Ga naar inhoud

reageert niet ....webpagina herstellen - Java updates


Adinomis

Aanbevolen berichten

Inderdaad, dan mogen de vermeldingen van lexmark ook weg.

Voer onderstaande uit in veilige modus.

Ga naar start - alle programma's - bureauaccesoires.

Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor uitvoeren als administrator om het opdrachtprompt te openen.

Tik in: sc stop lxdnCATSCustConnectService en druk op Enter.

Tik in: sc delete lxdnCATSCustConnectService en druk op Enter.

Tik in: sc stop lxdn_device en druk op Enter.

Tik in: sc delete lxdn_device en druk op Enter.

Tik in exit en druk Enter.

Als je op een van deze instructies een foutmelding krijgt, ga dan gewoon door met de volgende instructie.

Klik met de rechter muisknop op de icoon van Hijackthis en kies dan voor “Run as administrator" of "Uitvoeren als administrator".

Selecteer “Do a system scan only”.

Vink alleen de items aan die hieronder zijn genoemd:

O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O4 - HKLM\..\Run: [lxdnmon.exe] "C:\Program Files\Lexmark 2600 Series\lxdnmon.exe"

O4 - HKLM\..\Run: [lxdnamon] "C:\Program Files\Lexmark 2600 Series\lxdnamon.exe"

O18 - Protocol: base64 - (no CLSID) - (no file)

O18 - Protocol: chrome - (no CLSID) - (no file)

O18 - Protocol: prox - (no CLSID) - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Maak dan een nieuw logje.

Link naar reactie
Delen op andere sites

  • Reacties 29
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:29:25, on 24-10-2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Safe mode

Running processes:

C:\Users\Dijkhuis\Downloads\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={222019E6-F4C7-4AD1-8C69-31CD54BA3457}&mid=7ca7adffdf3447d687ee41b2e069d136-fcf0a273c1778ecca0cff5311789c598db202e01〈=nl&ds=AVG&pr=fr&d=2012-10-22 19:41:20&v=13.2.0.3&sap=hp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: esnips toolbar helper - {F9B72325-A029-4a39-943A-02433C978829} - C:\Program Files\eSnips.com\eSnipsToolbar\1.3.0.3\escort.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll

O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe

O4 - HKLM\..\Run: [eSnips] "C:\Program Files\eSnips\ClientGW.exe"

O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1

O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT

O4 - HKLM\..\Run: [Aimersoft Helper Compact.exe] C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe

O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = Dijkhuis\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: MemTurbo.lnk = C:\Program Files\MemTurbo 4\MemTurbo.exe

O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} (sIKN Speler) - http://www.kerkomroep.nl/ocx/sIKNPlayer.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab

O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.chat-united.nl/controls/msnchat45.cab

O18 - Protocol: base64 - (no CLSID) - (no file)

O18 - Protocol: chrome - (no CLSID) - (no file)

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll

O18 - Protocol: prox - (no CLSID) - (no file)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

--

End of file - 10299 bytes

Bij de opdrachtprompt werd vermeld dat bepaalde regels niet gelukt waren. Ik heb hiervan een printscreen gemaakt. Die kunt u hier zien.

Link naar reactie
Delen op andere sites

Bij de opdrachtprompt werd vermeld dat bepaalde regels niet gelukt waren. Ik heb hiervan een printscreen gemaakt. Die kunt u hier zien.
Geen probleem, de bedoeling was om die services te verwijderen en dat is gelukt.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

ComboFix 12-10-25.01 - Dijkhuis 25-10-2012 11:00:47.1.2 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1791.914 [GMT 2:00]

