Ga naar inhoud

Melii

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    30

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Melii

  1. Melii
    Hallo, Sinds een tijdje doet mijn laptop vreemd als het om de internet verbinding gaat. Als ik thuis ben en een goed werkende Wi-Fi verbinding heb, geeft mijn laptop (soms) aan dat de verbinding beveiligd is en dan kan ik dus niet internetten. Als ik vervolgens de verbinding verbreek en weer opnieuw verbinding maak dan geeft hij aan dat ik gewoon verbonden ben maar dan kan ik alsnog niet internetten. De laatste optie is dan om de laptop opnieuw op te starten en dan maakt hij wel weer verbinding met het internet, maar het is echt vervelend als ik dit om de paar uur moet doen terwijl ik gewoon aan het werken ben op mijn laptop. Kunnen jullie mij helpen?
  2. Melii
    Ja, dat gebeurt helaas nog steeds. Misschien toch nog een andere webbrowser proberen. Hebben jullie nog suggesties?
  3. Melii
    AdwCleanerS0.txt
  4. Melii
    zoek-results.log
  5. Melii
    Okee, Java is vernieuwd en hier is de log van zoek.exezoek-results.log
  6. Melii
    log.txt
  7. Melii
    Nou, ik ben juist naar Firefox geswitcht omdat internet explorer ontzettend langzaam was.
  8. Melii
    Dat heb ik ook net geprobeerd, maar helaas.. toen ik ging surfen crashte hij weer. Nu is het zo dat de laptop sowieso wat trager reageert en programma's vaak vastlopen/niet meer reageren. Heb al best wat geprobeerd maar niets lijkt te werken tot nu toe.
  9. Melii
    Hallo, het is helaas nog steeds niet opgelost. Heb alle tips geprobeerd maar hij blijft crashen.
  10. Melii
    Hallo, Sinds een tijdje blijft mijn flash plug in steeds crashen. Ik heb al geprobeerd om hem up te daten, en in zijn geheel te verwijderen en opnieuw te installeren. Beide zonder resultaat. Het is echt ontzettend vervelend want door het crashen wordt normaal internetten bijna onmogelijk. Ik gebruik trouwens firefox als internet browser.
  11. Melii
    Ja, dat klopte inderdaad. Ik heb nu firefox geinstalleerd en dat lijkt stukken beter te gaan! Heel erg bedankt voor de hulp!
  12. Melii
    Met de apps openen gaat het wel wat beter, maar met internetten blijft ie nog vaak hangen en duurt het lang voordat de pagina geladen is en loopt nog vaak vast en dan pas na een paar keer refreshen, lukt het om de pagina goed te laden zonder vast te lopen..
  13. Melii
    [ATTACH]36218[/ATTACH] Oke, hier de log van AdwCleaner.. AdwCleaner[S0].txt
  14. Melii
    Okee, ook gedaan..[ATTACH]36174[/ATTACH] zoek-results.log
  15. Melii
    [ATTACH]36173[/ATTACH] Okee, gedaan log.txt
  16. Melii
    Goedemorgen, Sinds een tijdje wil mijn laptop niet echt meer meewerken. Het duurt echt ontzettend lang voordat hij apps opent nadat ik ze aangeklikt heb (mail, muziek/video app etc.). Ook als ik aan het internetten ben gaat het allemaal heel langzaam en duurt het lang voordat hij de pagina helemaal geladen heeft en komt het vaak voor dat hij erop vastloopt. Hoe kan ik dit verhelpen? Alvast bedankt, groetjes Melii
  17. Melii
    Hallo, Ik heb een probleempje met de laptop. Hij is ontzettend traag geworden terwijl hij eigenlijk altijd vrij snel was. Hij draait op windows acht en de virusscanner geeft niets aan.. Wat kan ik doen? Groetjes Melii
  18. Melii
    Hallo, Een paar dagen terug heb ik hier ook om hulp gevraagd omdat ik een virus op mijn computer had. Dit virus is inmiddels gelukkig verwijderd maar nu heb ik een ander probleem. Mijn computer springt uit het niets ineens op een zogenaamd "bluescreen". Hij geeft dan aan dat om veiligheidsredenen windows is afgesloten en dat ik de computer opnieuw op moet starten en dat, als het probleem zich vaker voor blijft doen, ik de software en/of hardware na moet kijken. Ik heb al een keer systeemherstel gedaan maar dit helpt niet want een minuut of 5 na het systeemherstel kreeg ik weer een bluescreen. Ik ben nu online in de veilige modus en heb nog geen bluescreen gehad. Wat kan ik hieraan doen?
