Ga naar inhoud

Hotebar.com

Gast asdfasdf

Door Gast asdfasdf
in Archief Bestrijding malware & virussen

 Delen

Aanbevolen berichten

Gast asdfasdf

Gast asdfasdf

Geplaatst:
Geplaatst:

Mijn logje van ComboFix!

ComboFix 10-06-24.03 - Eigenaar 25-06-2010 17:54:17.1.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.446.166 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Harm\Mijn documenten\Downloads\ComboFix.exe

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\Need2Find

c:\program files\Need2Find\bar\1.bin\N2FFXTBR.JAR

c:\program files\Need2Find\bar\1.bin\N2NTSTBR.JAR

c:\program files\Need2Find\bar\1.bin\PARTNER.DAT

c:\program files\Need2Find\bar\Cache\0002D20B

c:\program files\Need2Find\bar\Cache\0069D802

c:\program files\Need2Find\bar\Cache\006A28E1

c:\program files\Need2Find\bar\Cache\files.ini

c:\program files\Need2Find\bar\History\search

c:\program files\Need2Find\bar\Settings\prevcfg.htm

c:\windows\Fonts\acrsec.fon

c:\windows\winhelp.ini

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_BrowserZinc Service

(((((((((((((((((((( Bestanden Gemaakt van 2010-05-25 to 2010-06-25 ))))))))))))))))))))))))))))))

.

2010-06-25 07:13 . 2010-06-25 07:13 -------- d--h--r- c:\documents and settings\Harm\Onlangs geopend

2010-06-25 07:09 . 2010-06-25 07:09 -------- d--h--r- c:\documents and settings\Eigenaar\Onlangs geopend

2010-06-25 06:57 . 2010-06-25 06:57 0 ----a-w- c:\documents and settings\Eigenaar\jagex__preferences3.dat

2010-06-25 06:40 . 2010-06-25 06:40 -------- d-----w- c:\program files\SystemRequirementsLab

2010-06-25 06:40 . 2010-06-25 06:40 85504 ----a-w- c:\documents and settings\Eigenaar\Application Data\SystemRequirementsLab\srlproxy_cyri_4.1.71.0A.dll

2010-06-25 06:40 . 2010-06-25 06:40 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\SystemRequirementsLab

2010-06-23 12:15 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-06-23 12:15 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-06-21 15:24 . 2010-06-21 15:24 388096 ----a-r- c:\documents and settings\Eigenaar\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-06-21 15:24 . 2010-06-21 15:24 -------- d-----w- c:\program files\Trend Micro

2010-06-16 18:56 . 2010-06-16 18:56 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll

2010-06-16 18:56 . 2010-06-16 18:56 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe

2010-06-16 18:56 . 2010-06-16 18:50 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll

2010-06-16 18:56 . 2010-06-16 18:50 895256 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe

2010-06-16 18:56 . 2010-06-16 18:56 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe

2010-06-16 18:56 . 2010-06-16 18:56 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe

2010-06-16 18:56 . 2010-06-16 18:56 57715 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe

2010-06-16 18:56 . 2010-06-17 20:34 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\DivX

2010-06-16 18:51 . 2010-06-16 18:56 -------- d-----w- c:\program files\DivX

2010-06-16 18:50 . 2010-06-16 18:56 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX

2010-06-11 17:37 . 2010-06-11 17:37 -------- d-----w- c:\documents and settings\Harm\Local Settings\Application Data\HP

2010-06-09 22:03 . 2010-05-06 10:36 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2010-06-03 14:14 . 2010-06-03 14:14 -------- d-----w- c:\documents and settings\Harm\Application Data\ijjigame

2010-06-02 16:48 . 2010-06-23 12:15 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Lavasoft

2010-05-28 00:09 . 2010-05-28 00:09 41872 ----a-w- c:\windows\system32\xfcodec.dll

2010-05-27 16:50 . 2010-05-27 16:56 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Xfire

2010-05-27 14:51 . 2010-06-06 08:37 -------- d-----w- c:\documents and settings\Harm\Application Data\Xfire

