Ga naar inhoud

IMPEGA

Lid
  • Items

    22
  • Registratiedatum

  • Laatst bezocht

IMPEGA's prestaties

  1. Solved !!! Dank u voor de snelle en goede service !!!
  2. Na het scannen opent zich automatisch adobe reader met bovenstaand bericht. Ik heb niet de kans om het via kladblok te openen - - - Updated - - - txt is opgelost. Er is ergens een verkeerde koppeling ontstaan met txt file. # DelFix v10.2 - Logfile created 08/04/2013 at 18:29:15 # Updated 02/04/2013 by Xplode # Username : Lies - LIES-PC ~ Removing disinfection tools ... ~ Cleaning system restore ... Deleted : RP #301 [End of disinfection | 04/08/2013 16:24:32] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  3. Delfix scane done! Achteraf krijg ik wel een Adobe Reader bericht:Delfix.txt kan niet worden geopend omdat dit bestandstype niet wordt ondersteund of omdat het bestand is beschadigd (omdat het bv als e-mailbijlage is verzonden en niet correct is gecodeerd
  4. Ok, maandagavond ben ik weer thuis om verder te doen. Nog eens merci ... kheb wel het gevoel dat we er stilaan geraken
  5. Zoek.exe Version 4.0.0.2 Updated 05-April-2013 Tool run by Lies on za 06/04/2013 at 15:47:59,29. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Lies\AppData\Roaming\Mozilla\Firefox\Profiles\r87s9fc7.default\prefs.js: user_pref("browser.startup.homepage", "www.google.be"); user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); user_pref("browser.search.defaulturl", ""); user_pref("browser.search.defaultenginename", "qvo6"); user_pref("browser.search.defaultenginename,S", ""); user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); user_pref("browser.search.selectedEngine", ""); user_pref("browser.search.selectedEngine,S", ""); user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); user_pref("browser.search.order.1", "qvo6"); user_pref("browser.search.order.1,S", ""); user_pref("keyword.URL", "http://search.babylon.com/?affID=109986&babsrc=KW_ss&mntrId=bcd4939b000000000000002622631fb9&q="); user_pref("sweetim.toolbar.previous.keyword.URL", ""); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\Lies\AppData\Roaming\Mozilla\Firefox\Profiles\r87s9fc7.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\Lies\AppData\Roaming\Mozilla\Firefox\Profiles\r87s9fc7.default ---- Lines BabylonToolbar removed from prefs.js ---- user_pref("extensions.BabylonToolbar.prtkDS", 0); user_pref("extensions.BabylonToolbar.prtkHmpg", 0); user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109986"); user_pref("extensions.BabylonToolbar_i.hardId", "bcd4939b000000000000002622631fb9"); user_pref("extensions.BabylonToolbar_i.id", "bcd4939b000000000000002622631fb9"); user_pref("extensions.BabylonToolbar_i.instlDay", "15466"); user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); user_pref("extensions.BabylonToolbar_i.newTab", true); user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=109986&babsrc=NT_ss&mntrId=bcd4939b000000000000002622631fb9"); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:07:37"); ---- Lines BabylonToolbar modified from prefs.js ---- ---- Lines BabylonToolbar removed from user.js ---- user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109986"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar_i.id", "bcd4939b000000000000002622631fb9"); user_pref("extensions.BabylonToolbar_i.hardId", "bcd4939b000000000000002622631fb9"); user_pref("extensions.BabylonToolbar_i.instlDay", "15466"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:07:37"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); ---- Lines qvo6 removed from prefs.js ---- ---- Lines qvo6 modified from prefs.js ---- ---- Lines WebSearch removed from prefs.js ---- user_pref("extensions.toolbar.mindspark._5mMembers_.homepage", "http://home.mywebsearch.com/index.jhtml?ptb=0E3AAE7C-1A36-4663-9CDA-C867FBF0416F&n=77eda26c&ptnrS=ZUxpt175YYbe&si=CLaonNzM5LACFUYntAodxze8yQ"); ---- Lines WebSearch modified from prefs.