Ga naar inhoud

hansenjoke

Lid
  • Items

    12
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door hansenjoke

  1. Geachte Kweezie Wabbit, Heb inmiddels de laatste handelingen afgewerkt. Heb vanmorgen al een spelletje ge klaverjast (helaasverloren) en de computer is daarbij niet vastgelopen. Ook de snelheid van decomputer is groter. Mag ik u vanaf deze plaats enorm bedanken voor uwmedewerking, u had al snel door dat het naar mij toe, eenvoudig uitgelegd moestworden, zodoende heb ik het hele proces tot een goed einde kunnen brengen. Bijzonder knap dat iemand zoveel tijd besteed aan de(computer)problemen van iemand die hij totaal niet kent. Hopelijk mag ik een volgen keer met dit of een andercomputer probleem, weer een beroep op u doen. Nogmaals BEDANKT. Mvrgr. Hans.
  2. Goede morgen, Terwijl combofix bezig was kreeg ik twee meldingen: 1 Virus ontdekt, gebeurtenis opgetreden door applicatieC;/combo fix, het bestand is verplaatst naar quarantaine. 2 Pev. 3XE werkt niet meer. Ik weet niet of dit belangrijk is, daarom vermeld ik dit ermaar bij. Mvrgr. Hans van hansenjoke/ ComboFix 12-05-27.01 - hansenjoke 27-05-2012 8:48.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.767.232 [GMT 2:00] Gestart vanuit: c:\users\hansenjoke\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\hansenjoke\Desktop\CFScript.txt SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt * Aanwezig AV is actief . . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\PriceGong c:\program files\PriceGong\2.6.4\PriceGong.crx c:\program files\PriceGong\uninst.exe c:\users\HANSEN~1\AppData\Local\Temp\ppcrlui_2724_2 c:\users\hansenjoke\AppData\Local\Temp\ppcrlui_2724_2 . . (((((((((((((((((((( Bestanden Gemaakt van 2012-04-27 to 2012-05-27 )))))))))))))))))))))))))))))) . . 2012-05-27 07:09 . 2012-05-27 07:10 -------- d-----w- c:\users\hansenjoke\AppData\Local\temp 2012-05-27 07:09 . 2012-05-27 07:09 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp 2012-05-27 07:09 . 2012-05-27 07:09 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-25 07:12 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{556B0F63-0CBB-4580-B91A-77B08176EBB8}\mpengine.dll 2012-05-24 16:42 . 2012-05-24 16:42 -------- d-----w- c:\users\hansenjoke\AppData\Roaming\Malwarebytes 2012-05-24 16:41 . 2012-05-24 16:41 -------- d-----w- c:\programdata\Malwarebytes 2012-05-24 16:41 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-24 16:41 . 2012-05-24 16:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-24 11:06 . 2012-05-24 11:06 -------- d-----w- c:\program files\Nieuwe map 2012-05-23 16:16 . 2012-05-23 16:16 -------- d-----w- c:\program files\Oracle 2012-05-23 16:16 . 2012-04-04 16:47 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-05-20 07:42 . 2012-05-16 10:07 51144 ----a-w- c:\windows\system32\drivers\Soluto.sys 2012-05-20 07:42 . 2012-05-20 07:42 -------- d-----w- c:\program files\Soluto 2012-05-14 18:50 . 2012-05-14 18:50 -------- d-----w- c:\users\hansenjoke\searchplugins 2012-05-14 18:50 . 2012-05-14 18:50 -------- d-----w- c:\users\hansenjoke\bProtectorForWindows 2012-05-14 18:32 . 2012-05-15 19:21 -------- d-----w- c:\users\hansenjoke\AppData\Roaming\PerformerSoft 2012-05-14 18:31 . 2012-05-14 18:31 -------- d-----w- c:\windows\system32\searchplugins 2012-05-14 18:31 . 2012-05-14 18:31 -------- d-----w- c:\windows\system32\bProtectorForWindows 2012-05-14 18:31 . 2012-05-15 19:21 -------- d-----w- c:\program files\PC Performer 2012-05-14 18:30 . 2012-05-14 18:30 -------- d-----w- c:\programdata\bProtectorForWindows 2012-05-14 17:59 . 2012-05-20 08:00 -------- d-----w- c:\programdata\Soluto 2012-05-11 12:58 . 2012-04-03 08:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-11 12:58 . 2012-04-03 08:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-11 12:58 . 2012-04-02 13:36 2044928 ----a-w- c:\windows\system32\win32k.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-05 13:54 . 2012-04-09 06:48 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-05 13:54 . 2011-06-02 13:35 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-26 14:27 . 2012-04-26 14:27 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-04-20 13:33 . 2012-04-20 13:33 887888 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr 2012-03-14 18:41 . 2010-05-21 15:00 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-08 16:50 . 2012-03-08 16:50 49016 ----a-w- c:\windows\system32\sirenacm.dll 2012-03-08 16:37 . 2012-03-08 16:37 302448 ----a-w- c:\windows\WLXPGSS.SCR 2012-03-08 16:32 . 2012-04-26 14:33 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-02-29 15:11 . 