2010-05-27 14:51 . 2010-06-07 13:22 -------- d-----w- c:\program files\Xfire

2010-05-27 13:52 . 2010-05-27 14:48 -------- d-----w- c:\documents and settings\Harm\Application Data\uTorrent

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-06-25 07:07 . 2010-02-10 14:03 99 ----a-w- c:\documents and settings\Eigenaar\jagex_runescape_preferences2.dat

2010-06-25 07:03 . 2010-02-10 14:02 46 ----a-w- c:\documents and settings\Eigenaar\jagex_runescape_preferences.dat

2010-06-24 15:28 . 2008-06-20 17:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater

2010-06-23 19:45 . 2004-08-04 12:00 86370 ----a-w- c:\windows\system32\perfc013.dat

2010-06-23 19:45 . 2004-08-04 12:00 499244 ----a-w- c:\windows\system32\perfh013.dat

2010-06-23 12:46 . 2010-05-20 20:19 -------- d-----w- c:\program files\Internet Content Assistant

2010-06-23 12:46 . 2010-05-20 20:18 -------- d-----w- c:\program files\Customized Web Management

2010-06-23 12:46 . 2010-05-20 20:17 -------- d-----w- c:\program files\Advanced Access Controller

2010-06-23 12:46 . 2010-05-20 20:17 -------- d-----w- c:\program files\Count Access Advancer

2010-06-23 12:46 . 2010-05-20 20:17 -------- d-----w- c:\program files\Automated Result Operator

2010-06-23 12:43 . 2010-05-20 20:18 -------- d-----w- c:\program files\Internet Connection Wizard

2010-06-23 12:43 . 2010-05-20 20:17 -------- d-----w- c:\program files\Common Files\Count Access Advancer

2010-06-23 12:16 . 2010-04-25 11:50 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2010-06-23 12:16 . 2008-02-07 09:44 -------- d-----w- c:\program files\SUPERAntiSpyware

2010-06-23 12:15 . 2010-05-07 13:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-06-23 12:13 . 2008-06-08 13:44 -------- d-----w- c:\program files\Virtools Web Player 2.5

2010-06-11 12:03 . 2010-04-25 11:43 -------- d-----w- c:\documents and settings\Harm\Application Data\Lavasoft

2010-06-10 07:31 . 2008-03-13 20:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2010-06-05 18:19 . 2006-09-09 11:48 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-06-05 13:41 . 2009-09-21 16:38 -------- d-----w- c:\program files\Microsoft Silverlight

2010-06-03 14:11 . 2010-06-03 14:11 -------- d-----w- c:\program files\ijji

2010-05-31 15:56 . 2008-11-04 15:02 -------- d-----w- c:\program files\CCleaner

2010-05-27 14:55 . 2010-05-19 18:28 63488 ----a-w- c:\documents and settings\Harm\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

2010-05-27 14:55 . 2010-04-25 12:16 117760 ----a-w- c:\documents and settings\Harm\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

2010-05-27 13:53 . 2010-02-17 18:50 -------- d-----w- c:\program files\uTorrent

2010-05-24 18:45 . 2010-05-24 18:45 -------- d-----w- c:\program files\Defraggler

2010-05-23 12:43 . 2008-06-22 10:59 664 ----a-w- c:\windows\system32\d3d9caps.dat

2010-05-21 16:20 . 2010-04-07 15:51 -------- d-----w- c:\documents and settings\Harm\Application Data\TS3Client

2010-05-21 14:29 . 2010-05-20 20:17 -------- d-----w- c:\program files\GamezJoint Toolbar

2010-05-21 11:35 . 2006-12-28 19:52 -------- d-----w- c:\program files\Google

2010-05-08 09:47 . 2009-10-18 17:05 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\vlc

2010-05-07 13:49 . 2010-05-07 13:49 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Malwarebytes

2010-05-07 13:48 . 2010-05-07 13:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-05-06 10:37 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-03 10:07 . 2008-12-10 17:38 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\LimeWire

2010-05-02 08:10 . 2004-08-04 12:00 1851392 ----a-w- c:\windows\system32\win32k.sys

2010-04-27 18:40 . 2010-06-16 18:55 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys

2010-04-27 18:40 . 2010-06-16 18:55 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2010-04-27 18:40 . 2010-06-16 18:55 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys

2010-04-27 18:40 . 2010-06-16 18:55 133616 ------w- c:\windows\system32\pxafs.dll

2010-04-27 18:40 . 2010-06-16 18:55 126448 ------w- c:\windows\system32\pxinsi64.exe

2010-04-27 18:40 . 2010-06-16 18:55 123888 ------w- c:\windows\system32\pxcpyi64.exe

2010-04-25 12:51 . 2010-03-07 16:45 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2010-04-25 12:16 . 2010-04-25 12:16 52224 ----a-w- c:\documents and settings\Harm\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

2010-04-20 05:35 . 2004-08-04 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll

2010-04-18 13:03 . 2010-04-18 12:08 75 ----a-w- c:\documents and settings\Harm\jagex_runescape_preferences2.dat

2010-04-18 13:03 . 2010-04-18 12:07 41 ----a-w- c:\documents and settings\Harm\jagex_runescape_preferences.dat

2010-04-18 12:08 . 2010-04-18 12:08 0 ----a-w- c:\documents and settings\Harm\jagex__preferences3.dat

2010-04-01 11:47 . 2010-03-07 16:48 12872 ----a-w- c:\windows\system32\bootdelete.exe

2010-03-30 22:16 . 2010-03-30 22:16 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-03-30 22:10 . 2010-03-30 22:10 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2008-07-07 12:03 . 2008-07-07 12:03 15711154 ----a-w- c:\program files\dvd_v0.8.4.zip

2004-07-22 09:51 . 2004-07-22 09:51 3432656 ----a-w- c:\program files\ManagedDX.CAB

2004-07-19 21:58 . 2004-07-19 21:58 1156363 ----a-w- c:\program files\BDANT.cab

2004-07-19 21:53 . 2004-07-19 21:53 976020 ----a-w- c:\program files\BDAXP.cab

2004-07-09 13:17 . 2004-07-09 13:17 13265040 ----a-w- c:\program files\dxnt.cab

2004-07-09 08:13 . 2004-07-09 08:13 15493481 ----a-w- c:\program files\DirectX.cab

2004-07-09 08:13 . 2004-07-09 08:13 703080 ----a-w- c:\program files\BDA.cab

2004-07-09 03:08 . 2004-07-09 03:08 472576 ----a-w- c:\program files\dxsetup.exe

2004-07-09 03:08 . 2004-07-09 03:08 2242560 ----a-w- c:\program files\dsetup32.dll

2004-07-09 02:03 . 2004-07-09 02:03 62976 ----a-w- c:\program files\DSETUP.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-20 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe" [2005-03-08 53248]

"VTTrayp"="VTtrayp.exe" [2005-11-01 163840]

"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]

"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-04-25 385024]

"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-04-02 40368]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-19 413696]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Corel Desktop Application Director 8.LNK]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Corel Desktop Application Director 8.LNK

backup=c:\windows\pss\Corel Desktop Application Director 8.LNKCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk]

path=c:\documents and settings\Eigenaar\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-04-02 18:05 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]

2009-08-02 11:25 318272 ----a-w- c:\program files\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]

2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]

2007-05-14 16:01 644696 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]

2009-04-09 08:48 228808 ----a-w- c:\program files\DAEMON Tools Pro\DTProAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2007-03-11 19:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]

2007-02-04 11:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2008-05-19 16:22 413696 ----a-w- c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

2004-11-02 18:24 32768 ----a-w- c:\program files\ASUSTeK\ASUSDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]

2005-09-07 13:35 716800 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

2005-05-20 09:11 925696 ----a-r- c:\program files\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-03-09 03:19 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2008-06-20 17:28 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=

"c:\\Program Files\\The Creative Assembly\\Rome - Total War\\RomeTW.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\ijji\\ijji REACTOR\\ijjiOptimizer.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26-4-2009 10:35 721904]

S2 gupdate1c9a726cac8ed72;Google Updateservice (gupdate1c9a726cac8ed72);c:\program files\Google\Update\GoogleUpdate.exe [17-3-2009 19:35 133104]

S3 XDva317;XDva317;\??\c:\windows\system32\XDva317.sys --> c:\windows\system32\XDva317.sys [?]

