Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

laptop loopt vast; foutmelding beveiligingsopties

None
75 antwoorden
  • Ik heb al eens eerder met succes gebruikt gemaakt van dit forum; kijken of dit nu weer lukt:

    Sinds een paar dagen loopt mijn laptop (Vista, ongeveer 5 jaar oud) vast. Reageert dan ook niet meer op normaal afsluiten. dit doe ik dan met de aan/uit knop. Veilige modus gaat goed.
    Als de laptop vast loopt en ik probeer taakbeheer op te starten, dan komt er een foutmelding: Het maken van het dialoogvester voor beveiligingsopties door het proces voor aan…(meer tekst past niet in het kader) Ik druk op OK; krijg een zwart scherm en sta weer vast.
    Heb verschillende scanners gedraaid: Avast, CCleaner, SuperAntispyware, Malwarebytes. De laatstgenoemde vond niets, dus niet nodig een logje te plaatsen.
    Heb een Hijackthis log gemaakt. Ik hoop dat er iemand is die hier na wil kijken en mij kan helpen! :
    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 8:13:42, on 24-8-2013
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16502)
    CHROME: 29.0.1547.57

    Boot mode: Safe mode with network support

    Running processes:
    C:\Windows\Explorer.EXE
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Hijackthis\HijackThis.exe
    C:\Windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://alawar.co.nl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O3 - Toolbar: (no name) - {f230d1cd-647f-4856-8538-8c0d39e5ecf2} - (no file)
    O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
    O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe MouseDrv.exe
    O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEEM')
    O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
    O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate1c9f67b409fb1c7) (gupdate1c9f67b409fb1c7) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
    O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files\Online Games Manager\ogmservice.exe
    O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


    End of file - 8581 bytes

    (Ik weet het, de laptop verouderd, harde schijf loopt vol…. Maar misschien valt er nog wat te verbeteren alvorens een nieuw exemplaar aan te schaffen)
  • Hallo Eline, we gaan kijken - graag de drie logs in één keer posten.


  • Bedankt voor je hulp! Hier de resultaten:

    # AdwCleaner v3.000 - Report created 24/08/2013 at 10:22:52
    # Updated 20/08/2013 by Xplode
    # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Username : Annelie - PC_VAN_BOUIUS
    # Running from : C:\Users\Annelie\Desktop\adwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\AVG Security Toolbar
    Folder Deleted : C:\ProgramData\boost_interprocess
    Folder Deleted : C:\ProgramData\InstallMate
    Folder Deleted : C:\ProgramData\SoftSafe
    Folder Deleted : C:\ProgramData\Trymedia
    Folder Deleted : C:\ProgramData\Alawar Stargaze
    Folder Deleted : C:\ProgramData\AlawarWrapper
    Folder Deleted : C:\ProgramData\Brrowse2save
    Folder Deleted : C:\Program Files\Bandoo
    Folder Deleted : C:\Program Files\Conduit
    Folder Deleted : C:\Program Files\iMesh Applications
    Folder Deleted : C:\Program Files\Trymedia
    Folder Deleted : C:\Users\Annelie\AppData\Local\Conduit
    Folder Deleted : C:\Users\Annelie\AppData\Local\iMesh
    Folder Deleted : C:\Users\Annelie\AppData\LocalLow\AVG Security Toolbar
    Folder Deleted : C:\Users\Annelie\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Annelie\AppData\LocalLow\FunWebProducts
    Folder Deleted : C:\Users\Annelie\AppData\LocalLow\mediabarim
    Folder Deleted : C:\Users\Annelie\AppData\LocalLow\PriceGong
    Folder Deleted : C:\Users\Annelie\AppData\LocalLow\MyAshampoo
    Folder Deleted : C:\Users\Annelie\AppData\Roaming\DriverCure
    Folder Deleted : C:\Users\Annelie\AppData\Roaming\dvdvideosoftiehelpers
    Folder Deleted : C:\Users\Annelie\AppData\Roaming\iWin
    Folder Deleted : C:\Users\Annelie\AppData\Roaming\ParetoLogic
    Folder Deleted : C:\Users\Annelie\AppData\Roaming\Systweak
    Folder Deleted : C:\Users\Annelie\AppData\Roaming\Alawar Stargaze
    Folder Deleted : C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
    Folder Deleted : C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\Extensions\p9n9_awgb@avmav-.net
    File Deleted : C:\Windows\system32\roboot.exe
    File Deleted : C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\user.js

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [p9n9_awgb@avmav-.net]
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
    Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2DB9E23-17E8-4A40-BF7F-BC17D974E1DD}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED736C84-975C-4D72-A847-0AB2199C8CB6}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKCU\Software\
    Key Deleted : HKCU\Software\
    Key Deleted : HKLM\Software\AVG Security Toolbar
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\conduitEngine
    Key Deleted : HKLM\Software\DataMngr
    Key Deleted : HKLM\Software\MyAshampoo\toolbar
    Key Deleted : HKLM\Software\PIP
    Key Deleted : HKLM\Software\SProtector
    Key Deleted : HKLM\Software\systweak
    Key Deleted : HKLM\Software\
    Key Deleted : HKLM\Software\MyAshampoo
    Key Deleted : HKLM\Software\
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\

    ***** [ Browsers ] *****

    -\\ Internet Explorer v9.0.8112.16502

    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]

    -\\ Mozilla Firefox v

    [ File : C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\prefs.js ]


    -\\ Google Chrome v

    [ File : C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [11539 octets] - [24/08/2013 10:12:11]
    AdwCleaner[R1].txt - [11600 octets] - [24/08/2013 10:21:08]
    AdwCleaner[S0].txt - [8265 octets] - [24/08/2013 10:22:52]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8325 octets] ##########


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 5.5.4 (08.22.2013:1)
    OS: Windows Vista (TM) Home Premium x86
    Ran by Annelie on za 24-08-2013 at 10:33:47,24
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\uniblue
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B33E9814-8BB4-4A1C-9BDD-D5E81BD5C091}