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines SweetIM removed from prefs.js ---- user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); user_pref("sweetim.toolbar.searchguard.enable", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); ---- Lines SweetIM modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- user_20130604_1552_.backup prefs_20130604_1552_.backup ==== Batch Command(s) Run By Tool====================== C:\Windows\System32\roboot64.exe deleted successfully ==== Deleting Files \ Folders ====================== "C:\Windows\SysNative\roboot64.exe" not found "C:\user.js" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml" deleted "C:\user.js" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted "C:\Program Files (x86)\BrowseToSave" deleted "C:\Users\Lies\AppData\Roaming\eIntaller" deleted "C:\Users\Lies\AppData\Roaming\Babylon" deleted "C:\Users\Lies\AppData\Roaming\YoudaGames" deleted "C:\Users\Lies\AppData\Roaming\Systweak" deleted "C:\ProgramData\eSafe" deleted "C:\ProgramData\Partner" deleted "C:\ProgramData\SoftSafe" deleted "C:\ProgramData\InstallMate" deleted "C:\ProgramData\Babylon" deleted "C:\Users\Lies\AppData\Local\Babylon" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Lies\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2013-04-03 19:42:51 886B8021074DE010AD6AF053A1722632 420944 ----a-w- C:\Windows\SysWOW64\msvcp100.dll 2013-04-03 19:42:51 63F13A8C7D297EFD8166EBC39566A24F 773712 ----a-w- C:\Windows\SysWOW64\msvcr100.dll ====== C:\Windows\SysWOW64\drivers ===== 2013-03-31 19:08:52 732C8923749A526AB726D867FC9129AB 13608 ----a-w- C:\Windows\SysWOW64\drivers\MoborobAssDriver64.sys ====== C:\Windows\Sysnative ===== 2013-04-06 08:10:06 F448ADBEC1DD571CB9FD94887E7690E9 108448 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll ====== C:\Windows\Sysnative\drivers ===== 2013-04-03 20:44:02 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-04-01 09:57:43 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_ggsemc_01009.Wdf 2013-04-01 09:57:43 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_ggflt_01009.Wdf 2013-03-31 18:00:52 6B503DF845EABF3457E49FBBDA26C10E 27760 ----a-w- C:\Windows\Sysnative\drivers\ggsemc.sys 2013-03-31 18:00:51 16C2A6BCDDA8952C2035DEC861492A19 14448 ----a-w- C:\Windows\Sysnative\drivers\ggflt.sys 2013-03-31 17:55:52 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_WinUsb_01009.Wdf 2013-03-30 10:26:36 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-03-13 13:03:48 -------- d-----w- C:\Program Files\Microsoft Silverlight ======= C:\Program Files (x86) ===== 2013-03-31 19:08:37 -------- d-----w- C:\Program Files (x86)\Moborobo 2013-03-31 17:59:03 -------- d-----w- C:\Program Files (x86)\Sony Ericsson 2013-03-31 17:36:13 -------- d-----w- C:\Program Files (x86)\Common Files\Sony Shared 2013-03-31 17:34:37 -------- d-----w- C:\Program Files (x86)\Sony Media Go Install 2013-03-31 17:14:09 -------- d-----w- C:\Program Files (x86)\Sony 2013-03-13 13:03:48 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight ======= C: ===== 2013-04-03 20:37:18 199CF21E039A10A29D9AD54F73486338 10398 ----a-w- C:\AdwCleaner[R5].txt 2013-04-03 20:36:56 05D2745B2064CDB06223D6EF51EF73DE 10337 ----a-w- C:\AdwCleaner[R4].txt 2013-04-03 20:35:55 F262BED8D162034D08F8D03BAEF53395 10273 ----a-w- C:\AdwCleaner[R3].txt 2013-04-03 20:35:40 9EC22D53B86A5DB03DE51CF920B7E255 10212 ----a-w- C:\AdwCleaner[R2].txt 2013-04-03 20:34:50 34675A542941277B06A014479F36D771 10151 ----a-w- C:\AdwCleaner[R1].txt 2013-03-23 16:33:55 87A8AC905A8D4C9A3A1D9DB69B69D520 10256480 ----a-w- C:\nj.jpg ====== C:\Users\Lies\AppData\Roaming ====== 2013-04-03 20:43:52 -------- d-----w- C:\users\Lies\AppData\Local\Programs 2013-04-03 17:22:23 -------- d-----w- C:\users\Lies\AppData\Local\Xenocode 2013-03-31 17:36:18 -------- d-----w- C:\users\Lies\AppData\Local\Sony 2013-03-31 17:34:53 -------- d-----w- C:\users\Lies\AppData\Local\Downloaded Installations 2013-03-31 17:34:36 -------- d-----w- C:\users\Lies\AppData\Roaming\Sony 2013-03-15 16:12:32 -------- d-----w- C:\users\Lies\AppData\Local\Chromium ====== C:\Users\Lies ====== 2013-03-31 19:08:37 -------- d-----w- C:\ProgramData\Moborobo 2013-03-31 17:59:28 -------- d-----w- C:\ProgramData\Sony Ericsson 2013-03-31 17:36:41 -------- d-----w- C:\Users\Lies\Podcasts 2013-03-31 17:36:13 -------- d-----w- C:\ProgramData\Sony Corporation 2013-03-31 17:14:09 -------- d-----w- C:\ProgramData\Sony ====== C: exe-files == 2013-04-06 08:01:13 9C2FE0561CB31A762AE2A1EA74A6E121 33003424 ----a-w- C:\Users\Lies\Desktop\jre-7u17-windows-x64.exe 2013-04-03 21:16:09 57E626878D667E65127D1725279B0965 12384 ----atw- C:\Users\Lies\AppData\Local\Temp\{13A5014D-11A4-4F20-ADCB-5986C84623BB}\x86\regsvr32.exe 2013-04-03 21:16:09 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- C:\Users\Lies\AppData\Local\Temp\{13A5014D-11A4-4F20-ADCB-5986C84623BB}\x64\regsvr32.exe 2013-04-03 20:43:03 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Lies\Downloads\mbam-setup-1.70.0.1100.exe 2013-04-03 19:42:41 B6DF79993609D49DD949B7EFF9E18F69 1411664 ----a-w- C:\Users\Lies\AppData\Local\Temp\Desk365\eInstall\eInstall.exe 2013-04-03 17:22:23 1FADB5E128AB938AE07BFDC1EA876910 117248 ----a-w- C:\Users\Lies\AppData\Local\Xenocode\XSandbox\installAPK\1.0.0.0\2009.06.01T16.17\Virtual\MODIFIED\@PROGRAMFILES@\installAPK\installAPK.EXE 2013-04-01 09:53:16 6E0105823B4FE91632C9DA8314418417 655536 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe 2013-04-01 09:43:20 738FFA4D0DD95618A793BFF870780D28 183928 ----a-w- C:\ProgramData\Sony Ericsson\Update Engine\configuration\org.eclipse.osgi\bundles\89\1\.cp\lib\x64\DeviceRemover.exe 2013-04-01 08:22:04 C46257D70EA8326D72C5A4ED79C4601C 19752 ----a-w- C:\Program Files (x86)\Moborobo\FuncStaticPczs.exe 2013-04-01 08:22:04 0B443F8B221A1F4996628D9D26365A46 1277937 ----a-w- C:\Program Files (x86)\Moborobo\unins000.exe 2013-03-31 19:08:46 DCFB2F5DD98728785302260B10E3A80F 731432 ----a-w- C:\Program Files (x86)\Moborobo\update.exe 2013-03-31 19:08:42 DCFB2F5DD98728785302260B10E3A80F 731432 ----a-w- C:\Program Files (x86)\Moborobo\update\update.exe 2013-03-31 19:08:41 5B9277B9DB672E59B94E81D6D8F98507 76800 ----a-w- C:\Program Files (x86)\Moborobo\Common\Codes\faac.exe 2013-03-31 19:08:40 BEF52BDBC9FDCCE8820E73156EA5BB01 61440 ----a-w- C:\Program Files (x86)\Moborobo\Common\Codes\BeSweet.exe 2013-03-31 19:08:40 93FEA87EA9E64CD6E9EA8617AA2C587E 20904 ----a-w- C:\Program Files (x86)\Moborobo\wavstk.exe 2013-03-31 19:08:40 8026B6B24B4EC9F04A4072D8EE482C69 80680 ----a-w- C:\Program Files (x86)\Moborobo\NoticeWordUpdate.exe 2013-03-31 19:08:38 F7628F488950959E8A94AD599C63575D 71976 ----a-w- C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe 2013-03-31 19:08:38 EB9E6895D2CA548E647B287DD83483BC 752056 ----a-w- C:\Program Files (x86)\Moborobo\MoboroboDeviceNotice.exe 2013-03-31 19:08:38 DD55AB65C45DF5550E4F4F83FFE446C9 116520 ----a-w- C:\Program Files (x86)\Moborobo\iTunesKbHelper.exe 2013-03-31 19:08:38 AB9FF234A263E45B527A9C7D13E14200 81704 ----a-w- C:\Program Files (x86)\Moborobo\Moborobo PC Suite.exe 2013-03-31 19:08:37 C5C7F519BBD1B8999B7BCB25F6B34DAC 485672 ----a-w- C:\Program Files (x86)\Moborobo\Moborobo.exe 2013-03-31 19:08:37 2EF068E0C4E7C2191B727ABFCBB66880 821544 ----a-w- C:\Program Files (x86)\Moborobo\AndroidInterface.exe 2013-03-31 17:59:35 83957520224D1C8441988C5F403A3606 191608 ----a-w- C:\ProgramData\Sony Ericsson\Update