S3 XDva323;XDva323;\??\c:\windows\system32\XDva323.sys --> c:\windows\system32\XDva323.sys [?]

S3 XDva327;XDva327;\??\c:\windows\system32\XDva327.sys --> c:\windows\system32\XDva327.sys [?]

S3 XDva332;XDva332;\??\c:\windows\system32\XDva332.sys --> c:\windows\system32\XDva332.sys [?]

S3 XDva336;XDva336;\??\c:\windows\system32\XDva336.sys --> c:\windows\system32\XDva336.sys [?]

S3 XDva337;XDva337;\??\c:\windows\system32\XDva337.sys --> c:\windows\system32\XDva337.sys [?]

S3 XDva341;XDva341;\??\c:\windows\system32\XDva341.sys --> c:\windows\system32\XDva341.sys [?]

S3 XDva342;XDva342;\??\c:\windows\system32\XDva342.sys --> c:\windows\system32\XDva342.sys [?]

S3 XDva343;XDva343;\??\c:\windows\system32\XDva343.sys --> c:\windows\system32\XDva343.sys [?]

S3 XDva344;XDva344;\??\c:\windows\system32\XDva344.sys --> c:\windows\system32\XDva344.sys [?]

S3 XDva345;XDva345;\??\c:\windows\system32\XDva345.sys --> c:\windows\system32\XDva345.sys [?]

S3 XDva346;XDva346;\??\c:\windows\system32\XDva346.sys --> c:\windows\system32\XDva346.sys [?]

S3 XDva347;XDva347;\??\c:\windows\system32\XDva347.sys --> c:\windows\system32\XDva347.sys [?]

S3 XDva348;XDva348;\??\c:\windows\system32\XDva348.sys --> c:\windows\system32\XDva348.sys [?]

S3 XDva349;XDva349;\??\c:\windows\system32\XDva349.sys --> c:\windows\system32\XDva349.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

2010-06-25 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-20 14:34]

2010-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-17 17:35]

2010-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-17 17:35]

2009-07-05 c:\windows\Tasks\NSSstub.job

- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-07-05 17:38]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/downloads/activex/YoYo.cab

FF - ProfilePath - c:\documents and settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\nrsd2nur.default\

FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|Google

FF - prefs.js: keyword.URL - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=

FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll

FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOP7PlugIn.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

.

- - - - ORPHANS VERWIJDERD - - - -

MSConfigStartUp-SPAMfighter Agent - c:\program files\SPAMfighter\SFAgent.exe

MSConfigStartUp-Steam - c:\program files\Steam\Steam.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-06-25 18:04

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

device: opened successfully

user: MBR read successfully

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spbx.sys >>UNKNOWN [0x8457A938]<<

kernel: MBR read successfully

detected MBR rootkit hooks:

\Driver\Disk -> CLASSPNP.SYS @ 0xf7670f28

\Driver\ACPI -> ACPI.sys @ 0xf73d9cb8

\Driver\atapi -> atapi.sys @ 0xf7394b40

IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8

ParseProcedure -> ntkrnlpa.exe @ 0x805827e8

\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8

ParseProcedure -> ntkrnlpa.exe @ 0x805827e8

NDIS: VIA Rhine II Fast Ethernet Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf728abb0

PacketIndicateHandler -> NDIS.sys @ 0xf7297a21

SendHandler -> NDIS.sys @ 0xf727587b

user & kernel MBR OK

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]

@DACL=(02 0000)

"Installed"="1"

@=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]

@DACL=(02 0000)

"NoChange"="1"

"Installed"="1"

@=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]

@DACL=(02 0000)

"Installed"="1"

@=""

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'explorer.exe'(2916)

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\windows\system32\PnkBstrA.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\windows\system32\VTTimer.exe

c:\windows\system32\VTtrayp.exe

.

**************************************************************************

.