  19. Melii
    Oké. Heel erg bedankt voor je hulp!
  20. Melii
    Nee, ik heb geen meldingen meer gehad. Ik wilde wel vragen of je misschien aan de hand van de logjes hebt kunnen zien hoe het virus op mijn computer terecht is gekomen? Het duurde namelijk niet zo lang voordat er weer een nieuw virus op zat nadat het andere verwijderd was en ik wil graag voorkomen dat er weer een nieuw virus opkomt aangezien mijn antivirus het (blijkbaar) ook niet tijdig kan detecteren..
  21. Melii
    ComboFix 12-11-14.01 - Gebruiker 15-11-2012 9:28.4.1 - x86 Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.31.1043.18.3000.1915 [GMT 1:00] Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Gebruiker\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Gebruiker\AppData\Roaming\Amzyne c:\users\Gebruiker\AppData\Roaming\Apzoqi c:\users\Gebruiker\AppData\Roaming\Axkoud c:\users\Gebruiker\AppData\Roaming\Axkoud\ymywr.exx c:\users\Gebruiker\AppData\Roaming\Dikyx c:\users\Gebruiker\AppData\Roaming\Dikyx\ukvyl.inw c:\users\Gebruiker\AppData\Roaming\Udaxyv c:\users\Gebruiker\AppData\Roaming\Ugerpo c:\users\Gebruiker\AppData\Roaming\Ugerpo\reul.xuo c:\users\Gebruiker\AppData\Roaming\Uvegvu c:\users\Gebruiker\AppData\Roaming\Uvegvu\ihsud.zug c:\users\Gebruiker\AppData\Roaming\Voux c:\users\Gebruiker\AppData\Roaming\Voux\xole.uba c:\users\Gebruiker\AppData\Roaming\Yrco . . (((((((((((((((((((( Bestanden Gemaakt van 2012-10-15 to 2012-11-15 )))))))))))))))))))))))))))))) . . 2012-11-15 08:38 . 2012-11-15 08:39 -------- d-----w- c:\users\Gebruiker\AppData\Local\temp 2012-11-15 08:38 . 2012-11-15 08:38 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-15 08:11 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5DCDC698-F5E9-49DF-8997-00A8CCF72E34}\mpengine.dll 2012-11-05 09:31 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll 2012-11-05 09:31 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll 2012-11-05 09:31 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-11-05 09:08 . 2012-03-20 23:28 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-11-05 09:08 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll 2012-11-05 09:07 . 2012-03-30 12:39 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-11-05 09:07 . 2012-03-29 13:39 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-11-05 09:07 . 2012-02-01 15:11 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-11-05 09:07 . 2012-02-01 15:10 983040 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-11-05 09:07 . 2012-02-01 15:10 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-11-05 09:07 . 2012-02-01 15:10 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-11-05 09:07 . 2012-02-01 15:10 1404928 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll 2012-11-05 09:07 . 2012-02-01 13:58 47104 ----a-w- c:\program files\Windows Journal\PDIALOG.exe 2012-11-05 09:07 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-11-05 09:07 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-11-05 09:06 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-11-05 09:06 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll 2012-11-05 09:06 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2012-11-05 09:06 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll 2012-11-05 09:06 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll 2012-11-05 09:06 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll 2012-11-05 09:06 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-11-05 09:06 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-11-05 09:06 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-11-05 09:06 . 2012-09-13 13:28 2048 ----a-w- c:\windows\system32\tzres.dll 2012-11-05 09:05 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-11-05 09:05 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-11-05 09:05 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-11-05 09:05 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-11-05 09:04 . 2012-07-04 14:02 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-11-05 09:03 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-11-05 09:02 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-11-05 09:02 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll 2012-11-05 09:02 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-10-18 15:56 . 2012-08-21 11:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-10-18 15:55 . 2012-10-18 15:55 -------- d-----w- c:\program files\iPod 2012-10-18 15:55 . 2012-10-18 15:56 -------- d-----w- c:\program files\iTunes 2012-10-18 15:55 . 