Ga naar inhoud
  • 0

Documenten door virus/malware verwijderd?


anoniem

Vraag

In mijn 'documents' map bevonden zich gister nog verschillende mappen met erg veel belangrijke bestanden. Nu had ik net een en ander nodig..blijkt bijna alles weg te zijn! Weet niet of het echt verwijderd is of op een of andere manier niet toegankelijk is of iets dergelijks. Door verborgen bestanden of mappen weer te geven kan ik het niet vinden in ieder geval. Omdat ik zelf denk aan een virus of malware ben ik nu Malwarebytes aan het runnen, weet nog niet wat daar uit komt, maar mocht dat programma iets vinden dan heb ik m'n bestanden nog niet terug neem ik aan. Als virusscanner gebruik ik AVG free edition 2011. Hoe krijg ik mijn bestanden weer terug?
Link naar reactie
  • Antwoorden 99
  • Aangemaakt
  • Laatste reactie

Beste reacties voor deze vraag

  • anoniem

    100

Aanbevolen berichten

  • 0
Dan mag je daarna ComboFix gebruiken. Het kan zijn dat je AVG moet deïnstalleren. Kijk dan daarvoor [url=http://www.avg.com/nl-nl/36]hier[/url]. [b:35458ee4ee]Welk programma[/b:35458ee4ee]: ComboFix [b:35458ee4ee]Waarvoor/waarom[/b:35458ee4ee]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:35458ee4ee]Moeilijkheidsgraad[/b:35458ee4ee]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:35458ee4ee]Downloadlokatie[/b:35458ee4ee]: Dit programma absoluut naar het bureaublad downloaden! [b:35458ee4ee]Download ComboFix via één van deze locaties[/b:35458ee4ee]: [list:35458ee4ee][*:35458ee4ee][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:35458ee4ee]Bleepingcomputer[/b:35458ee4ee][/url] [*:35458ee4ee][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:35458ee4ee]ForoSpyware[/b:35458ee4ee][/url] [*:35458ee4ee][url=http://subs.geekstogo.com/ComboFix.exe][b:35458ee4ee]Geekstogo[/b:35458ee4ee][/url][/list:u:35458ee4ee] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:35458ee4ee]Hier[/b:35458ee4ee][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:35458ee4ee]Hier[/b:35458ee4ee][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:35458ee4ee]hier[/b:35458ee4ee][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:35458ee4ee]Voor alle duidelijkheid nogmaals[/b:35458ee4ee]: ComboFix dient vanaf het bureaublad gestart te worden. [b:35458ee4ee]Opmerkingen[/b:35458ee4ee]: [list:35458ee4ee][*:35458ee4ee] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:35458ee4ee]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:35458ee4ee]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:35458ee4ee] [b:35458ee4ee]ComboFix is opgestart[/b:35458ee4ee]: [list:35458ee4ee][*:35458ee4ee]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:35458ee4ee]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:35458ee4ee]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:35458ee4ee]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:35458ee4ee]Post de inhoud van dit logbestand in je volgende bericht. [*:35458ee4ee]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:35458ee4ee] [b:35458ee4ee]Belangrijke opmerking[/b:35458ee4ee]: [list:35458ee4ee][*:35458ee4ee][b:35458ee4ee][color=Red:35458ee4ee]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:35458ee4ee][/b:35458ee4ee] [*:35458ee4ee][b:35458ee4ee][color=blue:35458ee4ee]Illegal operation attempted on a registery key that has been marked for deletion.[/color:35458ee4ee][/b:35458ee4ee] [*:35458ee4ee][b:35458ee4ee][color=Red:35458ee4ee]Start dan de computer opnieuw op.[/color:35458ee4ee][/b:35458ee4ee][/list:u:35458ee4ee]