Voltooingstijd: 2010-06-25 18:08:34 - machine werd herstart

ComboFix-quarantined-files.txt 2010-06-25 16:08

Pre-Run: 101.995.429.888 bytes beschikbaar

Post-Run: 101.934.960.640 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - F19F248BD55E67F2733E06DF5CFF3863

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\system32\XDva317.sys

c:\windows\system32\XDva323.sys

c:\windows\system32\XDva327.sys

c:\windows\system32\XDva332.sys

c:\windows\system32\XDva336.sys

c:\windows\system32\XDva337.sys

c:\windows\system32\XDva341.sys

c:\windows\system32\XDva342.sys

c:\windows\system32\XDva343.sys

c:\windows\system32\XDva344.sys

c:\windows\system32\XDva345.sys

c:\windows\system32\XDva346.sys

c:\windows\system32\XDva347.sys

c:\windows\system32\XDva348.sys

c:\windows\system32\XDva349.sys

Driver::

XDva317

XDva323

XDva327

XDva332

XDva336

XDva337

XDva341

XDva342

XDva343

XDva344

XDva345

XDva346

XDva347

XDva348

XDva349

FireFox::

FF - ProfilePath - c:\documents and settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\nrsd2nur.default\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.startup.homepage -

FF - prefs.js: keyword.URL -

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht en laat eens weten hoe het met die Hotebar.com nu staat ?

Link naar reactie
Delen op andere sites
Gast asdfasdf

Gast asdfasdf

Geplaatst:
Geplaatst:

Hallo!

Het is gelukt hoor, Hotebar is weg!

Hier is logje waar je volgens mij om vroeg?

ComboFix 10-06-25.04 - Eigenaar 26-06-2010 14:21:54.2.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.446.226 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Eigenaar\Mijn documenten\Downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Eigenaar\Bureaublad\CFScript.txt..txt

FILE ::

"c:\windows\system32\XDva317.sys"

"c:\windows\system32\XDva323.sys"

"c:\windows\system32\XDva327.sys"

"c:\windows\system32\XDva332.sys"

"c:\windows\system32\XDva336.sys"

"c:\windows\system32\XDva337.sys"

"c:\windows\system32\XDva341.sys"

"c:\windows\system32\XDva342.sys"

"c:\windows\system32\XDva343.sys"

"c:\windows\system32\XDva344.sys"

"c:\windows\system32\XDva345.sys"

"c:\windows\system32\XDva346.sys"

"c:\windows\system32\XDva347.sys"

"c:\windows\system32\XDva348.sys"

"c:\windows\system32\XDva349.sys"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_XDVA317

-------\Legacy_XDVA323

-------\Legacy_XDVA327

-------\Legacy_XDVA332

-------\Legacy_XDVA336

-------\Legacy_XDVA337

-------\Legacy_XDVA341

-------\Legacy_XDVA342

-------\Legacy_XDVA343

-------\Legacy_XDVA344

-------\Legacy_XDVA345

-------\Legacy_XDVA346

-------\Legacy_XDVA347

-------\Legacy_XDVA348

-------\Legacy_XDVA349

-------\Service_XDva317

-------\Service_XDva323

-------\Service_XDva327

-------\Service_XDva332

-------\Service_XDva336

-------\Service_XDva337

-------\Service_XDva341

-------\Service_XDva342

-------\Service_XDva343

-------\Service_XDva344

-------\Service_XDva345

-------\Service_XDva346

-------\Service_XDva347

-------\Service_XDva348

-------\Service_XDva349

(((((((((((((((((((( Bestanden Gemaakt van 2010-05-26 to 2010-06-26 ))))))))))))))))))))))))))))))

.