Engine\configuration\org.eclipse.osgi\bundles\91\1\.cp\lib\x64\DriverInstaller.exe 2013-03-31 17:38:33 AF0F4824911C46AE517148051545FC67 84992 ----a-w- C:\Program Files (x86)\Sony\Sony PC Companion\Pexplore.exe 2013-03-31 17:35:21 0011A27DEBC94A4D04D0208381412677 23584360 ----a-w- C:\Program Files (x86)\Sony Media Go Install\B64072D6-3955-4ce6-BB4F-BDA62E58EEA1\sdkupdate.exe 2013-03-31 17:14:10 CD306F302AE7955BCD3347ACB825B373 447152 ----a-w- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe 2013-03-31 17:14:10 9C88D70C1F8136452C7C46C3D57DEAD6 106160 ----a-w- C:\Program Files (x86)\Sony\Sony PC Companion\rpshell.exe 2013-03-31 17:14:10 3A4F2C0BB87A0895ABEBA341AA1E341B 155824 ----a-w- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe 2013-03-31 17:14:10 14AB31B4F673A3AF348A40B20BB2F587 70832 ----a-w- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe 2013-03-31 17:14:09 578CC14A972EBE6B1FAE1A19AF1D3AE8 49152 ----a-w- C:\Program Files (x86)\Sony\Sony PC Companion\AvqBtEnum.exe === C: other files == 2013-04-03 20:44:02 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-31 19:08:52 732C8923749A526AB726D867FC9129AB 13608 ----a-w- C:\Windows\SysWOW64\drivers\MoborobAssDriver64.sys 2013-03-31 19:08:38 732C8923749A526AB726D867FC9129AB 13608 ----a-w- C:\Program Files (x86)\Moborobo\MoboroboAssDriver64.sys 2013-03-31 19:08:38 4F534ACBA8E27AA2F6337D6EFEF173D1 12072 ----a-w- C:\Program Files (x86)\Moborobo\MoboroboAssDriver.sys 2013-03-31 18:00:52 6B503DF845EABF3457E49FBBDA26C10E 27760 ----a-w- C:\Windows\System32\drivers\ggsemc.sys 2013-03-31 18:00:51 16C2A6BCDDA8952C2035DEC861492A19 14448 ----a-w- C:\Windows\System32\drivers\ggflt.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles(x86)%\Windows Sidebar\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles(x86)%\Windows Sidebar\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-963788649-3157601562-336401128-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe" "AVG_TRAY"="C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "AVG9_TRAY"="C:\PROGRA~2\AVG\AVG9\avgtray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acer ePower Management] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Acer ePower Management" "hkey"="HKLM" "command"="C:\\Program Files\\Acer\\Acer ePower Management\\ePowerTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Apoint] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Apoint" "hkey"="HKLM" "command"="C:\\Program Files\\Apoint2K\\Apoint.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeDeluxeAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ArcadeDeluxeAgent" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecLiveUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisTecLiveUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec Egis Software Update\\EgisUpdate.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Global Registration] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Global Registration" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Acer\\Registration\\GREG.exe\" BOOT" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HotKeysCmds" "hkey"="HKLM" "command"="C:\\Windows\\system32\\hkcmd.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAAnotif] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IAAnotif" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IgfxTray" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxtray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LManager" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mwlDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mwlDaemon" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\EgisTec\\MyWinLocker 3\\x86\\mwlDaemon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroFilterCheck" "hkey"="HKLM" "command"="C:\\Windows\\system32\\NeroCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pando Media Booster] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Pando Media Booster" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Pando Networks\\Media Booster\\PMB.