Gestart vanuit: c:\users\Dijkhuis\Downloads\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\DealPly

c:\program files\DealPly\DealPly.crx

c:\program files\DealPly\DealPlyTune.dll

c:\program files\DealPly\DealPlyUpdate.exe

c:\program files\DealPly\DealPlyUpdate.log

c:\program files\DealPly\DealPlyUpdateRun.exe

c:\program files\DealPly\icon.ico

c:\program files\DealPly\sqlite3.dll

c:\program files\DealPly\uninst.exe

c:\programdata\SPL1D5.tmp

c:\programdata\SPL3746.tmp

c:\programdata\SPLE8A.tmp

c:\users\Dijkhuis\AppData\Roaming\.#

c:\users\Dijkhuis\AppData\Roaming\.#\MBX@EA4@15C2710.###

c:\users\Dijkhuis\AppData\Roaming\.#\MBX@EA4@15C2740.###

c:\users\Dijkhuis\AppData\Roaming\6ad5bb60c75b4ccde42fd0a36026cffc_c68827fd-c27b-4547-9594-982fb91d1c77.gpg

c:\users\Dijkhuis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2 .lnk

E:\autorun.inf

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-25 to 2012-10-25 ))))))))))))))))))))))))))))))

.

.

2012-10-25 09:09 . 2012-10-25 09:10 -------- d-----w- c:\users\Dijkhuis\AppData\Local\temp

2012-10-25 09:09 . 2012-10-25 09:09 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-22 17:41 . 2012-10-22 17:41 -------- d-----w- c:\program files\AVG Secure Search

2012-10-22 16:59 . 2012-10-22 16:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-10-22 16:59 . 2012-09-29 17:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-10-15 20:02 . 2012-10-22 17:12 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE

2012-10-10 08:53 . 2012-08-31 17:18 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-10-10 08:53 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll

2012-10-10 08:53 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-10-10 08:53 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-10-08 14:00 . 2012-10-08 14:00 -------- d-----w- c:\program files\MemTurbo 4

2012-10-08 13:57 . 2012-10-08 13:57 -------- d-----w- c:\users\Dijkhuis\AppData\Roaming\Malwarebytes

2012-10-08 13:57 . 2012-10-08 14:17 -------- d-----w- c:\programdata\Malwarebytes

2012-10-07 15:58 . 2012-10-07 15:58 -------- d-----w- c:\program files\CCleaner

2012-10-07 15:57 . 2012-10-24 11:03 -------- d-----w- c:\users\Dijkhuis\AppData\Roaming\BrowserCompanion

2012-09-26 08:02 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-22 17:41 . 2012-09-03 21:06 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2012-10-09 17:12 . 2012-05-14 07:20 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-09 17:12 . 2011-07-31 20:45 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-24 06:59 . 2012-09-23 20:53 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 06:51 . 2012-09-23 20:53 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 06:51 . 2012-09-23 20:53 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 06:47 . 2012-09-23 20:53 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 06:47 . 2012-09-23 20:53 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 06:43 . 2012-09-23 20:53 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-22 17:16 . 2012-09-12 08:05 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-22 17:16 . 2012-09-12 08:05 712048 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-08-22 17:16 . 2012-09-12 08:05 240496 ----a-w- c:\windows\system32\drivers\netio.sys

2012-08-22 17:16 . 2012-09-12 08:05 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-08-02 16:57 . 2012-09-12 08:05 490496 ----a-w- c:\windows\system32\d3d10level9.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-10-22 17:41 1792968 ----a-w- c:\program files\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll" [2012-10-22 1792968]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 94208 ----a-w- c:\users\Dijkhuis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 94208 ----a-w- c:\users\Dijkhuis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 94208 ----a-w- c:\users\Dijkhuis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]

2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-13 39408]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]

"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-08-01 2345592]

"eSnips"="c:\program files\eSnips\ClientGW.exe" [2007-12-10 872448]

"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-10-22 997320]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2565520]

"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-03-28 1611160]

"Aimersoft Helper Compact.exe"="c:\program files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe" [2012-02-20 1666560]

"ROC_roc_ssl_v12"="c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-10-22 1020512]

.

c:\users\Dijkhuis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Dijkhuis\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

MemTurbo.lnk - c:\program files\MemTurbo 4\MemTurbo.exe [2012-10-8 3121760]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x]

S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-25 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 17:12]

.

2012-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-13 12:27]

.

2012-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-13 12:27]

.