2012-10-18 15:55 -------- d-----w- c:\program files\Apple Software Update 2012-10-18 15:54 . 2012-10-18 15:54 -------- d-----w- c:\program files\Bonjour . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-12 05:56 . 2010-07-08 12:58 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-09-29 18:54 . 2012-10-05 05:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-16 08:35 . 2012-09-16 08:35 388096 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-08-21 11:01 . 2012-08-21 11:01 106928 ----a-w- c:\windows\system32\GEARAspi.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-08-07 135680] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] "Uzmui"="c:\users\Gebruiker\AppData\Roaming\Toavuf\ekdo.exe" [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-05-26 800768] "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776] . c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2010-10-31 576000] Socialbox.lnk - c:\program files\Socialbox\Socialbox.exe [N/A] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2012-3-6 1585152] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ RUN.CMD [2009-8-8 1811] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 0 (0x0) "EnableInstallerDetection"= 0 (0x0) "EnableSecureUIAPaths"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R1 acaesriz;acaesriz;c:\windows\system32\drivers\acaesriz.sys [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache bthsvcs REG_MULTI_SZ BthServ . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}] 2008-04-11 15:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}] 2008-08-28 08:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe . Inhoud van de 'Gedeelde Taken' map . 2012-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 23:40] . 2012-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 23:40] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 62.238.255.69 212.115.192.100 192.168.1.1 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-11-15 09:39 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-11-15 09:44:56 ComboFix-quarantined-files.txt 2012-11-15 08:44 ComboFix2.txt 2012-11-14 11:35 ComboFix3.txt 2012-11-14 11:19 ComboFix4.txt 2012-11-13 17:33 . Pre-Run: 29.975.158.784 bytes beschikbaar Post-Run: 30.081.146.880 bytes beschikbaar . - - End Of File - - EF9983E0D5C578C15D078E7E7B5D86F0
  22. Melii
    Nieuwe ComboFix log: ComboFix 12-11-13.03 - Gebruiker 14-11-2012 12:26:30.3.1 - x86 Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.31.1043.18.3000.1854 [GMT 1:00] Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Gebruiker\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\GEARDIFx.exe c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxAPI.dll c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DifXInst32.exe c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxInstallLog.txt c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspi.dll c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspiWDM.inf c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\gearaspiwdmx86.cat c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\x86\GEARAspiWDM.sys c:\users\Gebruiker\AppData\Roaming\Abaqno c:\users\Gebruiker\AppData\Roaming\Abaqno\mysa.iqi c:\users\Gebruiker\AppData\Roaming\Acil c:\users\Gebruiker\AppData\Roaming\Akeqan c:\users\Gebruiker\AppData\Roaming\Akeqan\peeg.hia c:\users\Gebruiker\AppData\Roaming\Asiso c:\users\Gebruiker\AppData\Roaming\Asiso\nyovr.isa c:\users\Gebruiker\AppData\Roaming\Cinep c:\users\Gebruiker\AppData\Roaming\Deeghi c:\users\Gebruiker\AppData\Roaming\Ezocsy c:\users\Gebruiker\AppData\Roaming\Ezocsy\giesc.tid c:\users\Gebruiker\AppData\Roaming\Guahi c:\users\Gebruiker\AppData\Roaming\Guahi\dezih.heo c:\users\Gebruiker\AppData\Roaming\Lyaq c:\users\Gebruiker\AppData\Roaming\Lyvoy c:\users\Gebruiker\AppData\Roaming\Lyvoy\caagg.upx c:\users\Gebruiker\AppData\Roaming\Oqify c:\users\Gebruiker\AppData\Roaming\Otbo c:\users\Gebruiker\AppData\Roaming\Qibo c:\users\Gebruiker\AppData\Roaming\Riikko c:\users\Gebruiker\AppData\Roaming\Riikko\ywuh.asv c:\users\Gebruiker\AppData\Roaming\Suusak c:\users\Gebruiker\AppData\Roaming\Suusak\qewap.zin c:\users\Gebruiker\AppData\Roaming\Ugli c:\users\Gebruiker\AppData\Roaming\Ugli\ufuv.wyo c:\users\Gebruiker\AppData\Roaming\Upofwu c:\users\Gebruiker\AppData\Roaming\Upofwu\orir.res c:\users\Gebruiker\AppData\Roaming\Uqbibe c:\users\Gebruiker\AppData\Roaming\Uviq c:\users\Gebruiker\AppData\Roaming\Vuiko c:\users\Gebruiker\AppData\Roaming\Weka c:\users\Gebruiker\AppData\Roaming\Ziwa c:\users\Gebruiker\AppData\Roaming\Ziwem c:\users\Gebruiker\AppData\Roaming\Ziwem\inqie.ala c:\users\Gebruiker\AppData\Roaming\Ziyb c:\users\Gebruiker\AppData\Roaming\Ziyb\avwoe.erw c:\users\Gebruiker\AppData\Roaming\Zouv c:\users\Gebruiker\AppData\Roaming\Zyymmi c:\users\Gebruiker\AppData\Roaming\Zyymmi\ytno.ofe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-10-14 to 2012-11-14 )))))))))))))))))))))))))))))) . . 