    ~~~ Files

    Successfully deleted: [File] C:\Windows\system32\shoB9A8.tmp
    Successfully deleted: [File] C:\Windows\system32\shoF323.tmp



    ~~~ Folders

    Successfully deleted: [Folder] "C:\ProgramData\big fish games"
    Successfully deleted: [Folder] "C:\ProgramData\fighters"
    Successfully deleted: [Folder] "C:\Users\Annelie\AppData\Roaming\big fish games"
    Successfully deleted: [Folder] "C:\Users\Annelie\AppData\Roaming\fighters"
    Successfully deleted: [Folder] "C:\Users\Annelie\AppData\Roaming\goforfiles"
    Successfully deleted: [Folder] "C:\Users\Annelie\AppData\Roaming\uniblue\speedupmypc"
    Successfully deleted: [Folder] "C:\Program Files\goforfiles"
    Successfully deleted: [Empty Folder] C:\Users\Annelie\appdata\local\{A2729467-2A7C-4E8D-895F-A60E324BED1F}
    Successfully deleted: [Empty Folder] C:\Users\Annelie\appdata\local\{A8ACDE4D-647B-4C28-B02C-6A3C3194A568}
    Successfully deleted: [Empty Folder] C:\Users\Annelie\appdata\local\{BBC54A1F-83A2-4E88-B0C5-A57F0DA7A451}
    Successfully deleted: [Empty Folder] C:\Users\Annelie\appdata\local\{E40BE0F5-FDEB-4523-89F2-6221F6CFECA9}



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on za 24-08-2013 at 10:35:41,55
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    RogueKiller V8.6.6 [Aug 19 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.adlice.com/forum/
    Website : http://www.adlice.com/softwares
    oguekiller/
    Blog : http://tigzyrk.blogspot.com/

    besturingssysteem : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
    Gestart vanuit : Veilige modus met netwerk ondersteuning
    Gebruiker : Annelie [Administrator rechten]
    Modus : Scan – Datum : 08/24/2013 10:39:03
    | ARK || FAK || MBR |

    &curren;&curren;&curren; Kwaadaardige processen : 0 &curren;&curren;&curren;

    &curren;&curren;&curren; Register verwijzingen : 7 &curren;&curren;&curren;
    [RUN][SUSP PATH] HKCU\[…]\Run : Google Update ("C:\Users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> gevonden
    [RUN][SUSP PATH] HKUS\S-1-5-21-3664994681-2771770649-958364049-1000\[…]\Run : Google Update ("C:\Users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> gevonden
    [HJ POL] HKCU\[…]\System : DisableTaskMgr (0) -> gevonden
    [HJ POL] HKCU\[…]\System : DisableRegistryTools (0) -> gevonden
    [HJ POL] HKLM\[…]\System : DisableRegistryTools (0) -> gevonden
    [HJ DESK] HKLM\[…]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> gevonden
    [HJ DESK] HKLM\[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden

    &curren;&curren;&curren; geplande taken : 2 &curren;&curren;&curren;
    [V1][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-3664994681-2771770649-958364049-1000UA.job : C:\Users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> gevonden
    [V1][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-3664994681-2771770649-958364049-1000Core.job : C:\Users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> gevonden

    &curren;&curren;&curren; Startup Entries : 0 &curren;&curren;&curren;

    &curren;&curren;&curren; webbrowsers : 0 &curren;&curren;&curren;

    &curren;&curren;&curren; Speciale Files / Folders: &curren;&curren;&curren;

    &curren;&curren;&curren; Driver : [Niet geladen 0xc000035f] &curren;&curren;&curren;

    &curren;&curren;&curren; Externe Hives: &curren;&curren;&curren;

    &curren;&curren;&curren; Infectie : &curren;&curren;&curren;

    &curren;&curren;&curren; HOSTS Bestand: &curren;&curren;&curren;
    –> %SystemRoot%\System32\drivers\etc\hosts


    127.0.0.1 localhost


    &curren;&curren;&curren; MBR Controle: &curren;&curren;&curren;

    +++++ PhysicalDrive0: TOSHIBA MK1652GSX +++++
    — User —
    [MBR] 95317f4ed211d593ce5e8f6e58c6d935
    [BSP] 7296854703d6b267fd937391933a27d1 : Windows Vista MBR Code
    Partition table:
    0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
    1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 76154 Mo
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 159037440 | Size: 74971 Mo
    User = LL1 … OK!
    User = LL2 … OK!

    Gereed : << RKreport[0]_S_08242013_103903.txt >>
  • [b:c91f02b485]Download [img:c91f02b485]http://www.imgdumper.nl/uploads6/51c590ce3cf4a/51c590ce361e7-ComboFix_resized_2.png[/img:c91f02b485]
  • Ik heb het e.e.a. nog steeds in de veilige modus gedaan. Kreeg tijdens de uitvoering van combifix wel een waarschuwing dat de realtime scanner van Avast actief zou zijn. Ik zie echter rechtsonderin geen Avast pictogram. Ik heb toen Avast proberen te openen via het pictogram op het bureaublad, maar toen gaf de pc de volgende fout:
    Failed to load language dll [1033/UlLangeRes,dll]. Ik heb Combifix maar gewoon laten draaien. Dit is het resultaat:

    ComboFix 13-08-22.01 - Annelie 24-08-2013 11:09:09.1.2 - x86 NETWORK
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.2939.2337 [GMT 2:00]
    Gestart vanuit: c:\users\Annelie\Desktop\ComboFix.exe
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\prefs.js
    c:\users\Annelie\AppData\Roaming\Roaming
    c:\windows\unin0413.exe
    c:\windows\wininit.ini
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2013-07-24 to 2013-08-24 ))))))))))))))))))))))))))))))
    .
    .
    2013-08-24 09:17 . 2013-08-24 09:17 ——– d—–w- c:\users\Annelie\AppData\Local\temp
    2013-08-24 08:33 . 2013-08-24 08:33 ——– d—–w- c:\windows\ERUNT
    2013-08-24 08:12 . 2013-08-24 08:23 ——– d—–w- C:\AdwCleaner
    2013-08-23 13:40 . 2013-08-06 07:28 7166848 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{15DB44C6-14A4-427F-951C-DFDB1E73128C}\mpengine.dll
    2013-08-22 19:06 . 2013-08-22 19:06 ——– d—–w- c:\program files\Youda Mystery The Stanwick Legacy
    2013-08-22 18:01 . 2013-08-22 18:01 ——– d—–w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
    2013-08-22 18:00 . 2013-08-22 18:37 ——– d—–w- c:\program files\IObit
    2013-08-22 17:57 . 2013-08-22 18:00 ——– d—–w- c:\users\Annelie\AppData\Roaming\Wise Registry Cleaner
    2013-08-22 17:56 . 2013-08-22 17:56 ——– d—–w- c:\program files\Wise
    2013-08-22 15:19 . 2009-06-04 17:43 330264 —-a-w- c:\windows\system32\drivers\iaStor.sys
    2013-08-19 19:38 . 2013-08-19 19:38 ——– d—–w- c:\users\Annelie\AppData\Local\iLinc
    2013-08-17 07:47 . 2013-04-04 12:50 22856 —-a-w- c:\windows\system32\drivers\mbam.sys
    2013-08-17 07:47 . 2013-08-17 07:47 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2013-08-15 19:14 . 2013-08-15 19:14 ——– d—–w- c:\users\Annelie\AppData\Roaming\DieselPuppet
    2013-08-14 13:12 . 2013-08-14 13:12 ——– d—–w- C:\Intel
    2013-08-14 13:08 . 2013-08-14 13:08 80488 —-a-w- c:\windows\system32\RtNicProp32.dll
    2013-08-14 13:08 . 2013-08-14 13:08 454288 —-a-w- c:\windows\system32\drivers\Rtlh86.sys
    2013-08-14 13:04 . 2013-08-14 13:04 852824 —-a-w- c:\windows\system32\RTKSMSettingsIPC.dll
    2013-08-14 12:59 . 2013-08-22 18:01 ——– d—–w- c:\programdata\IObit
    2013-08-14 12:59 . 2013-08-22 18:06 ——– d—–w- c:\users\Annelie\AppData\Roaming\IObit
    2013-08-14 12:19 . 2013-06-15 11:23 24064 —-a-w- c:\windows\system32\drivers\tssecsrv.sys
    2013-08-14 12:19 . 2013-06-15 13:22 15872 —-a-w- c:\windows\system32\icaapi.dll
    2013-08-14 12:19 . 2013-07-05 04:53 905664 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2013-08-14 12:19 . 2013-07-17 19:41 2048 —-a-w- c:\windows\system32\tzres.dll
    2013-08-14 12:19 . 2013-07-10 09:47 783360 —-a-w- c:\windows\system32\rpcrt4.dll
    2013-08-14 12:19 . 2013-07-09 12:10 1205168 —-a-w- c:\windows\system32
    tdll.dll
    2013-08-14 12:19 . 2013-07-08 04:55 3603904 —-a-w- c:\windows\system32
    tkrnlpa.exe
    2013-08-14 12:19 . 2013-07-08 04:55 3551680 —-a-w- c:\windows\system32
    toskrnl.exe
    2013-08-14 12:18 . 2013-07-08 04:16 133120 —-a-w- c:\windows\system32\cryptsvc.dll
    2013-08-14 12:18 . 2013-07-08 04:16 992768 —-a-w- c:\windows\system32\crypt32.dll
    2013-08-14 12:18 . 2013-07-08 04:20 172544 —-a-w- c:\windows\system32\wintrust.dll
    2013-08-14 12:18 . 2013-07-08 04:16 98304 —-a-w- c:\windows\system32\cryptnet.dll
    2013-08-09 19:51 . 2013-08-09 19:51 ——– d—–w- c:\users\Annelie\AppData\Roaming\AlawarEntertainment
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-08-14 13:09 . 2009-07-17 14:48 268832 —-a-w- c:\windows\system32\igfxsrvc.exe
    2013-08-14 13:09 . 2009-07-17 14:48 138784 —-a-w- c:\windows\system32\igfxtray.exe
    2013-08-14 13:09 . 2008-08-19 11:04 57856 —-a-w- c:\windows\system32\igfxsrvc.dll
    2013-08-14 13:09 . 2008-08-19 11:04 261632 —-a-w- c:\windows\system32\igfxTMM.dll
    2013-08-14 13:09 . 2009-07-17 14:48 86016 —-a-w- c:\windows\system32\igfxrnld.lrc
    2013-08-14 13:09 . 2008-08-19 11:04 828928 —-a-w- c:\windows\system32\igfxress.dll
    2013-08-14 13:09 . 2009-07-17 14:48 173600 —-a-w- c:\windows\system32\igfxpers.exe
    2013-08-14 13:09 . 2008-08-19 11:04 228864 —-a-w- c:\windows\system32\igfxdev.dll
    2013-08-14 13:09 . 2009-07-17 14:48 172064 —-a-w- c:\windows\system32\hkcmd.exe
    2013-08-14 13:09 . 2008-08-19 11:04 95232 —-a-w- c:\windows\system32\hccutils.dll
    2013-08-14 13:08 . 2009-11-12 06:24 100896 —-a-w- c:\windows\system32\RTNUninst32.dll
    2013-08-14 13:04 . 2008-11-19 13:01 3237448 —-a-w- c:\windows\system32\RtkAPO.dll
    2013-07-25 07:46 . 2013-07-25 07:46 97008 —-a-w- c:\windows\system32\drivers\RapportKELL.sys
    2013-07-14 07:47 . 2012-03-30 05:56 692104 —-a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-07-14 07:47 . 2011-05-24 13:12 71048 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-06-28 09:59 . 2013-03-05 06:06 175176 —-a-w- c:\windows\system32\drivers\aswVmm.sys
    2013-06-28 09:59 . 2011-04-29 16:02 369584 —-a-w- c:\windows\system32\drivers\aswSP.sys
    2013-06-28 09:59 . 2011-04-29 16:02 770344 —-a-w- c:\windows\system32\drivers\aswSnx.sys
    2013-06-27 18:19 . 2013-06-27 18:19 94632 —-a-w- c:\windows\system32\WindowsAccessBridge.dll
    2013-06-27 18:19 . 2012-06-24 15:01 867240 —-a-w- c:\windows\system32
    pdeployJava1.dll
    2013-06-27 18:19 . 2010-06-05 13:13 789416 —-a-w- c:\windows\system32\deployJava1.dll
    2013-06-04 01:50 . 2013-07-10 06:07 2049024 —-a-w- c:\windows\system32\win32k.sys
    2013-06-01 04:06 . 2013-07-10 06:07 505344 —-a-w- c:\windows\system32\qedit.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2013-05-09 08:58 121968 —-a-w- c:\program files\AVAST Software\Avast\ashShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2013-08-14 11930696]
    "WireLessMouse"="c:\program files\Trust\Trust R-series Mouse And Keyboard\StartAutorun.exe" [2007-03-06 212992]
    "KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
    "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-08-14 138784]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-08-14 172064]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2013-08-14 173600]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "TOSHIBA Online Product Information"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync
    estart
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
    @="Driver"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
    @="Driver"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
    @="Service"
    .
    [HKLM\~\startupfolder\C:^Users^Annelie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeRapid 0.83u1.lnk]
    path=c:\users\Annelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeRapid 0.83u1.lnk
    backup=c:\windows\pss\FreeRapid 0.83u1.lnk.Startup
    backupExtension=.Startup
    .
    [HKLM\~\startupfolder\C:^Users^Annelie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]
    path=c:\users\Annelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    backup=c:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
    backupExtension=.Startup
    .
    [HKLM\~\startupfolder\C:^Users^Annelie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0 .lnk]
    path=c:\users\Annelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0 .lnk
    backup=c:\windows\pss\OpenOffice.org 3.0 .lnk.Startup
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
    2013-08-17 08:09 5703920 —-a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    2013-03-22 04:07 248208 —-a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
    2010-10-26 13:00 1050072 —-a-w- c:\program files\Toshiba TEMPRO\TemproTray.exe
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "Google Update"="c:\users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001
    .
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-05-23 119056]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - ECACHE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2013-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 07:47]
    .
    2013-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 16:29]
    .
    2013-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 16:29]
    .
    2013-08-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3664994681-2771770649-958364049-1000Core.job
    - c:\users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-06 13:15]
    .
    2013-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3664994681-2771770649-958364049-1000UA.job
    - c:\users\Annelie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-06 13:15]
    .
    .
    ——- Bijkomende Scan ——-
    .
    mStart Page = hxxp://alawar.co.nl
    mSearch Bar = hxxp://www.google.com
    uInternet Settings,ProxyOverride = *.local
    Trusted Zone: microsoft.com\www
    TCP: DhcpNameServer = 192.168.1.1
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-{f230d1cd-647f-4856-8538-8c0d39e5ecf2} - (no file)
    SafeBoot-SolutoService
    MSConfigStartUp-PowerSuite - c:\program files\Uniblue\PowerSuite\launcher.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2013-08-24 11:17
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:0000007b
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Voltooingstijd: 2013-08-24 11:19:51
    ComboFix-quarantined-files.txt 2013-08-24 09:19
    .
    Pre-Run: 15.969.943.552 bytes beschikbaar
    Post-Run: 16.840.736.768 bytes beschikbaar
    .
    - - End Of File - - FE45FED81167A531FD4FB8A68FC8B71A
    5C616939100B85E558DA92B899A0FC36