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Persistence" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxpers.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlayMovie] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PlayMovie" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Acer Arcade Deluxe\\PlayMovie\\PMVService.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PLFSetI] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PLFSetI" "hkey"="HKLM" "command"="C:\\Windows\\PLFSetI.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RtHDVCpl" "hkey"="HKLM" "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Steam" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Valve\\Steam\\\\Steam.exe -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\hpoddt01.exe.lnk" "backup"="C:\\Windows\\pss\\hpoddt01.exe.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\HEWLET~1\\DIGITA~1\\bin\\hpotdd01.exe " "item"="hpoddt01.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk" "backup"="C:\\Windows\\pss\\Microsoft Office.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\MICROS~1\\Office10\\OSA.EXE -b -l" "item"="Microsoft Office" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/03/2013 08:34] C:\Windows\tasks\ROC_REG_JAN_DELETE.job --a------ [undertermined Task] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Lies\AppData\Roaming\Mozilla\Firefox\Profiles\r87s9fc7.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Lies\AppData\Roaming\Mozilla\Firefox\Profiles\r87s9fc7.default 47299371607DC2FB234444EEACB1639E - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash E2CCA1B3BA59949AE16EC587E89A09BA - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx[26/07/2012 03:23] ndibdjnfmopecpmkdieinmbadjfpblof - C:\Program Files (x86)\AVG\AVG2012\Chrome\donottrack.crx[20/04/2012 06:18] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-963788649-3157601562-336401128-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_USERS\S-1-5-21-963788649-3157601562-336401128-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Public\Desktop\Media Go.lnk - C:\Program Files (x86)\Sony\Media Go\MediaGo.exe C:\Users\Public\Desktop\Moborobo.lnk - C:\Program Files (x86)\Moborobo\Moborobo.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Qvo6.com C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com C:\Users\Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com C:\Users\Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moborobo\Moborobo.lnk - C:\Program Files (x86)\Moborobo\Moborobo.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moborobo\Uninstall Moborobo.lnk - C:\Program Files (x86)\Moborobo\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Media Go\Media Go.lnk - C:\Program Files (x86)\Sony\Media Go\MediaGo.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Verwijderen.lnk - C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe -uninst -runfromtemp ==== shortcuts in Quick Launch ====================== C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Qvo6.com ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Lies\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Lies\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Lies\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Lies\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found - - - Updated - - - Na de heropstart die het logbestand opleverde van zoek.exe en vervolgens het opnieuw openen van Firefox om de log hier op het forum te posten, lijkt het mij al of alles weer normaal is. In ieder geval geen Qvo6 qstartpagina meer!