2012-11-14 11:33 . 2012-11-14 11:33 -------- d-----w- c:\users\Gebruiker\AppData\Local\temp 2012-11-14 11:33 . 2012-11-14 11:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-14 11:00 . 2012-11-14 11:00 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{20A615A1-B4A1-4F7B-9AA6-23AE7E8ABF6D}\MpKslb990657d.sys 2012-11-14 10:50 . 2012-11-14 10:50 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{20A615A1-B4A1-4F7B-9AA6-23AE7E8ABF6D}\offreg.dll 2012-11-13 18:12 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{20A615A1-B4A1-4F7B-9AA6-23AE7E8ABF6D}\mpengine.dll 2012-11-13 18:06 . 2012-11-13 18:06 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Axkoud 2012-11-12 08:24 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Amzyne 2012-11-12 08:24 . 2012-11-12 08:24 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Ugerpo 2012-11-10 08:57 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Yrco 2012-11-10 08:57 . 2012-11-10 08:57 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Uvegvu 2012-11-09 19:30 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Apzoqi 2012-11-09 19:30 . 2012-11-09 19:30 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Voux 2012-11-05 18:41 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Udaxyv 2012-11-05 18:41 . 2012-11-05 18:41 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Dikyx 2012-11-05 09:31 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll 2012-11-05 09:31 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll 2012-11-05 09:31 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-11-05 09:08 . 2012-03-20 23:28 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-11-05 09:08 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll 2012-11-05 09:07 . 2012-03-30 12:39 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-11-05 09:07 . 2012-03-29 13:39 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-11-05 09:07 . 2012-02-01 15:11 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-11-05 09:07 . 2012-02-01 15:10 983040 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-11-05 09:07 . 2012-02-01 15:10 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-11-05 09:07 . 2012-02-01 15:10 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-11-05 09:07 . 2012-02-01 15:10 1404928 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll 2012-11-05 09:07 . 2012-02-01 13:58 47104 ----a-w- c:\program files\Windows Journal\PDIALOG.exe 2012-11-05 09:07 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-11-05 09:07 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-11-05 09:06 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-11-05 09:06 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll 2012-11-05 09:06 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2012-11-05 09:06 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll 2012-11-05 09:06 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll 2012-11-05 09:06 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll 2012-11-05 09:06 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-11-05 09:06 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-11-05 09:06 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-11-05 09:06 . 2012-09-13 13:28 2048 ----a-w- c:\windows\system32\tzres.dll 2012-11-05 09:05 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-11-05 09:05 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-11-05 09:05 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-11-05 09:05 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-11-05 09:04 . 2012-07-04 14:02 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-11-05 09:03 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-11-05 09:02 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-11-05 09:02 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll 2012-11-05 09:02 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-10-18 15:56 . 2012-08-21 11:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-10-18 15:55 . 2012-10-18 15:55 -------- d-----w- c:\program files\iPod 2012-10-18 15:55 . 