2012-10-24 c:\windows\Tasks\WpsUpdateTask_Dijkhuis.job

- c:\program files\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2011-11-03 16:00]

.

.

------- Bijkomende Scan -------

.

uStart Page = https://isearch.avg.com/?cid={222019E6-F4C7-4AD1-8C69-31CD54BA3457}&mid=7ca7adffdf3447d687ee41b2e069d136-fcf0a273c1778ecca0cff5311789c598db202e01〈=nl&ds=AVG&pr=fr&d=2012-10-22 19:41&v=13.2.0.3&sap=hp

TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll

DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} - hxxp://www.kerkomroep.nl/ocx/sIKNPlayer.cab

DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-10 - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{46735DEE-F862-49D1-876D-6382794DC625} - (no file)

WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

WebBrowser-{3BD53DEC-24D7-4F9E-B27C-925559B8D27D} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

WebBrowser-{9427041A-A8DC-4D06-9A68-93873486E957} - (no file)

WebBrowser-{95324E44-4B0A-47A9-8F77-9C6415E51C29} - (no file)

HKLM-Run-ClientGW - (no file)

HKLM-Run-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe

HKLM-Run-ROC_ROC_JULY_P1 - c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe

HKLM-Run-ROC_ROC_NT - c:\program files\AVG Secure Search\ROC_ROC_NT.exe

MSConfigStartUp-Media Finder - c:\program files\Media Finder\Media Finder.exe

AddRemove-DealPly - c:\program files\DealPly\uninst.exe

AddRemove-PDF Creator - c:\program\uninstpw.exe

AddRemove-FoxTab PDF Converter - c:\program files\FoxTabPDFConverter\Uninstall\Uninstall.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}"=hex:51,66,7a,6c,4c,1d,38,12,62,ab,04,

14,3b,21,26,00,d7,5b,ae,96,a9,cb,61,e4

"{46735DEE-F862-49D1-876D-6382794DC625}"=hex:51,66,7a,6c,4c,1d,38,12,80,5e,60,

42,50,b6,bf,0c,f8,7b,20,c2,7c,13,82,31

"{30F9B915-B755-4826-820B-08FBA6BD249D}"=hex:51,66,7a,6c,4c,1d,38,12,7b,ba,ea,

34,67,f9,48,0d,fd,1d,4b,bb,a3,e3,60,89

"{3BD53DEC-24D7-4F9E-B27C-925559B8D27D}"=hex:51,66,7a,6c,4c,1d,38,12,82,3e,c6,

3f,e5,6a,f0,0a,cd,6a,d1,15,5c,e6,96,69

"{3132F1DF-2C69-49F5-ACA5-69965FC18E59}"=hex:51,66,7a,6c,4c,1d,38,12,b1,f2,21,

35,5b,62,9b,0c,d3,b3,2a,d6,5a,9f,ca,4d

"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,

d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54

"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,

91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27

"{9427041A-A8DC-4D06-9A68-93873486E957}"=hex:51,66,7a,6c,4c,1d,38,12,74,07,34,

90,ee,e6,68,08,e5,7e,d0,c7,31,d8,ad,43

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,

27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b

"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"=hex:51,66,7a,6c,4c,1d,38,12,e6,58,38,

83,87,d3,7e,06,c2,c6,ef,58,90,09,a1,e1

"{99079A25-328F-4BD4-BE04-00955ACAA0A7}"=hex:51,66,7a,6c,4c,1d,38,12,4b,99,14,

9d,bd,7c,ba,0e,c1,12,43,d5,5f,94,e4,b3

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,

38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4

"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,

57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b

"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,

6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f

"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{9D717F81-9148-4F12-8568-69135F087DB0}"=hex:51,66,7a,6c,4c,1d,38,12,ef,7c,62,