2012-04-12 06:33 5120 ----a-w- c:\windows\system32\wmi.dll 2012-02-29 15:11 . 2012-04-12 06:33 172032 ----a-w- c:\windows\system32\wintrust.dll 2012-02-29 15:09 . 2012-04-12 06:33 157696 ----a-w- c:\windows\system32\imagehlp.dll 2012-02-29 13:32 . 2012-04-12 06:33 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-02-28 01:18 . 2012-04-12 06:35 1799168 ----a-w- c:\windows\system32\jscript9.dll 2012-02-28 01:11 . 2012-04-12 06:35 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-28 01:11 . 2012-04-12 06:35 1127424 ----a-w- c:\windows\system32\wininet.dll 2012-02-28 01:03 . 2012-04-12 06:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-04-21 01:18 . 2012-05-16 07:36 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpeedUpMyPC"="c:\progra~1\Uniblue\SPEEDU~1\launcher.exe" [2012-03-02 67960] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-14 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704] "Acer Empowering Technology Monitor"="c:\windows\system32\SysMonitor.exe" [2006-11-23 319488] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-19 13535776] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-19 92704] "MediaFace Integration"="c:\program files\Fellowes\MediaFACE 4.0\SetHook.exe" [2004-07-01 53248] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-11-17 453120] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2010-09-21 949376] "UpdateReminder"="c:\program files\Eset\UpdateReminder.exe" [2011-07-18 462848] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2005-08-11 13:30 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] 2010-03-26 08:52 1234216 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero MediaHome 4] 2010-03-08 07:38 5174568 ----a-w- c:\program files\Nero\Nero MediaHome 4\NeroMediaHome.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NETGEARDigitalEntertainer] 2009-04-29 11:22 3498712 ----a-w- c:\program files\NETGEAR\NETGEAR Digital Entertainer for Windows\receiver.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2010-05-13 15:57 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map . 2012-05-27 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 13:54] . 2012-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 14:35] . 2012-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 14:35] . 2012-05-26 c:\windows\Tasks\ParetoLogic Registration3.job - c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2011-03-29 23:51] . 2012-02-03 c:\windows\Tasks\ParetoLogic Update Version3.job - c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-29 23:51] . 2012-02-03 c:\windows\Tasks\PC Health Advisor Defrag.job - c:\program files\ParetoLogic\PCHA\PCHA.exe [2011-03-29 23:17] . 2012-02-03 c:\windows\Tasks\PC Health Advisor.job - c:\program files\ParetoLogic\PCHA\PCHA.exe [2011-03-29 23:17] . 2012-05-27 c:\windows\Tasks\SpeedUpMyPC.job - c:\program files\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-03-17 13:52] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Translate this web page with Babylon IE: Translate with Babylon TCP: DhcpNameServer = 192.168.2.1 FF - ProfilePath - c:\users\hansenjoke\AppData\Roaming\Mozilla\Firefox\Profiles\mj5hzvnh.default\ . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-PriceGong - c:\program files\PriceGong\uninst.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-05-27 09:10 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-05-27 09:18:13 ComboFix-quarantined-files.txt 2012-05-27 07:17 ComboFix2.txt 2012-05-26 08:07 . Pre-Run: 46.851.399.680 bytes beschikbaar Post-Run: 46.493.986.816 bytes beschikbaar . - - End Of File - - 622390EA3BF2D87FB7BFBA98608032A0
  3. heb via link 2 combofix gedownload (via 1 kon dat niet, computer gaf fout melding aan )verder heb ik niks (kunnen doen) maar ik denk dat het hele proces wel afgewerkt is. Hierbij de inhoud van loqbestand. ComboFix 12-05-26.02 - hansenjoke 26-05-2012 9:11.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.767.201 [GMT 2:00] Gestart vanuit: c:\users\hansenjoke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7FV0XVQ3\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Aanwezig AV is actief . . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\facemoods.com c:\program files\facemoods.com\facemoods\1.4.17.11\facemoods.crx c:\program files\facemoods.com\facemoods\1.4.17.11\facemoods.png c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodsApp.dll c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodsEng.dll c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll c:\program files\facemoods.com\facemoods\1.4.17.11\uninstall.exe c:\program files\facemoods.com\sqlite3.dll c:\program files\Windows Searchqu Toolbar c:\program files\Windows Searchqu Toolbar\DataMngr\datamngr.dll c:\program files\Windows Searchqu Toolbar\DataMngr\datamngrUI.exe c:\program files\Windows Searchqu Toolbar\del_DM_DLL_57.dll c:\program files\Windows Searchqu Toolbar\del_DM_DLL_88.dll c:\program files\Windows Searchqu Toolbar\del_DM_EXE_19.dll c:\program files\Windows Searchqu Toolbar\del_DM_EXE_93.dll c:\program files\Windows Searchqu Toolbar\INSTALL.LOG c:\program files\Windows Searchqu Toolbar\main.ico c:\program files\Windows Searchqu Toolbar\uninstall.exe c:\program files\Windows Searchqu Toolbar\UNWISE.EXE c:\program files\Windows Searchqu Toolbar\UnwiseLauncher.exe c:\programdata\Microsoft\Windows\Start Menu\Programs\Uninstall.lnk c:\users\HANSEN~1\AppData\Local\Temp\ppcrlui_1888_2 c:\users\hansenjoke\AppData\Local\Temp\ppcrlui_1888_2 c:\users\hansenjoke\AppData\Roaming\Microsoft\Windows\Recent\nzbchronicle.net.url c:\users\hansenjoke\AppData\Roaming\Microsoft\Windows\Recent\Place2Use.net.url c:\users\hansenjoke\AppData\Roaming\Microsoft\Windows\Recent\SpotLite website.url c:\users\hansenjoke\AppData\Roaming\Microsoft\Windows\Recent\WWW.WICKEDREACTION.WS.url c:\users\hansenjoke\Documents\~WRL0002.tmp c:\users\hansenjoke\Favorites\Download programs.url c:\users\Public\sdelevURL.tmp c:\windows\system32\gFj0ntf.vbs c:\windows\system32\mSSVP.vbs c:\windows\system32\roboot.exe K:\install.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-04-26 to 2012-05-26 )))))))))))))))))))))))))))))) . . 2012-05-26 07:44 . 2012-05-26 07:52 -------- d-----w- c:\users\hansenjoke\AppData\Local\temp 2012-05-26 07:44 . 2012-05-26 07:44 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp 2012-05-26 07:44 . 2012-05-26 07:44 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-25 07:12 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{556B0F63-0CBB-4580-B91A-77B08176EBB8}\mpengine.dll 2012-05-24 16:42 . 2012-05-24 16:42 -------- d-----w- c:\users\hansenjoke\AppData\Roaming\Malwarebytes 2012-05-24 16:41 . 2012-05-24 16:41 -------- d-----w- c:\programdata\Malwarebytes 2012-05-24 16:41 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-24 16:41 . 2012-05-24 16:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-24 11:06 . 2012-05-24 11:06 -------- d-----w- c:\program files\Nieuwe map 2012-05-23 16:16 . 2012-05-23 16:16 -------- d-----w- c:\program files\Oracle 2012-05-23 16:16 . 2012-04-04 16:47 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-05-20 07:42 . 2012-05-16 10:07 51144 ----a-w- c:\windows\system32\drivers\Soluto.sys 2012-05-20 07:42 . 2012-05-20 07:42 -------- d-----w- c:\program files\Soluto 2012-05-14 18:50 . 2012-05-14 18:50 -------- d-----w- c:\users\hansenjoke\searchplugins 2012-05-14 18:50 . 2012-05-14 18:50 -------- d-----w- c:\users\hansenjoke\bProtectorForWindows 2012-05-14 18:32 . 2012-05-15 19:21 -------- d-----w- c:\users\hansenjoke\AppData\Roaming\PerformerSoft 2012-05-14 18:31 . 2012-05-14 18:31 -------- d-----w- c:\windows\system32\searchplugins 2012-05-14 18:31 . 2012-05-14 18:31 -------- d-----w- c:\windows\system32\bProtectorForWindows 2012-05-14 18:31 . 2012-05-15 19:21 -------- d-----w- c:\program files\PC Performer 2012-05-14 18:30 . 2012-05-14 18:30 -------- d-----w- c:\programdata\bProtectorForWindows 2012-05-14 18:30 . 2012-05-14 18:30 -------- d-----w- c:\program files\PriceGong 2012-05-14 17:59 . 2012-05-20 08:00 -------- d-----w- c:\programdata\Soluto 2012-05-11 12:58 . 2012-04-03 08:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-11 12:58 . 2012-04-03 08:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-11 12:58 . 2012-04-02 13:36 2044928 ----a-w- c:\windows\system32\win32k.sys 2012-04-26 14:33 . 2012-03-08 16:32 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-04-26 14:27 . 2012-04-26 14:27 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-04-26 14:05 . 2012-04-26 14:05 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\b2649eaf1cd23b502\DXSETUP.exe 2012-04-26 14:05 . 2012-04-26 14:05 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\b2649eaf1cd23b502\DSETUP.dll 2012-04-26 14:05 . 2012-04-26 14:05 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\b2649eaf1cd23b502\dsetup32.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-05 13:54 . 2012-04-09 06:48 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-05 13:54 . 2011-06-02 13:35 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-20 13:33 . 2012-04-20 13:33 887888 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr 2012-03-14 18:41 . 