2012-10-18 15:56 -------- d-----w- c:\program files\iTunes 2012-10-18 15:55 . 2012-10-18 15:55 -------- d-----w- c:\program files\Apple Software Update 2012-10-18 15:54 . 2012-10-18 15:54 -------- d-----w- c:\program files\Bonjour . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-12 05:56 . 2010-07-08 12:58 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-09-29 18:54 . 2012-10-05 05:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-16 08:35 . 2012-09-16 08:35 388096 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-08-21 11:01 . 2012-08-21 11:01 106928 ----a-w- c:\windows\system32\GEARAspi.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-08-07 135680] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] "Uzmui"="c:\users\Gebruiker\AppData\Roaming\Toavuf\ekdo.exe" [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-05-26 800768] "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776] . c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2010-10-31 576000] Socialbox.lnk - c:\program files\Socialbox\Socialbox.exe [N/A] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2012-3-6 1585152] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ RUN.CMD [2009-8-8 1811] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 0 (0x0) "EnableInstallerDetection"= 0 (0x0) "EnableSecureUIAPaths"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R1 acaesriz;acaesriz;c:\windows\system32\drivers\acaesriz.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSLB990657D *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache bthsvcs REG_MULTI_SZ BthServ . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}] 2008-04-11 15:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}] 2008-08-28 08:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe . Inhoud van de 'Gedeelde Taken' map . 2012-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 23:40] . 2012-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 23:40] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 62.238.255.69 212.115.192.100 192.168.1.1 . . ************************************************************************** scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-11-14 12:35:01 ComboFix-quarantined-files.txt 2012-11-14 11:34 ComboFix2.txt 2012-11-14 11:19 ComboFix3.txt 2012-11-13 17:33 . Pre-Run: 30.110.109.696 bytes beschikbaar Post-Run: 30.083.158.016 bytes beschikbaar . - - End Of File - - 8054DE9B221FD13B675C0FD4263DB57F
  23. Melii
    Logbestand ComboFix: ComboFix 12-11-13.02 - Gebruiker 13-11-2012 18:23:10.1.1 - x86 Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.31.1043.18.3000.1506 [GMT 1:00] Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini c:\users\Gebruiker\AppData\Roaming\Afby c:\users\Gebruiker\AppData\Roaming\Afby\tiol.owb c:\users\Gebruiker\AppData\Roaming\Aqra c:\users\Gebruiker\AppData\Roaming\Aqra\ictyw.ycy c:\users\Gebruiker\AppData\Roaming\Asoru c:\users\Gebruiker\AppData\Roaming\Asoru\alro.ucy c:\users\Gebruiker\AppData\Roaming\Boebwi c:\users\Gebruiker\AppData\Roaming\Boebwi\dolu.lux c:\users\Gebruiker\AppData\Roaming\Buwof c:\users\Gebruiker\AppData\Roaming\Buwof\kyyb.sad c:\users\Gebruiker\AppData\Roaming\Doupwo c:\users\Gebruiker\AppData\Roaming\Doupwo\ekmil.ebg c:\users\Gebruiker\AppData\Roaming\Ekiw c:\users\Gebruiker\AppData\Roaming\Ekiw\aczi.opo c:\users\Gebruiker\AppData\Roaming\Emefi c:\users\Gebruiker\AppData\Roaming\Emefi\ygek.azc c:\users\Gebruiker\AppData\Roaming\Em***n c:\users\Gebruiker\AppData\Roaming\Em***n\idfy.yfu c:\users\Gebruiker\AppData\Roaming\Eszawe c:\users\Gebruiker\AppData\Roaming\Eszawe\cebu.heu c:\users\Gebruiker\AppData\Roaming\Ezuxiw c:\users\Gebruiker\AppData\Roaming\Ezuxiw\neimo.ucp c:\users\Gebruiker\AppData\Roaming\Fuykx c:\users\Gebruiker\AppData\Roaming\Fuykx\miasf.tee c:\users\Gebruiker\AppData\Roaming\Giwuv c:\users\Gebruiker\AppData\Roaming\Giwuv\xaon.soe c:\users\Gebruiker\AppData\Roaming\Igbe c:\users\Gebruiker\AppData\Roaming\Igbe\arzex.yki c:\users\Gebruiker\AppData\Roaming\Iwcu c:\users\Gebruiker\AppData\Roaming\Iwcu\itnay.ati c:\users\Gebruiker\AppData\Roaming\Koho c:\users\Gebruiker\AppData\Roaming\Koho\urko.exw c:\users\Gebruiker\AppData\Roaming\Noqu c:\users\Gebruiker\AppData\Roaming\Noqu\keum.vyo c:\users\Gebruiker\AppData\Roaming\Nuecw c:\users\Gebruiker\AppData\Roaming\Nuecw\ummai.poi c:\users\Gebruiker\AppData\Roaming\Omxyx c:\users\Gebruiker\AppData\Roaming\Omxyx\zealo.evs c:\users\Gebruiker\AppData\Roaming\Overro c:\users\Gebruiker\AppData\Roaming\Overro\geaw.rab