Ga naar inhoud

Aanbevolen berichten

Geplaatst:

Gedaan, hieronder het log van Combofix;

ComboFix 12-09-18.07 - Administrator 09/20/2012 0:17.3.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1466 [GMT 2:00]

Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

FILE ::

"c:\windows\system32\drivers\9j9f3dytg.sys"

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_9J9F3DYTG.SYS

-------\Service_9j9f3dytg.sys

.

.

((((((((((((((((((((((((( Files Created from 2012-08-19 to 2012-09-19 )))))))))))))))))))))))))))))))

.

.

2012-09-19 22:26 . 2012-09-19 22:26 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B16E92AE-AACD-40E9-883D-1EE3EE0FFB6D}\MpKsl918aba14.sys

2012-09-19 20:12 . 2012-08-30 08:17 6980552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B16E92AE-AACD-40E9-883D-1EE3EE0FFB6D}\mpengine.dll

2012-09-19 11:08 . 2012-09-19 11:13 -------- d-----w- c:\documents and settings\All Users\Application Data\MyHeritage

2012-09-19 11:08 . 2012-09-19 11:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\MyHeritage

2012-09-19 11:06 . 2012-09-19 11:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\The Complete Genealogy Reporter - FTB

2012-09-19 11:06 . 2003-07-06 11:07 372736 ----a-w- c:\windows\system32\ijl15.dll

2012-09-19 11:06 . 2002-03-06 22:19 454656 ----a-w- c:\windows\system32\PaintX.dll

2012-09-19 11:06 . 2000-05-22 14:58 608448 ----a-w- c:\windows\system32\comctl32.ocx

2012-09-19 11:06 . 1998-06-23 22:00 137000 ----a-w- c:\windows\system32\msmapi32.ocx

2012-09-19 11:05 . 2012-09-19 11:15 -------- d-----w- c:\program files\MyHeritage

2012-09-18 11:16 . 2012-08-22 22:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-09-13 09:34 . 2012-09-13 09:34 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-09-13 09:34 . 2012-09-13 09:34 -------- d-----w- c:\program files\Trend Micro

2012-09-04 14:36 . 2012-09-04 14:36 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2012-09-02 14:07 . 2012-09-18 17:54 -------- d-----w- c:\program files\Mozilla Maintenance Service

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-24 13:43 . 2012-03-19 03:17 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2012-07-26 01:21 . 2012-02-22 03:25 237408 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2012-07-06 13:58 . 2011-02-11 17:38 78336 ----a-w- c:\windows\system32\browser.dll

2012-07-04 14:05 . 2011-02-11 08:50 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-07-03 13:40 . 2011-02-11 17:39 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-07-02 17:49 . 2011-02-11 17:39 916992 ----a-w- c:\windows\system32\wininet.dll

2012-07-02 17:49 . 2011-02-11 17:38 43520 ------w- c:\windows\system32\licmgr10.dll

2012-07-02 17:49 . 2011-02-11 17:38 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-07-02 12:05 . 2011-02-11 17:38 385024 ------w- c:\windows\system32\html.iec

2012-09-08 15:34 . 2012-09-08 15:30 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-09-19_09.18.20 )))))))))))))))))))))))))))))))))))))))))

.

+ 2007-11-06 23:19 . 2007-11-06 23:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll

+ 2007-11-06 23:19 . 2007-11-06 23:19 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll

+ 2007-11-06 23:19 . 2007-11-06 23:19 47104 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll

+ 2007-11-06 23:19 . 2007-11-06 23:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll

+ 2007-11-06 23:19 . 2007-11-06 23:19 60416 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll

+ 2007-11-06 23:19 . 2007-11-06 23:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll

+ 2007-11-06 23:19 . 2007-11-06 23:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll

+ 2007-11-06 23:19 . 2007-11-06 23:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll

+ 2007-11-06 23:19 . 2007-11-06 23:19 60928 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll

+ 2007-11-06 23:19 . 2007-11-06 23:19 41984 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll

+ 2007-11-06 23:19 . 2007-11-06 23:19 41472 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll

+ 2007-11-06 20:51 . 2007-11-06 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll

+ 2007-11-06 20:51 . 2007-11-06 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll

+ 2012-09-19 22:25 . 2012-09-19 22:25 16384 c:\windows\Temp\Perflib_Perfdata_ec.dat

+ 2011-02-11 17:38 . 2012-09-19 22:30 72754 c:\windows\system32\perfc009.dat

- 2011-02-11 17:38 . 2012-09-18 18:14 72754 c:\windows\system32\perfc009.dat

+ 2007-11-06 23:19 . 2007-11-06 23:19 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll

- 2011-02-11 17:38 . 2012-09-18 18:14 445044 c:\windows\system32\perfh009.dat

+ 2011-02-11 17:38 . 2012-09-19 22:30 445044 c:\windows\system32\perfh009.dat

+ 2011-12-21 15:32 . 2011-12-21 15:32 404496 c:\windows\system32\FTBSaver.scr

+ 2012-09-19 11:06 . 2012-09-19 11:06 228352 c:\windows\Installer\3b17771.msi

+ 2007-11-06 23:19 . 2007-11-06 23:19 1162744 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll

+ 2007-11-06 23:19 . 2007-11-06 23:19 1156600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-09-04 14:36 1734240 ----a-w- c:\program files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll" [2012-09-04 1734240]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Spotify"="c:\documents and settings\Administrator\Application Data\Spotify\Spotify.exe" [2012-09-03 5576408]

"Spotify Web Helper"="c:\documents and settings\Administrator\Application Data\Spotify\Data\SpotifyWebHelper.exe" [2012-09-03 1193176]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]

"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]

"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2010-10-29 2498560]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]

"Ad-Aware Browsing Protection"="c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]

"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-09-04 947808]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]

"ROC_ROC_JULY_P1"="c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-09-04 1022048]

"Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-12-21 229376]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\WINDOWS\\system32\\dplaysvr.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Documents and Settings\\Administrator\\Application Data\\Spotify\\spotify.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:Remote Desktop

"65533:TCP"= 65533:TCP:Services

"52344:TCP"= 52344:TCP:Services

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [4/19/2012 4:50 AM 24896]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [1/31/2012 4:46 AM 31952]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2/22/2012 5:25 AM 237408]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [3/19/2012 5:17 AM 301920]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [9/4/2012 4:36 PM 27496]

R1 MpKsl918aba14;MpKsl918aba14;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B16E92AE-AACD-40E9-883D-1EE3EE0FFB6D}\MpKsl918aba14.sys [9/20/2012 12:26 AM 29904]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2/14/2012 4:53 AM 193288]

R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [9/4/2012 4:36 PM 722528]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [12/23/2011 1:32 PM 139856]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [12/23/2011 1:32 PM 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [12/23/2011 1:32 PM 17232]

S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [8/13/2012 3:24 AM 5167736]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 2:49 PM 227232]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [9/2/2012 4:07 PM 114144]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MPKSL918ABA14

.

Contents of the 'Scheduled Tasks' folder

.

2012-09-19 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]

.

2012-09-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1757981266-1417001333-500Core.job

- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-04-24 13:25]

.

2012-09-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1757981266-1417001333-500UA.job

- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-04-24 13:25]

.

2012-09-19 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.nl/

uInternet Settings,ProxyOverride = *.local

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.0.1

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll

FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\aqrzhtzs.default\

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-09-20 00:26

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-436374069-1757981266-1417001333-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2c,11,f6,e4,03,af,d0,4c,97,b9,be,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2c,11,f6,e4,03,af,d0,4c,97,b9,be,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(748)

c:\windows\system32\WININET.dll

c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.dll

c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\nvsvc32.exe

c:\program files\Microsoft Security Client\MsMpEng.exe

c:\windows\System32\WLTRYSVC.EXE

c:\windows\System32\bcmwltry.exe

c:\windows\System32\SCardSvr.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\RUNDLL32.EXE

c:\windows\system32\rundll32.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Common Files\Java\Java Update\jucheck.exe

.

**************************************************************************

.

Completion time: 2012-09-20 00:32:09 - machine was rebooted

ComboFix-quarantined-files.txt 2012-09-19 22:32

ComboFix2.txt 2012-09-19 09:21

.

Pre-Run: 16,460,873,728 bytes free

Post-Run: 16,574,427,136 bytes free

.

- - End Of File - - 504FE0F799222D18022603CFF62C4333

Geplaatst:

Probleem lijkt opgelost, ontzettend bedankt! De vrees voor een trojan is dus niet terecht geweest? Kan ik de programma's die ik heb gedownload nu ook weer verwijderen (Host & Combofix) of blijven deze noodzakelijk?

Geplaatst: (aangepast)

Problemen van de baan, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht/Programma’s en bestanden zoeken en typ daar: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen. En dat mag je ook met MVPS Hosts.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten). In XP doe je dit via

Start -> Configuratiescherm -> Systeem -> Systeemherstel -> "Systeemherstel op alle stations uitschakelen" aanvinken. Toepassen en OK. PC herstarten en het vinkje terug weg halen.

Indien dit allemaal probleemloos verlopen is, mag je hieronder op "markeer als opgelost" tokkelen !

aangepast door kape
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.