  • Hoi Eline, verwijder alles wat je van Iobit in jouw Windows hebt.
    Iobit is een Chinese softwareleverancier die het niet bepaald nauw neemt met andermans software eigendommen!

    Download de [img:74a1a97478]http://www.imgdumper.nl/uploads6/51a46c3b1810a/51a46c3b17d42-HitmanPro-logo16px.png[/img:74a1a97478] [b:74a1a97478]
  • [code:1:7707f6eb86]
    HitmanPro 3.7.7.203
    www.hitmanpro.com

    Computer name . . . . : PC_VAN_BOUIUS
    Windows . . . . . . . : 6.0.2.6002.X86/2
    Safe Mode Boot . . . : NETWORK
    User name . . . . . . : PC_van_bouius\Annelie
    UAC . . . . . . . . . : Disabled
    License . . . . . . . : Trial (30 days left)

    Scan date . . . . . . : 2013-08-24 14:06:28
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 3m 12s
    Disk access mode . . : Direct disk access (SRB)
    Cloud . . . . . . . . : Internet
    Reboot . . . . . . . : Yes

    Threats . . . . . . . : 6
    Traces . . . . . . . : 201

    Objects scanned . . . : 1.857.722
    Files scanned . . . . : 26.748
    Remnants scanned . . : 377.454 files / 1.453.520 keys

    Suspicious files ____________________________________________________________

    C:\Users\Annelie\AppData\Roaming\LeeGT-Games\Jet Set Go\install\CB98F35\Jet Set Go.exe
    Size . . . . . . . : 8.369.496 bytes
    Age . . . . . . . : 855.3 days (2011-04-22 07:11:18)
    Entropy . . . . . : 7.7
    SHA-256 . . . . . : E3C5367A7C8EC47836DEA122B145C62B4CCB36BA5E16FB942B35D11F3329EFEC
    Version . . . . . : 3.3.0.63135
    RSA Key Size . . . : 1024
    Authenticode . . . : Invalid
    Fuzzy . . . . . . : 27.0
    Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
    Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
    Authors name is missing in version info. This is not common to most programs.
    Program contains PE structure anomalies. This is not typical for most programs.