Link naar reactie
  • 0
Hier het logbestand gemaakt door Combo fix: ComboFix 11-06-30.02 - Pieter 30-06-2011 17:03:28.1.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.31.1043.18.1278.461 [GMT 2:00] Gestart vanuit: c:\users\Pieter\Downloads\ComboFix.exe AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . d:\smart pdf creator\sspdfagentd.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-05-28 to 2011-06-30 )))))))))))))))))))))))))))))) . . 2011-06-30 15:14 . 2011-06-30 15:15 -------- d-----w- c:\users\Pieter\AppData\Local\temp 2011-06-30 15:14 . 2011-06-30 15:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-06-30 14:59 . 2011-06-30 15:00 -------- d-----w- C:\32788R22FWJFW 2011-06-30 12:05 . 2011-06-20 08:31 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys 2011-06-30 12:05 . 2011-06-30 12:05 -------- d-----w- c:\program files\Lavasoft 2011-06-30 11:40 . 2011-06-30 11:40 -------- d-----w- c:\users\Pieter\AppData\Roaming\Malwarebytes 2011-06-30 11:40 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-06-30 11:40 . 2011-06-30 11:40 -------- d-----w- c:\programdata\Malwarebytes 2011-06-30 11:40 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-30 11:40 . 2011-06-30 11:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-06-30 11:17 . 2011-06-30 11:17 -------- d-----w- c:\users\Pieter\AppData\Local\{30FC340F-875C-4695-973D-63A2F7F609A1} 2011-06-30 10:41 . 2011-06-30 10:41 -------- d-----w- c:\users\Pieter\AppData\Local\{4101C213-CF39-4504-A9CD-573FAAC75DF0} 2011-06-29 07:17 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll 2011-06-29 07:00 . 2011-06-30 10:47 -------- d-----w- c:\users\Pieter\AppData\Local\MediaGet2 2011-06-29 06:51 . 2011-06-29 18:53 -------- d-----w- c:\users\Pieter\AppData\Local\{8D63C0A3-679D-4760-AC36-03BA5F341254} 2011-06-28 21:42 . 2011-06-28 21:43 -------- d-----w- c:\programdata\TorrentEasy 2011-06-28 13:44 . 2011-06-28 13:44 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-06-28 13:44 . 2011-06-28 13:44 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-06-28 05:35 . 2011-06-28 17:36 -------- d-----w- c:\users\Pieter\AppData\Local\{45FA7463-C259-447A-94CC-C0F730F163B4} 2011-06-27 11:23 . 2011-06-27 11:23 -------- d-----w- c:\users\Pieter\AppData\Local\{5CCA7C36-45B7-4248-8DD9-7475116F0D6B} 2011-06-26 17:44 . 2011-06-26 17:45 -------- d-----w- c:\users\Pieter\AppData\Local\{D1B4523A-AB4B-47A3-8027-82F3C101F534} 2011-06-25 07:44 . 2011-06-25 07:44 -------- d-----w- c:\users\Pieter\AppData\Local\{2EDD53DE-1E87-440A-826D-569F512A43FB} 2011-06-24 19:39 . 2011-06-24 19:39 -------- d-----w- c:\users\Pieter\AppData\Local\{3C2ABD11-4AD3-4FC4-A477-8FCD01703141} 2011-06-24 07:38 . 2011-06-24 07:38 -------- d-----w- c:\users\Pieter\AppData\Local\{4747C671-F6B1-4586-BDE5-25C4E905CFB0} 2011-06-23 09:17 . 2011-06-23 09:18 -------- d-----w- c:\users\Pieter\AppData\Local\{412F8F8C-91A8-4264-8139-DA0722B36B42} 2011-06-22 21:17 . 2011-06-22 21:17 -------- d-----w- c:\users\Pieter\AppData\Local\{4CC1E4DD-7755-4991-9024-3C452577219B} 2011-06-22 08:57 . 2011-06-22 08:57 -------- d-----w- c:\program files\Common Files\xing shared 2011-06-22 08:33 . 2011-06-22 08:33 -------- d-----w- c:\users\Pieter\AppData\Local\{52D0C98D-51C0-4A52-B241-BAC6D50AE103} 2011-06-21 08:32 . 