2010-05-21 15:00 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-08 16:50 . 2012-03-08 16:50 49016 ----a-w- c:\windows\system32\sirenacm.dll 2012-03-08 16:37 . 2012-03-08 16:37 302448 ----a-w- c:\windows\WLXPGSS.SCR 2012-02-29 15:11 . 2012-04-12 06:33 5120 ----a-w- c:\windows\system32\wmi.dll 2012-02-29 15:11 . 2012-04-12 06:33 172032 ----a-w- c:\windows\system32\wintrust.dll 2012-02-29 15:09 . 2012-04-12 06:33 157696 ----a-w- c:\windows\system32\imagehlp.dll 2012-02-29 13:32 . 2012-04-12 06:33 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-02-28 01:18 . 2012-04-12 06:35 1799168 ----a-w- c:\windows\system32\jscript9.dll 2012-02-28 01:11 . 2012-04-12 06:35 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-28 01:11 . 2012-04-12 06:35 1127424 ----a-w- c:\windows\system32\wininet.dll 2012-02-28 01:03 . 2012-04-12 06:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-04-21 01:18 . 2012-05-16 07:36 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpeedUpMyPC"="c:\program files\Uniblue\SpeedUpMyPC\launcher.exe" [2012-03-02 67960] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-14 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704] "Acer Empowering Technology Monitor"="c:\windows\system32\SysMonitor.exe" [2006-11-23 319488] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-19 13535776] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-19 92704] "MediaFace Integration"="c:\program files\Fellowes\MediaFACE 4.0\SetHook.exe" [2004-07-01 53248] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-11-17 453120] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2010-09-21 949376] "UpdateReminder"="c:\program files\Eset\UpdateReminder.exe" [2011-07-18 462848] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2005-08-11 13:30 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] 2010-03-26 08:52 1234216 ----a-w- c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero MediaHome 4] 2010-03-08 07:38 5174568 ----a-w- c:\program files\Nero\Nero MediaHome 4\NeroMediaHome.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NETGEARDigitalEntertainer] 2009-04-29 11:22 3498712 ----a-w- c:\program files\NETGEAR\NETGEAR Digital Entertainer for Windows\receiver.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2010-05-13 15:57 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map . 2012-05-26 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 13:54] . 2012-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 14:35] . 2012-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 14:35] . 2012-05-25 c:\windows\Tasks\ParetoLogic Registration3.job - c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2011-03-29 23:51] . 2012-02-03 c:\windows\Tasks\ParetoLogic Update Version3.job - c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-29 23:51] . 2012-02-03 c:\windows\Tasks\PC Health Advisor Defrag.job - c:\program files\ParetoLogic\PCHA\PCHA.exe [2011-03-29 23:17] . 2012-02-03 c:\windows\Tasks\PC Health Advisor.job - c:\program files\ParetoLogic\PCHA\PCHA.exe [2011-03-29 23:17] . 2012-05-26 c:\windows\Tasks\SpeedUpMyPC.job - c:\program files\Uniblue\SpeedUpMyPC\spmonitor.exe [2012-03-17 13:52] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Translate this web page with Babylon IE: Translate with Babylon TCP: DhcpNameServer = 192.168.2.1 FF - ProfilePath - c:\users\hansenjoke\AppData\Roaming\Mozilla\Firefox\Profiles\mj5hzvnh.default\ FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - ^hxxp://.*\\.babylon\\.com/\\?AF=110396.* FF - prefs.js: keyword.URL - ^hxxp://.*\\.babylon\\.com/\\?AF=110396.* . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{6DFC55BB-BFFF-485A-9709-90C3FDF6DB58} - (no file) WebBrowser-{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{11E7AB0E-3B77-41F8-A9C3-8B67A04FD4C3} - (no file) WebBrowser-{F4E6547E-325B-403C-A3BB-AD29ED37A92F} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) WebBrowser-{66BD2442-241B-44CD-8C7A-B51037053CDB} - (no file) MSConfigStartUp-CanonMyPrinter - c:\program files\Canon\MyPrinter\BJMyPrt.exe MSConfigStartUp-TomTomHOME - c:\program files\TomTom HOME 2\TomTomHOMERunner.exe AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.11\uninstall.exe AddRemove-FoxTab FLV Player - c:\program files\FoxTabFLVPlayer\Uninstall\Uninstall.exe AddRemove-FoxTab Media Player - c:\progra~1\FOXTAB~1\Uninstall\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-05-26 09:52 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-05-26 10:07:35 ComboFix-quarantined-files.txt 2012-05-26 08:07 . Pre-Run: 39.246.680.064 bytes beschikbaar Post-Run: 43.214.635.008 bytes beschikbaar . - - End Of File - - 69E2792F5B8731410FC24D6B3DBCC7F9