2010-06-25 22:00 . 2010-06-26 12:15 -------- d--h--r- c:\documents and settings\Eigenaar\Onlangs geopend

2010-06-25 07:13 . 2010-06-25 07:13 -------- d--h--r- c:\documents and settings\Harm\Onlangs geopend

2010-06-25 06:57 . 2010-06-25 06:57 0 ----a-w- c:\documents and settings\Eigenaar\jagex__preferences3.dat

2010-06-25 06:40 . 2010-06-25 06:40 -------- d-----w- c:\program files\SystemRequirementsLab

2010-06-25 06:40 . 2010-06-25 06:40 85504 ----a-w- c:\documents and settings\Eigenaar\Application Data\SystemRequirementsLab\srlproxy_cyri_4.1.71.0A.dll

2010-06-25 06:40 . 2010-06-25 06:40 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\SystemRequirementsLab

2010-06-23 12:15 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-06-23 12:15 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-06-21 15:24 . 2010-06-21 15:24 388096 ----a-r- c:\documents and settings\Eigenaar\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-06-21 15:24 . 2010-06-21 15:24 -------- d-----w- c:\program files\Trend Micro

2010-06-16 18:56 . 2010-06-16 18:56 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll

2010-06-16 18:56 . 2010-06-16 18:56 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe

2010-06-16 18:56 . 2010-06-16 18:50 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll

2010-06-16 18:56 . 2010-06-16 18:50 895256 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe

2010-06-16 18:56 . 2010-06-16 18:56 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe

2010-06-16 18:56 . 2010-06-16 18:56 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe

2010-06-16 18:56 . 2010-06-16 18:56 57715 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe

2010-06-16 18:56 . 2010-06-17 20:34 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\DivX

2010-06-16 18:51 . 2010-06-16 18:56 -------- d-----w- c:\program files\DivX

2010-06-16 18:50 . 2010-06-16 18:56 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX

2010-06-11 17:37 . 2010-06-11 17:37 -------- d-----w- c:\documents and settings\Harm\Local Settings\Application Data\HP

2010-06-09 22:03 . 2010-05-06 10:36 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2010-06-03 14:14 . 2010-06-03 14:14 -------- d-----w- c:\documents and settings\Harm\Application Data\ijjigame

2010-06-02 16:48 . 2010-06-23 12:15 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Lavasoft

2010-05-28 00:09 . 2010-05-28 00:09 41872 ----a-w- c:\windows\system32\xfcodec.dll

2010-05-27 16:50 . 2010-05-27 16:56 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Xfire

2010-05-27 14:51 . 2010-06-06 08:37 -------- d-----w- c:\documents and settings\Harm\Application Data\Xfire

2010-05-27 14:51 . 2010-06-07 13:22 -------- d-----w- c:\program files\Xfire

2010-05-27 13:52 . 2010-05-27 14:48 -------- d-----w- c:\documents and settings\Harm\Application Data\uTorrent

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-06-25 16:29 . 2008-06-20 17:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater

2010-06-25 07:07 . 2010-02-10 14:03 99 ----a-w- c:\documents and settings\Eigenaar\jagex_runescape_preferences2.dat

2010-06-25 07:03 . 2010-02-10 14:02 46 ----a-w- c:\documents and settings\Eigenaar\jagex_runescape_preferences.dat

2010-06-23 19:45 . 2004-08-04 12:00 86370 ----a-w- c:\windows\system32\perfc013.dat

2010-06-23 19:45 . 2004-08-04 12:00 499244 ----a-w- c:\windows\system32\perfh013.dat

2010-06-23 12:46 . 2010-05-20 20:19 -------- d-----w- c:\program files\Internet Content Assistant

2010-06-23 12:46 . 2010-05-20 20:18 -------- d-----w- c:\program files\Customized Web Management

2010-06-23 12:46 . 2010-05-20 20:17 -------- d-----w- c:\program files\Advanced Access Controller

2010-06-23 12:46 . 2010-05-20 20:17 -------- d-----w- c:\program files\Count Access Advancer

2010-06-23 12:46 . 2010-05-20 20:17 -------- d-----w- c:\program files\Automated Result Operator

2010-06-23 12:43 . 2010-05-20 20:18 -------- d-----w- c:\program files\Internet Connection Wizard

2010-06-23 12:43 . 2010-05-20 20:17 -------- d-----w- c:\program files\Common Files\Count Access Advancer

2010-06-23 12:16 . 2010-04-25 11:50 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2010-06-23 12:16 . 2008-02-07 09:44 -------- d-----w- c:\program files\SUPERAntiSpyware