2011-06-21 20:33 -------- d-----w- c:\users\Pieter\AppData\Local\{6F6E29A1-A26F-45DF-A314-E6536085EADC} 2011-06-20 12:01 . 2011-06-20 12:01 -------- d-----w- c:\users\Pieter\AppData\Local\{E41CB9DB-AD82-4E17-A29E-594D8A2C9BCC} 2011-06-19 21:01 . 2011-06-19 21:01 -------- d-----w- c:\users\Pieter\AppData\Local\{F149C433-31BD-47F8-9146-C9043FB752F8} 2011-06-19 08:09 . 2011-06-19 08:09 -------- d-----w- c:\users\Pieter\AppData\Local\{022473C4-8D10-4DD5-A7F2-1360397F247D} 2011-06-18 23:17 . 2011-06-18 23:17 -------- d-----w- c:\users\Pieter\AppData\Local\{B92065AE-E8B2-430D-B2A3-5946B677E5A7} 2011-06-18 11:17 . 2011-06-18 11:17 -------- d-----w- c:\users\Pieter\AppData\Local\{15A1D71C-376A-4A5C-AFB1-592E9D60AD73} 2011-06-18 09:55 . 2011-06-18 09:57 -------- d-----w- c:\program files\Common Files\Adobe 2011-06-17 11:16 . 2011-06-17 23:16 -------- d-----w- c:\users\Pieter\AppData\Local\{C2C2395D-1E36-41D9-8F7A-F31989F28C41} 2011-06-16 23:36 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2011-06-16 23:36 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-06-16 23:36 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-06-16 19:14 . 2011-06-16 19:14 -------- d-----w- c:\users\Pieter\AppData\Local\{FDD41814-2DC6-4BD3-ABB4-269A3317384F} 2011-06-16 16:09 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys 2011-06-16 16:09 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys 2011-06-16 16:09 . 2011-04-29 13:25 146432 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-06-16 16:09 . 2011-04-29 13:25 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-06-16 16:09 . 2010-12-20 16:35 563712 ----a-w- c:\windows\system32\oleaut32.dll 2011-06-16 16:09 . 2011-05-02 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-06-16 16:09 . 2011-04-29 13:24 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-06-16 16:09 . 2011-04-29 13:24 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-06-16 16:09 . 2011-04-29 13:24 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-06-16 16:09 . 2011-05-02 17:16 739328 ----a-w- c:\windows\system32\inetcomm.dll 2011-06-16 07:13 . 2011-06-16 07:13 -------- d-----w- c:\users\Pieter\AppData\Local\{2E939C84-7705-4AFB-8C1F-8057070CA195} 2011-06-15 07:24 . 2011-06-15 07:24 -------- d-----w- c:\users\Pieter\AppData\Local\{C5680D14-F078-4593-B6FA-9137D1990066} 2011-06-14 07:22 . 2011-06-14 19:23 -------- d-----w- c:\users\Pieter\AppData\Local\{B01A34CA-1A2C-4875-8DEA-9D80036ED7E7} 2011-06-11 10:11 . 2011-06-11 10:11 -------- d-----w- c:\users\Pieter\AppData\Local\{2BBB58D2-1EF6-4B00-9012-E760EEF9428B} 2011-06-10 22:10 . 2011-06-10 22:10 -------- d-----w- c:\users\Pieter\AppData\Local\{B49EC8E8-34E8-44C5-AF03-5689EA649476} 2011-06-09 09:23 . 2011-06-09 21:23 -------- d-----w- c:\users\Pieter\AppData\Local\{86B0A64E-9785-4326-9C50-2FFC12F7DA6D} 2011-06-08 21:22 . 2011-06-08 21:22 -------- d-----w- c:\users\Pieter\AppData\Local\{C4F36AA7-59B7-4019-959F-086A484D6442} 2011-06-08 08:33 . 2011-06-08 08:33 -------- d-----w- c:\users\Pieter\AppData\Local\{07FE1D49-8548-4ACE-8F63-BD3F05F0AE14} 2011-06-07 20:32 . 2011-06-07 20:32 -------- d-----w- c:\users\Pieter\AppData\Local\{279AFEC8-305F-45A7-84F2-122F1BADB3EE} 2011-06-07 20:01 . 2011-06-07 20:01 -------- d-----w- c:\program files\Common Files\Java 2011-06-07 08:31 . 