  6. 2 logbestanden op datum van 06/04 van malwarebytes Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.04.06.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Lies :: LIES-PC [administrator] Bescherming: Ingeschakeld 6/04/2013 10:11:21 mbam-log-2013-04-06 (10-11-21).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 210114 Verstreken tijd: 5 minuut/minuten, 24 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Windows\System32\user32.dat (Trojan.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\SysWOW64\user32.dat (Trojan.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) 2013/04/06 09:11:57 +0200 LIES-PC Lies MESSAGE Executing scheduled update: Daily 2013/04/06 09:11:58 +0200 LIES-PC Lies ERROR Scheduled update failed: No address found failed with error code 0 2013/04/06 09:12:03 +0200 LIES-PC Lies MESSAGE Starting protection 2013/04/06 09:12:03 +0200 LIES-PC Lies MESSAGE Protection started successfully 2013/04/06 09:12:03 +0200 LIES-PC Lies MESSAGE Starting IP protection 2013/04/06 09:12:32 +0200 LIES-PC Lies MESSAGE IP Protection started successfully 2013/04/06 10:07:27 +0200 LIES-PC Lies MESSAGE Starting protection 2013/04/06 10:07:27 +0200 LIES-PC Lies MESSAGE Protection started successfully 2013/04/06 10:07:27 +0200 LIES-PC Lies MESSAGE Starting IP protection 2013/04/06 10:07:59 +0200 LIES-PC Lies MESSAGE IP Protection started successfully 2013/04/06 10:10:53 +0200 LIES-PC Lies MESSAGE Starting database refresh 2013/04/06 10:10:53 +0200 LIES-PC Lies MESSAGE Stopping IP protection 2013/04/06 10:10:55 +0200 LIES-PC Lies MESSAGE IP Protection stopped successfully 2013/04/06 10:10:59 +0200 LIES-PC Lies MESSAGE Database refreshed successfully 2013/04/06 10:10:59 +0200 LIES-PC Lies MESSAGE Starting IP protection 2013/04/06 10:11:19 +0200 LIES-PC Lies MESSAGE IP Protection started successfully 2013/04/06 10:31:04 +0200 LIES-PC Lies MESSAGE Starting protection 2013/04/06 10:31:04 +0200 LIES-PC Lies MESSAGE Protection started successfully 2013/04/06 10:31:04 +0200 LIES-PC Lies MESSAGE Starting IP protection 2013/04/06 10:31:44 +0200 LIES-PC Lies MESSAGE IP Protection started successfully Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:36:44, on 6/04/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\Lies\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing) O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles(x86)%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles(x86)%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Free E-mail Scanner (avg9emc) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (file missing) O23 - Service: AVG Free WatchDog (avg9wd) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8932 bytes (Qvo6 opent zich nog steeds als startpagina)
  7. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:55:07, on 5/04/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Lies\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles(x86)%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles(x86)%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O20 - AppInit_DLLs: c:\progra~2\browse~1\sprote~1.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Free E-mail Scanner (avg9emc) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (file missing) O23 - Service: AVG Free WatchDog (avg9wd) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9463 bytes
  8. Ok merci alvast ! Zal dit morgenavond doen aangezien ik dan pas terug thuis ben. Deze restore via HJT is dus ook nodig om een analyse te kunnen doen van het Qvo6 virus neem ik aan? Want hoewel ik nu dus zowel juiste als foute items heb verwijderd via HJT, heb ik op het eerste zicht geen problemen gemerkt wat betreft de werking van de laptop.
  9. Ik heb hijackthis als administrator uitgevoerd, een systemscan gedaan en daarna alles aangevinkt en verwijderd. Toen de laptop opnieuw opgestart in de hoop dat het probleem al zou opgelost zijn. Was niet het geval dus opnieuw een systemscan gedaan en daarvan het resultaat hier gepost.