    C:\Windows\system32\igfxdev.dll -> Quarantined
    Size . . . . . . . : 228.864 bytes
    Age . . . . . . . : 10.0 days (2013-08-14 15:09:43)
    Entropy . . . . . : 6.5
    SHA-256 . . . . . : D8A4AD4FFAB2C0F9A8E5DB8985CC9D0C25C9B7BB03B981249DB812B81E90748C
    Product . . . . . : Intel(R) Common User Interface
    Publisher . . . . : Intel Corporation
    Description . . . : igfxdev Module
    Version . . . . . : 8.15.10.2869
    Copyright . . . . : Copyright 1999-2006, Intel Corporation
    Fuzzy . . . . . . : 24.0
    This file was most recently added as automatic startup.
    Automatically starts as notification package during interactive logon. Malware tends to start this way.
    Program starts automatically without user intervention.
    The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
    Time indicates that the file appeared recently on this computer.
    Startup
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\
    Forensic Cluster
    -27.9s C:\Windows\System32\DriverStore\FileRepository
    etrtx32.inf_14fa1fff\
    -27.9s C:\Windows\System32\DriverStore\FileRepository
    etrtx32.inf_14fa1fff\component.man
    -27.9s C:\Windows\System32\DriverStore\FileRepository
    etrtx32.inf_14fa1fff\component.man
    -27.9s C:\Windows\System32\DriverStore\FileRepository
    etrtx32.inf_14fa1fff\component.man
    -27.0s C:\Windows\inf\oem31.inf
    -26.4s C:\Windows\inf\oem31.PNF
    -26.4s C:\Windows\inf\oem31.PNF
    -26.4s C:\Windows\inf\oem31.PNF
    -24.4s C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem31.CAT
    -23.7s C:\Windows\System32\DriverStore\FileRepository
    etrtx32.inf_14fa1fff
    etrtx32.PNF
    -23.7s C:\Windows\System32\DriverStore\FileRepository
    etrtx32.inf_14fa1fff
    etrtx32.PNF
    -11.1s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\d3dx10_40.dll
    -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.de-DE.resources
    -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.da-DK.resources
    -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.ar-SA.resources
    -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.cs-CZ.resources
    -10.8s C:\Windows\System32\Gfxres.ar-SA.resources
    -10.8s C:\Windows\System32\Gfxres.cs-CZ.resources
    -10.8s C:\Windows\System32\Gfxres.cs-CZ.resources
    -10.8s C:\Windows\System32\Gfxres.cs-CZ.resources
    -10.8s C:\Windows\System32\Gfxres.da-DK.resources
    -10.8s C:\Windows\System32\Gfxres.de-DE.resources
    -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.el-GR.resources
    -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.en-US.resources
    -10.8s C:\Windows\System32\Gfxres.el-GR.resources
    -10.8s C:\Windows\System32\Gfxres.en-US.resources
    -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.fi-FI.resources
    -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.he-IL.resources
    -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.es-ES.resources
    -10.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.fr-FR.resources
    -10.8s C:\Windows\System32\Gfxres.es-ES.resources
    -10.8s C:\Windows\System32\Gfxres.fi-FI.resources
    -10.8s C:\Windows\System32\Gfxres.fr-FR.resources
    -10.8s C:\Windows\System32\Gfxres.he-IL.resources
    -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.hu-HU.resources
    -10.7s C:\Windows\System32\Gfxres.hu-HU.resources
    -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.it-IT.resources
    -10.7s C:\Windows\System32\Gfxres.it-IT.resources
    -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.ja-JP.resources
    -10.7s C:\Windows\System32\Gfxres.ja-JP.resources
    -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.nb-NO.resources
    -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.ko-KR.resources
    -10.7s C:\Windows\System32\Gfxres.ko-KR.resources
    -10.7s C:\Windows\System32\Gfxres.nb-NO.resources
    -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.nl-NL.resources
    -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.pl-PL.resources
    -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.pt-BR.resources
    -10.7s C:\Windows\System32\Gfxres.nl-NL.resources
    -10.7s C:\Windows\System32\Gfxres.pl-PL.resources
    -10.7s C:\Windows\System32\Gfxres.pt-BR.resources
    -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.sk-SK.resources
    -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.pt-PT.resources
    -10.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.ru-RU.resources
    -10.7s C:\Windows\System32\Gfxres.pt-PT.resources
    -10.7s C:\Windows\System32\Gfxres.ru-RU.resources
    -10.7s C:\Windows\System32\Gfxres.sk-SK.resources
    -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.th-TH.resources
    -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.sl-SI.resources
    -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.sv-SE.resources
    -10.6s C:\Windows\System32\Gfxres.sl-SI.resources
    -10.6s C:\Windows\System32\Gfxres.sv-SE.resources
    -10.6s C:\Windows\System32\Gfxres.th-TH.resources
    -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.zh-CN.resources
    -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.tr-TR.resources
    -10.6s C:\Windows\System32\Gfxres.tr-TR.resources
    -10.6s C:\Windows\System32\Gfxres.zh-CN.resources
    -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\gfxSrvc.dll
    -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\Gfxres.zh-TW.resources
    -10.6s C:\Windows\System32\gfxSrvc.dll
    -10.6s C:\Windows\System32\Gfxres.zh-TW.resources
    -10.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\GfxUI.exe
    -10.6s C:\Windows\System32\GfxUI.exe
    -9.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\GfxUI.exe.config
    -9.4s C:\Windows\System32\GfxUI.exe.config
    -9.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\hccutils.dll
    -9.4s C:\Windows\System32\hccutils.dll
    -9.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\hkcmd.exe
    -9.3s C:\Windows\System32\hkcmd.exe
    -9.3s C:\Windows\System32\hkcmd.exe
    -8.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\ig4icd32.dll
    -8.9s C:\Windows\System32\ig4icd32.dll
    -5.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igcompkrng500.bin
    -5.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igd10umd32.dll
    -5.7s C:\Windows\System32\igd10umd32.dll
    -4.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igdkmd32.sys
    -4.3s C:\Windows\System32\drivers\igdkmd32.sys
    -2.0s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igdumd32.dll
    -2.0s C:\Windows\System32\igdumd32.dll
    -0.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igdumdx32.dll
    -0.2s C:\Windows\System32\igdumdx32.dll
    -0.0s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfcg500m.bin
    -0.0s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxcpl.cpl
    -0.0s C:\Windows\System32\igfxcpl.cpl
    0.0s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxdev.dll
    0.0s C:\Windows\System32\igfxdev.dll
    0.1s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\IGFXDEVLib.dll
    0.1s C:\Windows\System32\IGFXDEVLib.dll
    0.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxdo.dll
    0.2s C:\Windows\System32\igfxdo.dll
    0.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxexps.dll
    0.2s C:\Windows\System32\igfxexps.dll
    0.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxext.exe
    0.2s C:\Windows\System32\igfxext.exe
    0.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxpers.exe
    0.3s C:\Windows\System32\igfxpers.exe
    0.3s C:\Windows\System32\igfxpers.exe
    0.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxpph.dll
    0.3s C:\Windows\System32\igfxpph.dll
    0.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrara.lrc
    0.3s C:\Windows\System32\igfxrara.lrc
    0.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrchs.lrc
    0.3s C:\Windows\System32\igfxrchs.lrc
    0.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrcht.lrc
    0.4s C:\Windows\System32\igfxrcht.lrc
    0.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrcsy.lrc
    0.4s C:\Windows\System32\igfxrcsy.lrc
    0.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrdan.lrc
    0.4s C:\Windows\System32\igfxrdan.lrc
    0.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrdeu.lrc
    0.4s C:\Windows\System32\igfxrdeu.lrc
    0.5s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrell.lrc
    0.5s C:\Windows\System32\igfxrell.lrc
    0.5s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrenu.lrc
    0.5s C:\Windows\System32\igfxrenu.lrc
    0.5s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxresn.lrc
    0.5s C:\Windows\System32\igfxresn.lrc
    0.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxress.dll
    0.6s C:\Windows\System32\igfxress.dll
    0.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrfin.lrc
    0.9s C:\Windows\System32\igfxrfin.lrc
    0.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrfra.lrc
    0.9s C:\Windows\System32\igfxrfra.lrc
    0.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrheb.lrc
    0.9s C:\Windows\System32\igfxrheb.lrc
    1.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrhun.lrc
    1.2s C:\Windows\System32\igfxrhun.lrc
    1.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrita.lrc
    1.2s C:\Windows\System32\igfxrita.lrc
    1.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrjpn.lrc
    1.2s C:\Windows\System32\igfxrjpn.lrc
    1.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrkor.lrc
    1.2s C:\Windows\System32\igfxrkor.lrc
    1.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrnld.lrc
    1.3s C:\Windows\System32\igfxrnld.lrc
    1.3s C:\Windows\System32\igfxrnld.lrc
    1.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrnor.lrc
    1.3s C:\Windows\System32\igfxrnor.lrc
    1.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrplk.lrc
    1.3s C:\Windows\System32\igfxrplk.lrc
    1.3s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrptb.lrc
    1.3s C:\Windows\System32\igfxrptb.lrc
    1.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrptg.lrc
    1.6s C:\Windows\System32\igfxrptg.lrc
    1.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrrus.lrc
    1.6s C:\Windows\System32\igfxrrus.lrc
    1.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrsky.lrc
    1.6s C:\Windows\System32\igfxrsky.lrc
    1.6s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrslv.lrc
    1.6s C:\Windows\System32\igfxrslv.lrc
    1.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrsve.lrc
    1.7s C:\Windows\System32\igfxrsve.lrc
    1.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrtha.lrc
    1.8s C:\Windows\System32\igfxrtha.lrc
    1.8s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxrtrk.lrc
    1.8s C:\Windows\System32\igfxrtrk.lrc
    1.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxsrvc.dll
    1.9s C:\Windows\System32\igfxsrvc.dll
    1.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxsrvc.exe
    1.9s C:\Windows\System32\igfxsrvc.exe
    1.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxTMM.dll
    1.9s C:\Windows\System32\igfxTMM.dll
    2.0s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igfxtray.exe
    2.0s C:\Windows\System32\igfxtray.exe
    2.0s C:\Windows\System32\igfxtray.exe
    2.9s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igkrng500.bin
    3.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhcp32.dll
    3.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhsip32.dll
    3.4s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhxa32.cpa
    4.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhxg32.vp
    4.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhxa32.vp
    4.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhxc32.vp
    4.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhxo32.vp
    4.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\iglhxs32.vp
    4.2s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\igxpco32.dll
    4.2s C:\Windows\System32\iglhxs32.vp
    4.2s C:\Windows\System32\igfxCoIn_v2869.dll
    4.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\kit49659.inf
    4.7s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\kit49659.cat
    6.1s C:\Windows\System32\DriverStore\FileRepository\kit49659.inf_b4c6ff77\TVWSetup.exe
    6.1s C:\Windows\System32\TVWSetup.exe