99,7a,df,7c,0a,fa,7e,2a,53,5a,56,39,a4

"{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}"=hex:51,66,7a,6c,4c,1d,38,12,49,4c,04,

a2,cd,51,b8,a4,d6,29,f9,08,a8,03,90,5c

"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,

ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3

"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,

aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{F9B72325-A029-4A39-943A-02433C978829}"=hex:51,66,7a,6c,4c,1d,38,12,4b,20,a4,

fd,1b,ee,57,0f,eb,2c,41,03,39,c9,cc,3d

"{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}"=hex:51,66,7a,6c,4c,1d,38,12,ae,93,7e,

f9,dc,a8,a8,0e,c6,e1,dd,93,1c,37,c4,13

"{6FA80B45-4618-4EAC-AAE7-1EB348812D33}"=hex:51,66,7a,6c,4c,1d,38,12,2b,08,bb,

6b,2a,08,c2,0b,d5,f1,5d,f3,4d,df,69,27

"{72FE8681-0BFA-471B-9B2A-B37ED68DD09E}"=hex:51,66,7a,6c,4c,1d,38,12,ef,85,ed,

76,c8,45,75,02,e4,3c,f0,3e,d3,d3,94,8a

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:89,e4,ae,9e,2b,26,cd,01

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-10-25 11:16:30

ComboFix-quarantined-files.txt 2012-10-25 09:16

.

Pre-Run: 961376653312 bytes beschikbaar

Post-Run: 961354846208 bytes beschikbaar

.

- - End Of File - - 24756D22E735F3FDEB9E5AFF34D7F35B

Link naar reactie
Delen op andere sites

Open een nieuw kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\users\Dijkhuis\AppData\Roaming\BrowserCompanion

File::

c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe

Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

[-HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[-HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[-HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

Drivers::

AVG Security Toolbar Service

Sla dit bestand op je bureaublad op als CFScript

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht

Link naar reactie
Delen op andere sites

ComboFix 12-10-25.01 - Dijkhuis 30-10-2012 10:23:17.2.2 - x86

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1791.955 [GMT 1:00]

Gestart vanuit: c:\users\Dijkhuis\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Dijkhuis\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

FILE ::

"c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe

c:\users\Dijkhuis\AppData\Roaming\BrowserCompanion

c:\users\Dijkhuis\AppData\Roaming\BrowserCompanion\tcbhn.exe

c:\users\Dijkhuis\AppData\Roaming\BrowserCompanion\valuese.xml

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_AVG Security Toolbar Service

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-09-28 to 2012-10-30 ))))))))))))))))))))))))))))))

.

.

2012-10-30 09:30 . 2012-10-30 09:33 -------- d-----w- c:\users\Dijkhuis\AppData\Local\temp

2012-10-30 09:30 . 2012-10-30 09:30 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-10-22 17:41 . 2012-10-22 17:41 -------- d-----w- c:\program files\AVG Secure Search

2012-10-22 16:59 . 2012-10-22 16:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-10-22 16:59 . 2012-09-29 17:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-10-15 20:02 . 2012-10-22 17:12 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE

2012-10-10 08:53 . 2012-08-31 17:18 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-10-10 08:53 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll

2012-10-10 08:53 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-10-10 08:53 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-10-08 13:57 . 2012-10-08 13:57 -------- d-----w- c:\users\Dijkhuis\AppData\Roaming\Malwarebytes

2012-10-08 13:57 . 2012-10-08 14:17 -------- d-----w- c:\programdata\Malwarebytes

2012-10-07 15:58 . 2012-10-07 15:58 -------- d-----w- c:\program files\CCleaner

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-22 17:41 . 2012-09-03 21:06 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2012-10-09 17:12 . 2012-05-14 07:20 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-09 17:12 . 2011-07-31 20:45 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-24 06:59 . 2012-09-23 20:53 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 06:51 . 2012-09-23 20:53 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 06:51 . 2012-09-23 20:53 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 06:47 . 2012-09-23 20:53 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 06:47 . 2012-09-23 20:53 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 06:43 . 2012-09-23 20:53 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-22 17:16 . 2012-09-12 08:05 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-22 17:16 . 2012-09-12 08:05 712048 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-08-22 17:16 . 2012-09-12 08:05 240496 ----a-w- c:\windows\system32\drivers\netio.sys