c:\users\Gebruiker\AppData\Roaming\Ozap c:\users\Gebruiker\AppData\Roaming\Ozap\togy.wez c:\users\Gebruiker\AppData\Roaming\Puild c:\users\Gebruiker\AppData\Roaming\Puild\ocno.xoi c:\users\Gebruiker\AppData\Roaming\Qyulu c:\users\Gebruiker\AppData\Roaming\Qyulu\iqaz.oqg c:\users\Gebruiker\AppData\Roaming\Qyyq c:\users\Gebruiker\AppData\Roaming\Qyyq\gahes.yqb c:\users\Gebruiker\AppData\Roaming\Riaf c:\users\Gebruiker\AppData\Roaming\Riaf\lomuy.lya c:\users\Gebruiker\AppData\Roaming\Sekiu c:\users\Gebruiker\AppData\Roaming\Sekiu\xexy.ode c:\users\Gebruiker\AppData\Roaming\Taisni c:\users\Gebruiker\AppData\Roaming\Taisni\avno.ozu c:\users\Gebruiker\AppData\Roaming\Toavuf c:\users\Gebruiker\AppData\Roaming\Toavuf\ekdo.exe c:\users\Gebruiker\AppData\Roaming\Umaten c:\users\Gebruiker\AppData\Roaming\Umaten\emoma.esf c:\users\Gebruiker\AppData\Roaming\Veur c:\users\Gebruiker\AppData\Roaming\Veur\poalu.epq c:\users\Gebruiker\AppData\Roaming\Vunye c:\users\Gebruiker\AppData\Roaming\Vunye\xaek.keq c:\users\Gebruiker\AppData\Roaming\Xoewpa c:\users\Gebruiker\AppData\Roaming\Xoewpa\yhduq.eqm c:\users\Gebruiker\AppData\Roaming\Xuihih c:\users\Gebruiker\AppData\Roaming\Xuihih\utas.ihu c:\users\Gebruiker\AppData\Roaming\Ybarys c:\users\Gebruiker\AppData\Roaming\Ybarys\akmeu.zuv c:\users\Gebruiker\AppData\Roaming\Ycleu c:\users\Gebruiker\AppData\Roaming\Ycleu\esyf.uti c:\users\Gebruiker\AppData\Roaming\Ygit c:\users\Gebruiker\AppData\Roaming\Ygit\rabu.hei c:\users\Gebruiker\AppData\Roaming\Yraxn c:\users\Gebruiker\AppData\Roaming\Yraxn\ryoci.kac c:\users\Gebruiker\AppData\Roaming\Ysmay c:\users\Gebruiker\AppData\Roaming\Ysmay\keveo.ywa c:\users\Gebruiker\AppData\Roaming\Yxim c:\users\Gebruiker\AppData\Roaming\Yxim\efny.asy c:\users\Gebruiker\AppData\Roaming\Yzag c:\users\Gebruiker\AppData\Roaming\Yzag\igqig.soa c:\windows\System32\Desktop_.ini c:\windows\system32\roboot.exe D:\install.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-10-13 to 2012-11-13 )))))))))))))))))))))))))))))) . . 2012-11-13 17:31 . 2012-11-13 17:31 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-13 09:14 . 2012-11-13 09:14 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D185F8F-7CDD-47DF-86C7-732F5ACD1ABB}\offreg.dll 2012-11-12 14:07 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D185F8F-7CDD-47DF-86C7-732F5ACD1ABB}\mpengine.dll 2012-11-12 08:24 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Amzyne 2012-11-12 08:24 . 2012-11-12 08:24 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Ugerpo 2012-11-10 08:57 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Yrco 2012-11-10 08:57 . 2012-11-10 08:57 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Uvegvu 2012-11-09 19:30 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Apzoqi 2012-11-09 19:30 . 2012-11-09 19:30 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Voux 2012-11-05 18:41 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Udaxyv 2012-11-05 18:41 . 2012-11-05 18:41 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Dikyx 2012-11-05 09:31 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll 2012-11-05 09:31 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll 2012-11-05 09:31 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-11-05 09:08 . 2012-03-20 23:28 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-11-05 09:08 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll 2012-11-05 09:07 . 2012-03-30 12:39 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-11-05 09:07 . 2012-03-29 13:39 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-11-05 09:07 . 2012-02-01 15:11 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-11-05 09:07 . 2012-02-01 15:10 983040 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-11-05 09:07 . 2012-02-01 15:10 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-11-05 09:07 . 2012-02-01 15:10 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-11-05 09:07 . 2012-02-01 15:10 1404928 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll 2012-11-05 09:07 . 2012-02-01 13:58 47104 ----a-w- c:\program files\Windows Journal\PDIALOG.exe 2012-11-05 09:07 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-11-05 09:07 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-11-05 09:06 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-11-05 09:06 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll 2012-11-05 09:06 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2012-11-05 09:06 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll 2012-11-05 09:06 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll 2012-11-05 09:06 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll 2012-11-05 09:06 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2012-11-05 09:06 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll 2012-11-05 09:06 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-11-05 09:06 . 