar.co.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O3 - Toolbar: (no name) - {f230d1cd-647f-4856-8538-8c0d39e5ecf2} - (no file) O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe MouseDrv.exe O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user') O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1c9f67b409fb1c7) (gupdate1c9f67b409fb1c7) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files\Online Games Manager\ogmservice.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 8581 bytes (Ik weet het, de laptop verouderd, harde schijf loopt vol.... Maar misschien valt er nog wat te verbeteren alvorens een nieuw exemplaar aan te schaffen)

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.