2012-08-22 17:16 . 2012-09-12 08:05 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-08-21 20:12 . 2012-09-26 08:02 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2012-08-02 16:57 . 2012-09-12 08:05 490496 ----a-w- c:\windows\system32\d3d10level9.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 94208 ----a-w- c:\users\Dijkhuis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 94208 ----a-w- c:\users\Dijkhuis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-15 00:32 94208 ----a-w- c:\users\Dijkhuis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]

2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-13 39408]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]

"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-08-01 2345592]

"eSnips"="c:\program files\eSnips\ClientGW.exe" [2007-12-10 872448]

"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-10-22 997320]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2565520]

"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-03-28 1611160]

"Aimersoft Helper Compact.exe"="c:\program files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe" [2012-02-20 1666560]

"ROC_roc_ssl_v12"="c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-10-22 1020512]

.

c:\users\Dijkhuis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Dijkhuis\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x]

S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]

S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-10-30 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 17:12]

.

2012-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-13 12:27]

.

2012-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-13 12:27]

.

2012-10-30 c:\windows\Tasks\WpsUpdateTask_Dijkhuis.job

- c:\program files\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2011-11-03 16:00]

.

.

------- Bijkomende Scan -------

.

uStart Page = https://www.google.nl/

TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll

DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} - hxxp://www.kerkomroep.nl/ocx/sIKNPlayer.cab

DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}"=hex:51,66,7a,6c,4c,1d,38,12,62,ab,04,

14,3b,21,26,00,d7,5b,ae,96,a9,cb,61,e4

"{46735DEE-F862-49D1-876D-6382794DC625}"=hex:51,66,7a,6c,4c,1d,38,12,80,5e,60,

42,50,b6,bf,0c,f8,7b,20,c2,7c,13,82,31

"{30F9B915-B755-4826-820B-08FBA6BD249D}"=hex:51,66,7a,6c,4c,1d,38,12,7b,ba,ea,

34,67,f9,48,0d,fd,1d,4b,bb,a3,e3,60,89

"{3BD53DEC-24D7-4F9E-B27C-925559B8D27D}"=hex:51,66,7a,6c,4c,1d,38,12,82,3e,c6,

3f,e5,6a,f0,0a,cd,6a,d1,15,5c,e6,96,69

"{3132F1DF-2C69-49F5-ACA5-69965FC18E59}"=hex:51,66,7a,6c,4c,1d,38,12,b1,f2,21,

35,5b,62,9b,0c,d3,b3,2a,d6,5a,9f,ca,4d

"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,

d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54

"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,

91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27

"{9427041A-A8DC-4D06-9A68-93873486E957}"=hex:51,66,7a,6c,4c,1d,38,12,74,07,34,

90,ee,e6,68,08,e5,7e,d0,c7,31,d8,ad,43

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,

27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b

"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"=hex:51,66,7a,6c,4c,1d,38,12,e6,58,38,

83,87,d3,7e,06,c2,c6,ef,58,90,09,a1,e1

"{99079A25-328F-4BD4-BE04-00955ACAA0A7}"=hex:51,66,7a,6c,4c,1d,38,12,4b,99,14,

9d,bd,7c,ba,0e,c1,12,43,d5,5f,94,e4,b3

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,

38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4

"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,

57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b

"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,

6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f

"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{9D717F81-9148-4F12-8568-69135F087DB0}"=hex:51,66,7a,6c,4c,1d,38,12,ef,7c,62,

99,7a,df,7c,0a,fa,7e,2a,53,5a,56,39,a4

"{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}"=hex:51,66,7a,6c,4c,1d,38,12,49,4c,04,

a2,cd,51,b8,a4,d6,29,f9,08,a8,03,90,5c

"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,

ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3

"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,

aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{F9B72325-A029-4A39-943A-02433C978829}"=hex:51,66,7a,6c,4c,1d,38,12,4b,20,a4,

fd,1b,ee,57,0f,eb,2c,41,03,39,c9,cc,3d

"{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}"=hex:51,66,7a,6c,4c,1d,38,12,ae,93,7e,