2012-09-13 13:28 2048 ----a-w- c:\windows\system32\tzres.dll 2012-11-05 09:05 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-11-05 09:05 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-11-05 09:05 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-11-05 09:05 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-11-05 09:04 . 2012-07-04 14:02 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-11-05 09:03 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-11-05 09:02 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-11-05 09:02 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll 2012-11-05 09:02 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll 2012-11-05 08:35 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Uqbibe 2012-11-05 08:35 . 2012-11-05 08:35 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Asiso 2012-11-04 10:22 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Lyaq 2012-11-04 10:22 . 2012-11-04 10:22 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Ugli 2012-11-03 11:38 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Ziwa 2012-11-03 11:38 . 2012-11-03 11:38 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Suusak 2012-11-02 17:57 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Uviq 2012-11-02 17:57 . 2012-11-02 17:57 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Upofwu 2012-11-02 07:47 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Qibo 2012-11-02 07:47 . 2012-11-02 07:47 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Abaqno 2012-11-01 08:50 . 2012-11-01 08:50 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Riikko 2012-11-01 08:50 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Deeghi 2012-10-31 19:23 . 2012-11-02 08:41 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Cinep 2012-10-31 19:23 . 2012-10-31 19:23 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Zyymmi 2012-10-31 09:14 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Weka 2012-10-31 09:14 . 2012-10-31 09:14 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Ziyb 2012-10-30 07:46 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Acil 2012-10-30 07:46 . 2012-10-30 07:46 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Guahi 2012-10-29 07:03 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Zouv 2012-10-29 07:03 . 2012-10-29 07:03 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Lyvoy 2012-10-28 07:29 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Otbo 2012-10-28 07:29 . 2012-10-28 07:29 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Akeqan 2012-10-26 08:43 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Vuiko 2012-10-26 08:43 . 2012-10-26 08:43 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Ezocsy 2012-10-25 18:16 . 2012-11-13 09:07 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Oqify 2012-10-25 18:16 . 2012-10-25 18:16 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Ziwem 2012-10-18 15:56 . 2012-08-21 11:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-10-18 15:55 . 2012-10-18 15:55 -------- d-----w- c:\program files\iPod 2012-10-18 15:55 . 2012-10-18 15:56 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2012-10-18 15:55 . 2012-10-18 15:56 -------- d-----w- c:\program files\iTunes 2012-10-18 15:55 . 2012-10-18 15:55 -------- d-----w- c:\program files\Apple Software Update 2012-10-18 15:54 . 2012-10-18 15:54 -------- d-----w- c:\program files\Bonjour . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-10-12 05:56 . 2010-07-08 12:58 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-09-29 18:54 . 2012-10-05 05:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-16 08:35 . 2012-09-16 08:35 388096 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-08-21 11:01 . 2012-08-21 11:01 106928 ----a-w- c:\windows\system32\GEARAspi.