2011-06-07 08:32 -------- d-----w- c:\users\Pieter\AppData\Local\{6CCC31D0-C672-4E95-9FAD-B1982381AF2A} 2011-06-06 20:31 . 2011-06-06 20:31 -------- d-----w- c:\users\Pieter\AppData\Local\{96950192-395D-4344-AC8C-35222EC4AF4A} 2011-06-06 10:55 . 2011-06-06 10:55 183696 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll 2011-06-06 08:30 . 2011-06-06 08:30 -------- d-----w- c:\users\Pieter\AppData\Local\{D8CC2A65-2473-4C0D-A35F-504F208BE701} 2011-06-05 14:09 . 2011-06-05 14:10 -------- d-----w- c:\users\Pieter\AppData\Local\{42C7171C-82FF-4791-9D9B-FE7F839BC03E} 2011-06-01 08:47 . 2011-06-01 08:47 -------- d-----w- c:\users\Pieter\AppData\Local\{AB05632B-993F-498A-A684-21EFCB5F3E4F} . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-30 12:13 . 2010-03-19 11:00 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-06-22 08:52 . 2010-12-22 08:27 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-06-22 08:52 . 2010-12-22 08:27 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-06-17 02:51 . 2011-05-17 16:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-04 02:52 . 2010-05-18 10:08 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-06-28 13:44 . 2011-03-23 12:12 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\users\Pieter\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\users\Pieter\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\users\Pieter\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-11-10 4240760] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-03 13556256] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-03 92704] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-06-22 273544] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-10-1 813584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-10-09 15:47 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart] 2008-11-09 12:05 102400 ----a-w- c:\program files\Synaptics\SynTP\SynTPStart.exe . R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-14 135664] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640] R3 FNETTBOH;FNETTBOH;c:\windows\system32\drivers\FNETTBOH.SYS [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-14 135664] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-05-29 39984] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-06-20 64512] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-05-16 32256] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-05-29 22712] S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2011-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-09-14 21:17] . 2011-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-09-14 21:17] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mStart Page = hxxp://www.foozir.com/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html TCP: DhcpNameServer = 10.0.0.138 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - FF - ProfilePath - c:\users\Pieter\AppData\Roaming\Mozilla\Firefox\Profiles\burkxsze.default\ FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4b1008df&v=6.103.018.001&i=23&tp=ab&iy=&ychte=nl&lng=nl&q= FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . HKLM-Run-SmartSoft PDF Printer (demo) Agent - d:\smart pdf creator\sspdfagentd.exe HKLM-Run-SmartSoft PDF Printer (demo) virtual printer agent - d:\smart pdf creator\sspdfagentd.exe MSConfigStartUp-GBMLite8AgentLaCie - c:\program files\LaCie\Genie Backup Assistant\GBMAgent.exe MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe AddRemove-AVerMedia A310 (MiniCard, DVB-T) - c:\program files\AVerMedia\AVerMedia A310 (MiniCard AddRemove-EAP - c:\program files\EAP1\DeIsL1.isu . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-06-30 17:15 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2011-06-30 17:20:48 ComboFix-quarantined-files.txt 2011-06-30 15:20 . Pre-Run: 37.715.070.976 bytes beschikbaar Post-Run: 37.428.203.520 bytes beschikbaar . - - End Of File - - 072F150C60BE904A1D1A2F794AE66D52
Link naar reactie
  • 0
Beste Abraham54, Excuses, hier het volgende log: ComboFix 11-06-30.03 - Pieter 30-06-2011 20:25:19.4.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.31.1043.18.1278.629 [GMT 2:00] Gestart vanuit: c:\users\Pieter\Desktop\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-05-28 to 2011-06-30 )))))))))))))))))))))))))))))) . . 2011-06-30 18:35 . 2011-06-30 18:35 -------- d-----w- c:\users\Pieter\AppData\Local\temp 2011-06-30 18:35 . 2011-06-30 18:35 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-06-30 14:59 . 2011-06-30 18:22 -------- d-----w- C:\32788R22FWJFW 2011-06-30 11:40 . 2011-06-30 11:40 -------- d-----w- c:\users\Pieter\AppData\Roaming\Malwarebytes 2011-06-30 11:40 . 2011-06-30 11:40 -------- d-----w- c:\programdata\Malwarebytes 2011-06-30 11:17 . 2011-06-30 11:17 -------- d-----w- c:\users\Pieter\AppData\Local\{30FC340F-875C-4695-973D-63A2F7F609A1} 2011-06-30 10:41 . 2011-06-30 10:41 -------- d-----w- c:\users\Pieter\AppData\Local\{4101C213-CF39-4504-A9CD-573FAAC75DF0} 2011-06-29 07:17 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll 2011-06-29 07:00 . 2011-06-30 10:47 -------- d-----w- c:\users\Pieter\AppData\Local\MediaGet2 2011-06-29 06:51 . 2011-06-29 18:53 -------- d-----w- c:\users\Pieter\AppData\Local\{8D63C0A3-679D-4760-AC36-03BA5F341254} 2011-06-28 21:42 . 2011-06-28 21:43 -------- d-----w- c:\programdata\TorrentEasy 2011-06-28 13:44 . 2011-06-28 13:44 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-06-28 13:44 . 2011-06-28 13:44 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-06-28 05:35 . 2011-06-28 17:36 -------- d-----w- c:\users\Pieter\AppData\Local\{45FA7463-C259-447A-94CC-C0F730F163B4} 2011-06-27 11:23 . 2011-06-27 11:23 -------- d-----w- c:\users\Pieter\AppData\Local\{5CCA7C36-45B7-4248-8DD9-7475116F0D6B} 2011-06-26 17:44 . 2011-06-26 17:45 -------- d-----w- c:\users\Pieter\AppData\Local\{D1B4523A-AB4B-47A3-8027-82F3C101F534} 2011-06-25 07:44 . 2011-06-25 07:44 -------- d-----w- c:\users\Pieter\AppData\Local\{2EDD53DE-1E87-440A-826D-569F512A43FB} 2011-06-24 19:39 . 2011-06-24 19:39 -------- d-----w- c:\users\Pieter\AppData\Local\{3C2ABD11-4AD3-4FC4-A477-8FCD01703141} 2011-06-24 07:38 . 2011-06-24 07:38 -------- d-----w- c:\users\Pieter\AppData\Local\{4747C671-F6B1-4586-BDE5-25C4E905CFB0} 2011-06-23 09:17 . 2011-06-23 09:18 -------- d-----w- c:\users\Pieter\AppData\Local\{412F8F8C-91A8-4264-8139-DA0722B36B42} 2011-06-22 21:17 . 2011-06-22 21:17 -------- d-----w- c:\users\Pieter\AppData\Local\{4CC1E4DD-7755-4991-9024-3C452577219B} 2011-06-22 08:57 . 2011-06-22 08:57 -------- d-----w- c:\program files\Common Files\xing shared 2011-06-22 08:33 . 2011-06-22 08:33 -------- d-----w- c:\users\Pieter\AppData\Local\{52D0C98D-51C0-4A52-B241-BAC6D50AE103} 2011-06-21 08:32 . 