    Malware remnants ____________________________________________________________

    HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}\ (Adware.MyWebSearch) -> Deleted

    Cookies _____________________________________________________________________

    C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
    C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
    C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
    C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
    C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
    C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:stat.onestat.com
    C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:tpgpost.122.2o7.net
    C:\Users\Annelie\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\1BRFTBMX.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\2MFSCW7Y.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\342Y21YC.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\4B9ZMF5S.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\4SMYKCD5.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\7MASH8IU.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\8NVU0Q8N.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\9WRWXEJ7.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\D8QHVRHV.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\F241CBXD.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\FE70F8UP.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\HZ8WEXH8.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\N5UE1LXV.txt
    C:\Users\Annelie\AppData\Roaming\Microsoft\Windows\Cookies\YVT3IJ2G.txt


    [/code:1:7707f6eb86]







  • Ik heb overigens alleen een lege map van Iobit kunnen vinden en verwijdert. Zou niet weten wat er nog meer van Iobit op mijn pc staat!
  • [quote:ab4c18ffdb="eline"]Ik heb overigens alleen een lege map van Iobit kunnen vinden en verwijdert. Zou niet weten wat er nog meer van Iobit op mijn pc staat![/quote:ab4c18ffdb]

    O sorry, ik snap het al. Heb in de combifix log gekeken en alles met Iobit opgezocht en verwijderd. Neem aan dat je het zo bedoelde. :oops:
  • Ik wil graag dat jij nu een Schijfcontrole gaat doen.