f9,dc,a8,a8,0e,c6,e1,dd,93,1c,37,c4,13

"{6FA80B45-4618-4EAC-AAE7-1EB348812D33}"=hex:51,66,7a,6c,4c,1d,38,12,2b,08,bb,

6b,2a,08,c2,0b,d5,f1,5d,f3,4d,df,69,27

"{72FE8681-0BFA-471B-9B2A-B37ED68DD09E}"=hex:51,66,7a,6c,4c,1d,38,12,ef,85,ed,

76,c8,45,75,02,e4,3c,f0,3e,d3,d3,94,8a

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:89,e4,ae,9e,2b,26,cd,01

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'Explorer.exe'(3488)

c:\users\Dijkhuis\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Canon\IJPLM\IJPLMSVC.EXE

c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe

c:\windows\system32\IoctlSvc.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

c:\windows\system32\taskhost.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\AVG\AVG10\avgnsx.exe

c:\windows\system32\conhost.exe

c:\windows\system32\sppsvc.exe

c:\program files\Windows Media Player\wmpnetwk.exe

.

**************************************************************************

.

Voltooingstijd: 2012-10-30 10:37:29 - machine werd herstart

ComboFix-quarantined-files.txt 2012-10-30 09:37

ComboFix2.txt 2012-10-25 09:16

.

Pre-Run: 960617066496 bytes beschikbaar

Post-Run: 960203538432 bytes beschikbaar

.

- - End Of File - - 5E549E4E4CBAEB1C1939248D37464E30

Link naar reactie
Delen op andere sites

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /)

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download Java Runtime Environment (JRE) 7 Update 09.

  • Scroll omlaag naar : "Java Platform Standard Edition".
  • Klik op de "Download JRE" knop aan de rechterkant.
  • Selecteer "Accept License Agreement"
  • Klik op de jre-7u9-windows-i586.exe link en bewaar het naar je Bureaublad.
  • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
  • Ga dan naar Start > Configuratiescherm > Software of Start > Configuratiescherm > Programma's en onderdelen (bij Vista) en verwijder alle oudere versies van Java uit de Softwarelijst.
  • Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
  • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  • Herhaal dit tot alle oudere versies verdwenen zijn.
  • Na het verwijderen van alle oudere versies, herstart je pc.
  • Dubbelklik vervolgens op jre-7u9-windows-i586.exe op je Bureaublad om de nieuwste versie van Java te installeren.

Na de installatie mag je ook het installatiebestand weer verwijderen.

Doe dan een registeropruiming met CCleaner.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (Als je niet wil dat Google Chrome op je pc als standaard webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Hoe staat het nu met de problemen?

Link naar reactie
Delen op andere sites

Ik ben begonnen om volgens bovenstaande instructies verder te gaan. Ik kon in mijn startmenu niet de functie "uitvoeren" vinden. Even gegoogled en daarbij bleek dat het ook kon met Windows+R en dat is gelukt.

Vervolgens moet ik Java Runtime downloaden. Ik heb gekeken op meerdere sites en ik dacht dat dit de goede site was.

Maar daarop zie ik niet staan: "Java Platform Standard Editor". Kun je me een link geven zodat ikhet juiste programma download?

Het probleem "reageert niet... webpagina herstellen" is gelukkig opgelost. Daar ben ik heel blij mee. Dat werkt een stuk prettiger op mijn pc.

Die update venstertjes van Java komen nog wel regelmatig. Ook zie ik tegenwoordig vaak het venster verschijnen "deze webpagina wil de volgende invoegtoepassing uitvoeren: Adobe Flash Player van Adobe Systems Incorporated" en dan kun je intoetsen "toestaan" of "toestaan voor alle websites". Ik klik het venster meestal weg. Misschien moet ik daar ook iets mee doen. Ik zie de laatste tijd ook wel vaker update venstertjes hiervoor.

Ik bewonder de manier waarop u me door al die ingewikkelde processen loodst.

Hopelijk krijgen we die Java plagerijtjes ook nog onder de knie. Ik ben benieuwd.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.