2011-06-21 20:33 -------- d-----w- c:\users\Pieter\AppData\Local\{6F6E29A1-A26F-45DF-A314-E6536085EADC} 2011-06-20 12:01 . 2011-06-20 12:01 -------- d-----w- c:\users\Pieter\AppData\Local\{E41CB9DB-AD82-4E17-A29E-594D8A2C9BCC} 2011-06-19 21:01 . 2011-06-19 21:01 -------- d-----w- c:\users\Pieter\AppData\Local\{F149C433-31BD-47F8-9146-C9043FB752F8} 2011-06-19 08:09 . 2011-06-19 08:09 -------- d-----w- c:\users\Pieter\AppData\Local\{022473C4-8D10-4DD5-A7F2-1360397F247D} 2011-06-18 23:17 . 2011-06-18 23:17 -------- d-----w- c:\users\Pieter\AppData\Local\{B92065AE-E8B2-430D-B2A3-5946B677E5A7} 2011-06-18 11:17 . 2011-06-18 11:17 -------- d-----w- c:\users\Pieter\AppData\Local\{15A1D71C-376A-4A5C-AFB1-592E9D60AD73} 2011-06-18 09:55 . 2011-06-18 09:57 -------- d-----w- c:\program files\Common Files\Adobe 2011-06-17 11:16 . 2011-06-17 23:16 -------- d-----w- c:\users\Pieter\AppData\Local\{C2C2395D-1E36-41D9-8F7A-F31989F28C41} 2011-06-16 23:36 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2011-06-16 23:36 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-06-16 23:36 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-06-16 19:14 . 2011-06-16 19:14 -------- d-----w- c:\users\Pieter\AppData\Local\{FDD41814-2DC6-4BD3-ABB4-269A3317384F} 2011-06-16 16:09 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys 2011-06-16 16:09 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys 2011-06-16 16:09 . 2011-04-29 13:25 146432 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-06-16 16:09 . 2011-04-29 13:25 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-06-16 16:09 . 2010-12-20 16:35 563712 ----a-w- c:\windows\system32\oleaut32.dll 2011-06-16 16:09 . 2011-05-02 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-06-16 16:09 . 2011-04-29 13:24 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-06-16 16:09 . 2011-04-29 13:24 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-06-16 16:09 . 2011-04-29 13:24 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-06-16 16:09 . 2011-05-02 17:16 739328 ----a-w- c:\windows\system32\inetcomm.dll 2011-06-16 07:13 . 2011-06-16 07:13 -------- d-----w- c:\users\Pieter\AppData\Local\{2E939C84-7705-4AFB-8C1F-8057070CA195} 2011-06-15 07:24 . 2011-06-15 07:24 -------- d-----w- c:\users\Pieter\AppData\Local\{C5680D14-F078-4593-B6FA-9137D1990066} 2011-06-14 07:22 . 2011-06-14 19:23 -------- d-----w- c:\users\Pieter\AppData\Local\{B01A34CA-1A2C-4875-8DEA-9D80036ED7E7} 2011-06-11 10:11 . 2011-06-11 10:11 -------- d-----w- c:\users\Pieter\AppData\Local\{2BBB58D2-1EF6-4B00-9012-E760EEF9428B} 2011-06-10 22:10 . 2011-06-10 22:10 -------- d-----w- c:\users\Pieter\AppData\Local\{B49EC8E8-34E8-44C5-AF03-5689EA649476} 2011-06-09 09:23 . 2011-06-09 21:23 -------- d-----w- c:\users\Pieter\AppData\Local\{86B0A64E-9785-4326-9C50-2FFC12F7DA6D} 2011-06-08 21:22 . 2011-06-08 21:22 -------- d-----w- c:\users\Pieter\AppData\Local\{C4F36AA7-59B7-4019-959F-086A484D6442} 2011-06-08 08:33 . 2011-06-08 08:33 -------- d-----w- c:\users\Pieter\AppData\Local\{07FE1D49-8548-4ACE-8F63-BD3F05F0AE14} 2011-06-07 20:32 . 2011-06-07 20:32 -------- d-----w- c:\users\Pieter\AppData\Local\{279AFEC8-305F-45A7-84F2-122F1BADB3EE} 2011-06-07 20:01 . 2011-06-07 20:01 -------- d-----w- c:\program files\Common Files\Java 2011-06-07 08:31 . 2011-06-07 08:32 -------- d-----w- c:\users\Pieter\AppData\Local\{6CCC31D0-C672-4E95-9FAD-B1982381AF2A} 2011-06-06 20:31 . 