  4. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:57:21, on 25-5-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Program Files\Soluto\soluto.exe C:\Windows\system32\Dwm.exe C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\SysMonitor.exe C:\Windows\System32\rundll32.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Windows Searchqu Toolbar\DataMngr\datamngrUI.exe C:\Program Files\ESET\UpdateReminder.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Spotnet\Spotnet.exe C:\Program Files\Spotnet\SABnzbd.exe C:\Windows\system32\conime.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe C:\Users\hansenjoke\Downloads\HijackThis (1).exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit, O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [updateReminder] C:\Program Files\Eset\UpdateReminder.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [speedUpMyPC] "C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe" -d 20000 O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-4165291114-3087629697-1407380208-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NeroMediaHomeUser.4') O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20614.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NETGEAR Receiver Service (recvrsvc.exe) - NETGEAR, Inc. - C:\Program Files\NETGEAR\NETGEAR Digital Entertainer for Windows\recvrsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe -- End of file - 7517 bytes
  5. oke zo ?? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:13:22, on 25-5-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Program Files\Soluto\soluto.exe C:\Windows\system32\Dwm.exe C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\SysMonitor.exe C:\Windows\System32\rundll32.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Windows Searchqu Toolbar\DataMngr\datamngrUI.exe C:\Program Files\ESET\UpdateReminder.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Eset\nod32kui.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\hansenjoke\Downloads\HijackThis (1).exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ${URL_STARTPAGE} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Facemoods Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit, O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [updateReminder] C:\Program Files\Eset\UpdateReminder.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [speedUpMyPC] "C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe" -d 20000 O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-4165291114-3087629697-1407380208-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NeroMediaHomeUser.4') O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20614.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NETGEAR Receiver Service (recvrsvc.exe) - NETGEAR, Inc. - C:\Program Files\NETGEAR\NETGEAR Digital Entertainer for Windows\recvrsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe -- End of file - 7754 bytes
  6. is wel goed gegaan denk ik,daar is niet gevraagt om op nieuw op te starten. dit was het rezultaat na de scan + vewijderen:Malwarebytes Anti-Malware (-evaluatieversie-) 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.05.24.04 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 hansenjoke :: PC_VAN_HANSENJO [administrator] Realtime bescherming: Ingeschakeld 24-5-2012 18:56:54 mbam-log-2012-05-24 (18-56-54).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 237516 Verstreken tijd: 23 minuut/minuten, 27 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 6 HKCR\AppID\{418D86BE-7386-4F1A-83E0-53604ADBDA74} (Trojan.BHO) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{86055018-74AE-883B-A640-2D5E44D9BFE8} (Adware.PlayMP3z) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\AppID\SupremoAdsForYou.DLL (Adware.PlayMP3z) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\MediaHoldings (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\PlayMP3 (Adware.PLayMP3z) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\SupremoAdsForYou (Adware.PlayMP3z) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 4 C:\Users\hansenjoke\AppData\Roaming\02000000e0523e9f658C.manifest (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\hansenjoke\AppData\Roaming\02000000e0523e9f658O.manifest (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\hansenjoke\AppData\Roaming\02000000e0523e9f658P.manifest (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\hansenjoke\AppData\Roaming\02000000e0523e9f658S.manifest (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)