2010-06-23 12:15 . 2010-05-07 13:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-06-23 12:13 . 2008-06-08 13:44 -------- d-----w- c:\program files\Virtools Web Player 2.5

2010-06-11 12:03 . 2010-04-25 11:43 -------- d-----w- c:\documents and settings\Harm\Application Data\Lavasoft

2010-06-10 07:31 . 2008-03-13 20:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2010-06-05 18:19 . 2006-09-09 11:48 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-06-05 13:41 . 2009-09-21 16:38 -------- d-----w- c:\program files\Microsoft Silverlight

2010-06-03 14:11 . 2010-06-03 14:11 -------- d-----w- c:\program files\ijji

2010-05-31 15:56 . 2008-11-04 15:02 -------- d-----w- c:\program files\CCleaner

2010-05-27 14:55 . 2010-05-19 18:28 63488 ----a-w- c:\documents and settings\Harm\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

2010-05-27 14:55 . 2010-04-25 12:16 117760 ----a-w- c:\documents and settings\Harm\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

2010-05-27 13:53 . 2010-02-17 18:50 -------- d-----w- c:\program files\uTorrent

2010-05-24 18:45 . 2010-05-24 18:45 -------- d-----w- c:\program files\Defraggler

2010-05-23 12:43 . 2008-06-22 10:59 664 ----a-w- c:\windows\system32\d3d9caps.dat

2010-05-21 16:20 . 2010-04-07 15:51 -------- d-----w- c:\documents and settings\Harm\Application Data\TS3Client

2010-05-21 14:29 . 2010-05-20 20:17 -------- d-----w- c:\program files\GamezJoint Toolbar

2010-05-21 11:35 . 2006-12-28 19:52 -------- d-----w- c:\program files\Google

2010-05-08 09:47 . 2009-10-18 17:05 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\vlc

2010-05-07 13:49 . 2010-05-07 13:49 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Malwarebytes

2010-05-07 13:48 . 2010-05-07 13:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-05-06 10:37 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-03 10:07 . 2008-12-10 17:38 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\LimeWire

2010-05-02 08:10 . 2004-08-04 12:00 1851392 ----a-w- c:\windows\system32\win32k.sys

2010-04-27 18:40 . 2010-06-16 18:55 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys

2010-04-27 18:40 . 2010-06-16 18:55 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2010-04-27 18:40 . 2010-06-16 18:55 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys

2010-04-27 18:40 . 2010-06-16 18:55 133616 ------w- c:\windows\system32\pxafs.dll

2010-04-27 18:40 . 2010-06-16 18:55 126448 ------w- c:\windows\system32\pxinsi64.exe

2010-04-27 18:40 . 2010-06-16 18:55 123888 ------w- c:\windows\system32\pxcpyi64.exe

2010-04-25 12:51 . 2010-03-07 16:45 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2010-04-25 12:16 . 2010-04-25 12:16 52224 ----a-w- c:\documents and settings\Harm\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

2010-04-20 05:35 . 2004-08-04 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll

2010-04-18 13:03 . 2010-04-18 12:08 75 ----a-w- c:\documents and settings\Harm\jagex_runescape_preferences2.dat

2010-04-18 13:03 . 2010-04-18 12:07 41 ----a-w- c:\documents and settings\Harm\jagex_runescape_preferences.dat

2010-04-18 12:08 . 2010-04-18 12:08 0 ----a-w- c:\documents and settings\Harm\jagex__preferences3.dat

2010-04-01 11:47 . 2010-03-07 16:48 12872 ----a-w- c:\windows\system32\bootdelete.exe

2010-03-30 22:16 . 2010-03-30 22:16 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-03-30 22:10 . 2010-03-30 22:10 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2008-07-07 12:03 . 2008-07-07 12:03 15711154 ----a-w- c:\program files\dvd_v0.8.4.zip

2004-07-22 09:51 . 2004-07-22 09:51 3432656 ----a-w- c:\program files\ManagedDX.CAB