  10. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:05:08, on 4/04/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Lies\Downloads\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AVG Free E-mail Scanner (avg9emc) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (file missing) O23 - Service: AVG Free WatchDog (avg9wd) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (file missing) O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 5128 bytes
  11. Beste Ik heb deze avond op een of andere manier het Qvo6 virus binnengehaald. Heb al op verschillende manieren proberen te verwijderen na opzoeking op internet en doorlopen vd voorgeschreven stappen ... manueel en met enkele virusscanners (malwarebytes anti malwares en Hijackthis). Toch elke keer als ik IE of Firefox opstart, blijf ik opnieuw uitkomen op Qvo6 als startpagina. Wie kan mij helpen? Grtz
  12. Besten Ik heb een poworcolor hd 6870 kaart met één hdmi en 2 DVI aansluitingen. Heb mijn scherm altijd aangesloten met een dvi kabel naar de 3d kaart. Werkte perfect. Onlangs problemen gehad met mijn scherm en onder garantie een nieuw gekregen ... net hetzelfde ... Philips brillance HD scherm. Ik krijg dit nu enkel aangesloten met een HDMI kabel (geen beeld via DVI). Dus dacht ik dat mijn DVI kabel stuk was ... dus een nieuwe gekocht => een DVI - dual. Probleem: Bij aansluiten van de DVI naar scherm (geen van beide slots) krijg ik een signaal naar mijn scherm. Scherm geeft aan "no signal input" en valt na verloop van tijd uit. Aangezien het scherm en de 3d kaart en de kabel pas nieuw zijn vermoed ik niet dat het hieraan kan liggen. (Als ik switch naar HDMI werkt wel alles) Heb op het scherm, het schermmenu ook al handmatig omgezet van hdmi naar dvi en ook dit werkt niet. Kan ik nog ergens bij mijn 3d kaart instellingen iets veranderen (gva, hdmi of dvi)? Of waar kan het nog aan liggen?
  13. Beste Ik drum al sinds jaar en dag live mee met mijn oude stereoset. Deze heeft het onlangs begeven. Nu zoek ik een manier om te kunnen meedrummen met de muziek die op mijn pc staat (aangezien hier de meeste muziek op staat.) Let wel ik moet zeker een hoog volume kunnen halen en de muziek moet redelijk van kwaliteit blijven. Ik zou mezelf graag voorzien van 2 speakers ... één links en één rechts van mij geposteerd. Budget wil ik niet boven de 250 euro gaan ... heb al eens zitten kijken op Musicstore en denk hiermee toe te komen. Zelf dacht ik 2 actieve luidsprekers te kopen. Zodat ik het volume ook nog kan bijregelen ad box zelf. Nu maak ik mij de volgende bedenking ... Wat is het verschil tussen actieve monitors en actieve luidsprekers en welke zijn het meest geschikt? Hoe sluit ik deze aan op mijn pc? ik heb een ASROCK890CX Extreme3 Moederbord? Kunnen jullie een set voorstellen of hebben jullie nog andere voorstellen? thanx
  14. Beste Mijn ouders hebben via Belgacom ADSL het Internet Intense pakket. Als ik zowat rondkijk zijn de snelheden volgens Belgacom 30 Mbps download en 4 Mbps upload. Tijdens het downloaden halen wij hoogstens snelheden van 800 KB/s. Nu hebben wij hier wel al sinds 2005 een Technicolor/Thomson SPeedtouch 510i. DSL Router. Kan het zijn dat deze de snelheden beperkt? Deze info vind ik op het net over de Router ... The SpeedTouch 510 is an ADSL1/2/2+ router with one RJ-11 WAN port and four 10/100Mbps LAN ports. This router supports VPN pass-through for IPSec and PPTP. It features a built-in SPI firewall to protect the network against hackers and Denial of Service (DoS) attacks. The router can be easily configured via Web-based configuration utility or SNMP v.1. Bedankt
  15. Heb het gevonden! Kan blijkbaar via 'toets ondertitels' ook op negatieve waarden worden ingesteld waardoor kleiner!
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.