  7. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:08:09, on 24-5-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files\Soluto\soluto.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\SysMonitor.exe C:\Windows\System32\rundll32.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Windows Searchqu Toolbar\DataMngr\datamngrUI.exe C:\Program Files\ESET\UpdateReminder.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Windows\system32\conime.exe C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Windows\System32\mobsync.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe C:\Users\hansenjoke\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Shareware.Pro-NE Toolbar - {11e7ab0e-3b77-41f8-a9c3-8b67a04fd4c3} - C:\Program Files\Shareware.Pro-NE\tbShar.dll O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.6.4\PriceGongIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: Shareware.Pro-NE Toolbar - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\tbTog0.dll O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll O2 - BHO: TVersitybar - {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files\TVersitybar\prxtbTVer.dll O2 - BHO: Wisdom-soft toolbar - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - (no file) O2 - BHO: SupremoAdsForYou - {86055018-74AE-883B-A640-2D5E44D9BFE8} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - (no file) O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O2 - BHO: SearchElf 1.2 Toolbar - {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - C:\Program Files\SearchElf_1.2\tbSear.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Wisdom-soft toolbar - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll O3 - Toolbar: Shareware.Pro-NE Toolbar - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\tbTog0.dll O3 - Toolbar: Shareware.Pro-NE Toolbar - {11e7ab0e-3b77-41f8-a9c3-8b67a04fd4c3} - C:\Program Files\Shareware.Pro-NE\tbShar.dll O3 - Toolbar: (no name) - {7FF99715-3016-4381-84CE-E4E4C9673020} - (no file) O3 - Toolbar: SearchElf 1.2 Toolbar - {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - C:\Program Files\SearchElf_1.2\tbSear.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: TVersitybar Toolbar - {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files\TVersitybar\prxtbTVer.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [updateReminder] C:\Program Files\Eset\UpdateReminder.exe O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [speedUpMyPC] "C:\PROGRA~1\Uniblue\SPEEDU~1\launcher.exe" -d 20000 O4 - Global Startup: Empowering Technology Launcher.lnk = ? O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - (no file) O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - (no file) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20614.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: NETGEAR Receiver Service (recvrsvc.exe) - NETGEAR, Inc. - C:\Program Files\NETGEAR\NETGEAR Digital Entertainer for Windows\recvrsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe -- End of file - 12098 bytes ---------- Post toegevoegd om 15:09 ---------- Vorige post was om 15:09 ---------- oke zo ????
  8. het is me niet gelukt om snelkoppeling hijacthis op het beraeu blad te installeren wel heb ik hijackthis-kladblok opgeslaan. Wat kan ik nu doen??? Bij voorbaat dank
  9. http://speccy.piriform.com/results/PknK2m4CRsWoRielMzqhys5 ---------- Post toegevoegd om 18:39 ---------- Vorige post was om 18:39 ---------- http://speccy.piriform.com/results/PknK2m4CRsWoRielMzqhys5
  10. bv met spelletjes kan je soms enkele min. geen handeling verichten. De computer word regelmatig opgeschoont. het merk van de computer ed. ACER Aspire T180-GB87Z ik heb inmiddels, dat werd aanbevolen, ook speccy gedownload en geinstalleerd, daar is een overzicht gemaakt van de hardware, maar kan nergens File-Publish Snapshot vinden om te selecteren
  11. heb printer hp officejet 4500 wireles, maar scannen lukt niet, als ik het probeer krijg ik te lezen problemen met scannen kijk voor oplossingen naar documitatie, maar waar is/staat die documitatie?
  12. bv met spelletjes kan je soms enkele min. geen handeling verichten. De computer word regelmatig opgeschoont. het merk van de computer ed. ACER Aspire T180-GB87Z ik heb inmiddels ook speccy gedownload en geinstalleerd, daar is een overzicht gemaakt van de hardware, maar kan nergens File-Publish Snapshot vinden om te selecteren
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.