    Klik daarvoor Computer open en vraag vervolgens de [b:276c52a131]Eigenschappen[/b:276c52a131] van –> "C" op.
    Klik nu op de tab [b:276c52a131]Extra[/b:276c52a131]

    Klik vervolgens op de knop [b:276c52a131]Nu controleren[/b:276c52a131] in het gedeelte waar staat "Hiermee kunt u het station op fouten controleren".

    In het nieuwe venstertje zorg je ervoor dat beide opties aangevinkt zijn.
    Vervolgens krijg je de melding dat Windows voor die actie moet herstarten.

    Doe dat dan ook.

    Hierdoor wordt de systeemschijf niet alleen op clusterfouten gecontroleerd, maar ook op fouten in het bestandssysteem die dan gerepareerd worden.

    Afhankelijk van de omvanggrootte van Windows en de grootte van de schijven, kan deze scan enige tijd in beslag nemen!
  • Ik heb schijfcontrole uitgevoerd. Zowel van de C-schijf als de E-schijf.
    Heb nu de pc normaal opgestart, maar Int Expl werkt niet (wèl in veilige modus) en Avast werkt ook niet. Daarvan krijg ik die foutmelding: Failed to load language dll [1033\UlLangeRes.dll]
    Wat is er toch allemaal aan de hand? :o
  • [b:d7b0492daa]Doe de [img:d7b0492daa]http://www.imgdumper.nl/uploads7/51e818553fadd/51e818553f6fd-EsetCanned.png[/img:d7b0492daa][/b:d7b0492daa]
    [list:d7b0492daa]
    [*:d7b0492daa]Klik op de blauwe knop [b:d7b0492daa]Run ESET Online Scanner[/b:d7b0492daa]
    [*:d7b0492daa]Zet een vinkje bij [b:d7b0492daa]YES, I accept the Terms of Use[/b:d7b0492daa]
    [*:d7b0492daa]Klik op [b:d7b0492daa]Start[/b:d7b0492daa]
    [*:d7b0492daa]Sta het [b:d7b0492daa]ActiveX control[/b:d7b0492daa] toe om te installeren.
    [*:d7b0492daa]Zet een vinkje bij de volgende opties:
    [list:d7b0492daa][*:d7b0492daa][b:d7b0492daa][i:d7b0492daa]Remove found threats[/i:d7b0492daa][/b:d7b0492daa]
    [*:d7b0492daa][b:d7b0492daa][i:d7b0492daa]Scan archives[/i:d7b0492daa][/b:d7b0492daa][/list:u:d7b0492daa]
    [*:d7b0492daa]Klik vervolgens op [b:d7b0492daa]Advanced Settings[/b:d7b0492daa]
    [list:d7b0492daa][*:d7b0492daa][b:d7b0492daa][i:d7b0492daa]Scan for potentially unwanted applications[/i:d7b0492daa][/b:d7b0492daa]
    [*:d7b0492daa][b:d7b0492daa][i:d7b0492daa]Scan for potentially unsafe applications[/i:d7b0492daa][/b:d7b0492daa]
    [*:d7b0492daa][b:d7b0492daa][i:d7b0492daa]Enable Anti-Stealth technology[/i:d7b0492daa][/b:d7b0492daa][/list:u:d7b0492daa]
    [*:d7b0492daa]Klik op [b:d7b0492daa]Start[/b:d7b0492daa][/list:u:d7b0492daa]

    [list:d7b0492daa][*:d7b0492daa]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
    [*:d7b0492daa]is de scan klaar, daarna mag jij het venster sluiten omdat de scan klaar is.
    [*:d7b0492daa]Ga vervolgens naar [b:d7b0492daa]C:\Program Files\ESET\ESET Online Scanner[/b:d7b0492daa] (Windows 64-bit: [b:d7b0492daa]C:\Program Files (x86)\ESET\ESET Online Scanner[/b:d7b0492daa]) en klik daar op [b:d7b0492daa]log.txt[/b:d7b0492daa]
    [*:d7b0492daa]Selekteer, kopieer en plak dan de inhoud van dit log in je volgende bericht.
    [*:d7b0492daa][b:d7b0492daa]
  • Gisteravond heb ik deze Eset Online scanner al gedraaid. Dit kwam er uit:

    ESETSmartInstaller@High as downloader log:
    all ok
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6920
    # api_version=3.0.2
    # EOSSerial=048dfceec70424458d62b35a22c1cb99
    # engine=14863
    # end=finished
    # remove_checked=true
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2013-08-22 01:46:36
    # local_time=2013-08-22 03:46:36 (+0100, West-Europa (zomertijd))
    # country="Netherlands"
    # lang=1033
    # osver=6.0.6002 NT Service Pack 2
    # compatibility_mode=774 16777214 85 93 1058338 153889068 0 0
    # compatibility_mode=5892 16776573 100 100 10457 214711924 0 0
    # scanned=188170
    # found=3
    # cleaned=3
    # scan_time=6762
    sh=2378F9E258834CAD29B65B8EAE83E438F6868C72 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\extensions\gdce@oqleiu.net\content\bg.js"
    sh=0B63EB5603886EAE6D23D4F4DAE8B9D54FB933B2 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\extensions\p9n9_awgb@avmav-.net\content\bg.js"
    sh=B936A79935B3945FAE972E0648D0517C49BAD4A6 ft=1 fh=9df2c62a28bf4a96 vn="Win32/DriverBooster.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Annelie\Downloads\driver_booster_setup_beta_1.0.exe"
    ESETSmartInstaller@High as downloader log:
    all ok
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6920
    # api_version=3.0.2
    # EOSSerial=048dfceec70424458d62b35a22c1cb99
    # engine=14881
    # end=finished
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2013-08-23 05:54:57
    # local_time=2013-08-23 07:54:57 (+0100, West-Europa (zomertijd))
    # country="Netherlands"
    # lang=1033
    # osver=6.0.6002 NT Service Pack 2
    # compatibility_mode=774 16777214 85 93 1159639 153990369 0 0
    # compatibility_mode=5892 16776573 100 100 15269 214813225 0 0
    # scanned=188754
    # found=0
    # cleaned=0
    # scan_time=6718

    Maar misschien wil je een recentere versie? Dan moet ik helaas tot morgen wachten. Ik ben nu in een jachthaven en de internetverbinding is hier niet zo stabiel
  • Doe de scan nogmaals, als het goed is moet hij deze keer niks vinden.
    Hoe je dat nu op eenvoudige wijze doet:

    gebruik Eset nu als [img:e8da7f07b9]http://www.imgdumper.nl/uploads7/51e818553fadd/51e818553f6fd-EsetCanned.png[/img:e8da7f07b9]
  • Eset scan heeft inderdaad niets gevonden:

    ESETSmartInstaller@High as downloader log:
    all ok
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6920
    # api_version=3.0.2
    # EOSSerial=048dfceec70424458d62b35a22c1cb99
    # engine=14863
    # end=finished
    # remove_checked=true
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2013-08-22 01:46:36
    # local_time=2013-08-22 03:46:36 (+0100, West-Europa (zomertijd))
    # country="Netherlands"
    # lang=1033
    # osver=6.0.6002 NT Service Pack 2
    # compatibility_mode=774 16777214 85 93 1058338 153889068 0 0
    # compatibility_mode=5892 16776573 100 100 10457 214711924 0 0
    # scanned=188170
    # found=3
    # cleaned=3
    # scan_time=6762
    sh=2378F9E258834CAD29B65B8EAE83E438F6868C72 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\extensions\gdce@oqleiu.net\content\bg.js"
    sh=0B63EB5603886EAE6D23D4F4DAE8B9D54FB933B2 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Annelie\AppData\Roaming\Mozilla\Firefox\Profiles\beel0usz.default\extensions\p9n9_awgb@avmav-.net\content\bg.js"
    sh=B936A79935B3945FAE972E0648D0517C49BAD4A6 ft=1 fh=9df2c62a28bf4a96 vn="Win32/DriverBooster.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Annelie\Downloads\driver_booster_setup_beta_1.0.exe"
    ESETSmartInstaller@High as downloader log:
    all ok
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6920
    # api_version=3.0.2
    # EOSSerial=048dfceec70424458d62b35a22c1cb99
    # engine=14881
    # end=finished
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2013-08-23 05:54:57
    # local_time=2013-08-23 07:54:57 (+0100, West-Europa (zomertijd))
    # country="Netherlands"
    # lang=1033
    # osver=6.0.6002 NT Service Pack 2
    # compatibility_mode=774 16777214 85 93 1159639 153990369 0 0
    # compatibility_mode=5892 16776573 100 100 15269 214813225 0 0
    # scanned=188754
    # found=0
    # cleaned=0
    # scan_time=6718
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6920
    # api_version=3.0.2
    # EOSSerial=048dfceec70424458d62b35a22c1cb99
    # engine=14890
    # end=finished
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2013-08-25 09:09:20
    # local_time=2013-08-25 11:09:20 (+0100, West-Europa (zomertijd))
    # country="Netherlands"
    # lang=1043
    # osver=6.0.6002 NT Service Pack 2
    # compatibility_mode=771 16777214 33 81 89085 154131632 0 0
    # compatibility_mode=5892 16776574 100 100 137634 214954488 0 0
    # scanned=186569
    # found=0
    # cleaned=0
    # scan_time=6702
  • Mooi zo.
    En laat maar weten hoe jou Windows inmiddels draait.
  • Internet Explorer werkt niet meer en Avast ook niet. Krijg dus die foutmelding
    van Avast: Failed tot load language dll [1033\UlLangeRes.dll]

    Misschien Avast verwijderen en opnieuw installeren? En Int Expl?

    Voor de rest lijkt alles weer oké. Ik ontdekte bij computer, vaste schijfstation ook een lokaal station (Q)???!!! :?
  • Je mag Avast opnieuw installeren.
    Download: http://www.chip.de/downloads/avast-Free-Antivirus_13010163.html


    Internet Explorer opnieuw instellen:
    [list:3b9248bbc5][*:3b9248bbc5]klik in IE op de knop [u:3b9248bbc5]
  • En toen ging het mis!
    Moest Avast eerst verwijderen. Heb via internet aswClear for Avast gebruikt om dit te doen, anders lukte het niet.
    Toen Avast opnieuw geïnstalleerd. Wilde Avast openen; pc gaf geen reactie, bleef maar draaien. Taakbeheer geprobeert te starten, ging niet, PC liep weer vast, met dezelfde foutmelding als in mijn eerste post (het maken van het dialoogvenster etc) Weer terug bij af? :cry:
    Later op de dag maar weer verder; ga nu even wat leuks doen…
  • Download [b:c914cf4881].

    [b:c914cf4881]Lees deze lange handleiding A.U.B. helemaal door voordat u begint.[/b:c914cf4881]
    [b:c914cf4881]

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.