2011-06-06 20:31 -------- d-----w- c:\users\Pieter\AppData\Local\{96950192-395D-4344-AC8C-35222EC4AF4A} 2011-06-06 10:55 . 2011-06-06 10:55 183696 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll 2011-06-06 08:30 . 2011-06-06 08:30 -------- d-----w- c:\users\Pieter\AppData\Local\{D8CC2A65-2473-4C0D-A35F-504F208BE701} 2011-06-05 14:09 . 2011-06-05 14:10 -------- d-----w- c:\users\Pieter\AppData\Local\{42C7171C-82FF-4791-9D9B-FE7F839BC03E} 2011-06-01 08:47 . 2011-06-01 08:47 -------- d-----w- c:\users\Pieter\AppData\Local\{AB05632B-993F-498A-A684-21EFCB5F3E4F} . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-30 12:13 . 2010-03-19 11:00 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-06-22 08:52 . 2010-12-22 08:27 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-06-22 08:52 . 2010-12-22 08:27 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-06-17 02:51 . 2011-05-17 16:37 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-04 02:52 . 2010-05-18 10:08 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-06-28 13:44 . 2011-03-23 12:12 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\users\Pieter\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\users\Pieter\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- c:\users\Pieter\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-11-10 4240760] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-03 13556256] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-03 92704] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-06-22 273544] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-10-1 813584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-10-09 15:47 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart] 2008-11-09 12:05 102400 ----a-w- c:\program files\Synaptics\SynTP\SynTPStart.exe . R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-14 135664] R3 FNETTBOH;FNETTBOH;c:\windows\system32\drivers\FNETTBOH.SYS [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-14 135664] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-05-16 32256] S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2011-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-09-14 21:17] . 2011-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-09-14 21:17] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mStart Page = hxxp://www.foozir.com/ IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html TCP: DhcpNameServer = 10.0.0.138 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - FF - ProfilePath - c:\users\Pieter\AppData\Roaming\Mozilla\Firefox\Profiles\burkxsze.default\ FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4b1008df&v=6.103.018.001&i=23&tp=ab&iy=&ychte=nl&lng=nl&q= FF - prefs.js: network.proxy.type - 0 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-06-30 20:35 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(1668) c:\program files\Logitech\SetPoint\lgscroll.dll c:\users\Pieter\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll . Voltooingstijd: 2011-06-30 20:40:45 ComboFix-quarantined-files.txt 2011-06-30 18:40 ComboFix2.txt 2011-06-30 18:18 ComboFix3.txt 2011-06-30 15:20 . Pre-Run: 37.003.804.672 bytes beschikbaar Post-Run: 36.870.316.032 bytes beschikbaar . - - End Of File - - 8CC4E61B6D5425E286335CDCA4EF9D3C
Link naar reactie
  • 0