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-08-07 135680] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-05-26 800768] "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776] . c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2010-10-31 576000] Socialbox.lnk - c:\program files\Socialbox\Socialbox.exe [N/A] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2012-3-6 1585152] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ RUN.CMD [2009-8-8 1811] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 0 (0x0) "EnableInstallerDetection"= 0 (0x0) "EnableSecureUIAPaths"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R1 acaesriz;acaesriz;c:\windows\system32\drivers\acaesriz.sys [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache bthsvcs REG_MULTI_SZ BthServ . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}] 2008-04-11 15:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}] 2008-08-28 08:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe . Inhoud van de 'Gedeelde Taken' map . 2012-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 23:40] . 2012-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 23:40] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 62.238.255.69 212.115.192.100 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-Uzmui - c:\users\Gebruiker\AppData\Roaming\Toavuf\ekdo.exe HKLM-Run-ROC_ROC_NT - c:\program files\AVG Secure Search\ROC_ROC_NT.exe AddRemove-RadarSync PC Updater 2011 - c:\program files\RadarSync\uninst.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-11-13 18:31 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-11-13 18:33:44 ComboFix-quarantined-files.txt 2012-11-13 17:33 . Pre-Run: 30.120.026.112 bytes beschikbaar Post-Run: 30.093.979.648 bytes beschikbaar . - - End Of File - - 683BC18E811720267998E78285408F17
  24. Melii
    MBAM log: Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Databaseversie: v2012.11.13.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Gebruiker :: GEBRUIK-GJKAM1C [administrator] 13-11-2012 10:03:24 mbam-log-2012-11-13 (10-03-24).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 207901 Verstreken tijd: 8 minuut/minuten, 41 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 9 C:\Users\Gebruiker\AppData\Roaming\Amzyne\ozyq.exe (Trojan.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\Apzoqi\oszy.exe (Trojan.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\Mekeo\imfa.exe (Trojan.Agent.GNI) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\Oqify\uxzy.exe (Trojan.Ransom) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\Otbo\feduy.exe (Trojan.Ransom) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\Vuiko\upis.exe (Trojan.Ransom) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\Edge\yfywu.exe (Trojan.Agent.GNI) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\Yrco\qeysu.exe (Trojan.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Gebruiker\AppData\Roaming\Zouv\waziy.exe (Trojan.Ransom) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Nieuwe HijackThis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:20:29, on 13-11-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\RALINK\Common\RaUI.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Internet Explorer\IELowutil.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Pliek@2009 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [uzmui] C:\Users\Gebruiker\AppData\Roaming\Toavuf\ekdo.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user') O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe O4 - Startup: Socialbox.lnk = C:\Program Files\Socialbox\Socialbox.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\RALINK\Common\RalinkRegistryWriter.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 9689 bytes
  25. Melii
    Hier de log van HijackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:11:47, on 13-11-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\ehome\ehtray.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\RALINK\Common\RaUI.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Pliek@2009 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Efmagiycom] C:\Users\Gebruiker\AppData\Roaming\Zyepu\vokix.exe O4 - HKCU\..\Run: [Olryevh] C:\Users\Gebruiker\AppData\Roaming\Yzabo\wilu.exe O4 - HKCU\..\Run: [Piuwwod] C:\Users\Gebruiker\AppData\Roaming\Fued\upzan.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [uzmui] C:\Users\Gebruiker\AppData\Roaming\Toavuf\ekdo.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user') O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe O4 - Startup: Socialbox.lnk = C:\Program Files\Socialbox\Socialbox.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\RALINK\Common\RalinkRegistryWriter.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 9672 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.