2004-07-19 21:58 . 2004-07-19 21:58 1156363 ----a-w- c:\program files\BDANT.cab

2004-07-19 21:53 . 2004-07-19 21:53 976020 ----a-w- c:\program files\BDAXP.cab

2004-07-09 13:17 . 2004-07-09 13:17 13265040 ----a-w- c:\program files\dxnt.cab

2004-07-09 08:13 . 2004-07-09 08:13 15493481 ----a-w- c:\program files\DirectX.cab

2004-07-09 08:13 . 2004-07-09 08:13 703080 ----a-w- c:\program files\BDA.cab

2004-07-09 03:08 . 2004-07-09 03:08 472576 ----a-w- c:\program files\dxsetup.exe

2004-07-09 03:08 . 2004-07-09 03:08 2242560 ----a-w- c:\program files\dsetup32.dll

2004-07-09 02:03 . 2004-07-09 02:03 62976 ----a-w- c:\program files\DSETUP.dll

.

((((((((((((((((((((((((((((( SnapShot@2010-06-25_16.03.06 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-06-26 12:30 . 2010-06-26 12:30 16384 c:\windows\Temp\Perflib_Perfdata_f4.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-20 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe" [2005-03-08 53248]

"VTTrayp"="VTtrayp.exe" [2005-11-01 163840]

"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]

"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-04-25 385024]

"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-04-02 40368]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-19 413696]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Corel Desktop Application Director 8.LNK]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Corel Desktop Application Director 8.LNK

backup=c:\windows\pss\Corel Desktop Application Director 8.LNKCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk]

path=c:\documents and settings\Eigenaar\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-04-02 18:05 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]

2009-08-02 11:25 318272 ----a-w- c:\program files\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]

2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]

2007-05-14 16:01 644696 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]

2009-04-09 08:48 228808 ----a-w- c:\program files\DAEMON Tools Pro\DTProAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2007-03-11 19:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]

2007-02-04 11:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2008-05-19 16:22 413696 ----a-w- c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

2004-11-02 18:24 32768 ----a-w- c:\program files\ASUSTeK\ASUSDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]

2005-09-07 13:35 716800 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

2005-05-20 09:11 925696 ----a-r- c:\program files\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-03-09 03:19 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2008-06-20 17:28 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=

"c:\\Program Files\\The Creative Assembly\\Rome - Total War\\RomeTW.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\ijji\\ijji REACTOR\\ijjiOptimizer.exe"=

S2 gupdate1c9a726cac8ed72;Google Updateservice (gupdate1c9a726cac8ed72);c:\program files\Google\Update\GoogleUpdate.exe [17-3-2009 19:35 133104]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26-4-2009 10:35 721904]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

2010-06-26 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-20 14:34]

2010-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-17 17:35]

2010-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-17 17:35]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/downloads/activex/YoYo.cab

FF - ProfilePath - c:\documents and settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\nrsd2nur.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll

FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOP7PlugIn.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 10);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-06-26 14:32

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]

@DACL=(02 0000)

"Installed"="1"

@=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]

@DACL=(02 0000)

"NoChange"="1"

"Installed"="1"

@=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]

@DACL=(02 0000)

"Installed"="1"

@=""

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'explorer.exe'(2368)

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\windows\system32\PnkBstrA.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\windows\system32\VTTimer.exe

c:\windows\system32\VTtrayp.exe

.

**************************************************************************

.

Voltooingstijd: 2010-06-26 14:36:27 - machine werd herstart

ComboFix-quarantined-files.txt 2010-06-26 12:36

ComboFix2.txt 2010-06-25 16:08

Pre-Run: 101.911.347.200 bytes beschikbaar

Post-Run: 101.914.755.072 bytes beschikbaar

- - End Of File - - 94345A4654D0E6E53846158B5AE3AEAF

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Even je topic heropend, want er valt nog wat te doen !

Problemen van de baan, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download hier CCleaner en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Start -> Configuratiescherm -> Prestaties en Onderhoud -> Systeem -> Systeemherstel -> "Systeemherstel op alle stations uitschakelen" aanvinken. Toepassen en OK. PC herstarten en het vinkje terug weg halen.

That's it

Link naar reactie
Delen op andere sites
  • 2 weken later...
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.