Hoi, ik denk al dat ik weet hoe mijn uitleg te verbeteren. Doe jij nu het volgende: [b:994363d5d3][url=http://www.eset.com/onlinescan/]Doe de ESET online scan (Klik).[/url][/b:994363d5d3] [list:994363d5d3] [*:994363d5d3]Klik op de knop [b:994363d5d3]ESET Online Scanner[/b:994363d5d3] [*:994363d5d3]Zet een vinkje bij [b:994363d5d3]YES, I accept the Terms of Use[/b:994363d5d3] [*:994363d5d3]Klik op [b:994363d5d3]Start[/b:994363d5d3] [*:994363d5d3]Sta het ActiveX control toe om te installeren. [*:994363d5d3]Klik op [b:994363d5d3]"Advanced settings"[/b:994363d5d3] [*:994363d5d3]Zet een vinkje bij de volgende opties: [list:994363d5d3][*:994363d5d3][b:994363d5d3]Remove found threats[/b:994363d5d3] [*:994363d5d3][b:994363d5d3]Scan archives[/b:994363d5d3] [*:994363d5d3][b:994363d5d3]Scan for potentially unwanted applications[/b:994363d5d3] [*:994363d5d3][b:994363d5d3]Scan for potentially unsafe applications[/b:994363d5d3] [*:994363d5d3][b:994363d5d3]Enable Anti-Stealth technology [/b:994363d5d3][/list:u:994363d5d3] [*:994363d5d3]Klik op [b:994363d5d3]Start[/b:994363d5d3] [*:994363d5d3]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld. [*:994363d5d3]Je mag het venster sluiten wanneer de scan klaar is. [*:994363d5d3]Gebruik [b:994363d5d3]Kladblok[/b:994363d5d3] om het logje te openen. Dit logje vind je in de lokatie C:\Program Files\EsetOnlineScanner\[b:994363d5d3]log.txt[/b:994363d5d3] [*:994363d5d3]Kopieer en plak de inhoud van dit logje in je volgende bericht.[/list:u:994363d5d3] N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller!
Link naar reactie
  • 0
ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK Dit is volgens mij niet het goede, dit heeft het programma aan gemaakt, maar niet nadat het klaar was. Het programma had niks gevonden, maakt het dan misschien geen log rapport aan? Of had het wel iets moeten vinden? Anders probeer ik het morgen nog een keer..
Link naar reactie
  • 0
Is AdobeFlashplayer wel in de nieuwste versie geïnstalleerd? http://get.adobe.com/nl/flashplayer/ Eerst met IE installeren - dat is dan de update voor Windows en IE; vervolgens ga je met FF weer naar adobe om de Flash-plug-in voor Firefox te doenloaden! Die installeer je daarna handmatig vauit de downloadmap.
Link naar reactie
  • 0
Ik gebruik inderdaag IE9, het vinkje bij ActiveX filtering was al weg, en als ik het er neer zet kan ik de ESET scan niet doen omdat het geblokkeerd word. De scan is dus geinstalleerd en gedaan voor en na de installatie van de AdopeFlashPlayer, echter beide keren kan ik geen log vinden van de scan..
Link naar reactie
  • 0
Hoi Burdy, AVG leunt bepaald zwaar op WIndows. Avast 6 Free heeft niet alleen hetzelfde aan boord als AVG maar nog meer. En bovendien, je merkt nauwelijks van de goede beveiliging! [url=http://www.av.eu/web/index.php?pageI...anguagecode=nl][b:5b3512936c]Downloadlink Avast 6 Free[/b:5b3512936c][/url] Laat Avast na updaten een volledige systeemscan doen en post daarna een nieuw Hijack This-log
Link naar reactie

Om een reactie te plaatsen, moet je eerst inloggen

Gast
Antwoord op deze vraag...

×   Geplakt als verrijkte tekst.   Herstel opmaak

  Er zijn maximaal 75 emoji toegestaan.

×   Je link werd automatisch ingevoegd.   Tonen als normale link

×   Je vorige inhoud werd hersteld.   Leeg de tekstverwerker

×   Je kunt afbeeldingen niet direct plakken. Upload of voeg afbeeldingen vanaf een URL in


×
×
  • Nieuwe aanmaken...