haike24
-
Items
6 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door haike24
-
en ik maar denken dat ik er al was, hoe naief ook. ik ga meteen deze stappen uitvoeren zodat hij (m'n pc) weer helemaal fris is. ik heb ook gezien dat mijn virusscanner verouderd was, tenminste de versie is van 2010 (avast) welke raad jij aan om te gebruiken? groeten katia
-
Hallo Kape, in mijn geval werkt het weer perfect. gelukkig heb ik niet mijn hele pc moeten formateren en is het kwaad op deze manier beeindigt waarvoor mijn dank gr katia
-
hallo kape hieronder het combofix bestand na dat ik je uitleg hierboven uitgevoerd heb ComboFix 12-10-14.03 - Fsc Renew 14-10-2012 16:28:36.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1919.1094 [GMT 2:00] Gestart vanuit: c:\users\Fsc Renew\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Fsc Renew\Desktop\CFScript.txt AV: avast! antivirus *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! antivirus *Enabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\iLivid c:\program files\iLivid\script.qscript c:\program files\iLivid\script1.81.qscript c:\program files\iLivid\VLC\activex\README.TXT c:\program files\iLivid\VLC\activex\test.html c:\program files\iLivid\VLC\AUTHORS.txt c:\program files\iLivid\VLC\COPYING.txt c:\program files\iLivid\VLC\http\.hosts c:\program files\iLivid\VLC\http\dialogs\.hosts c:\program files\iLivid\VLC\http\dialogs\browse c:\program files\iLivid\VLC\http\dialogs\footer c:\program files\iLivid\VLC\http\dialogs\input c:\program files\iLivid\VLC\http\dialogs\main c:\program files\iLivid\VLC\http\dialogs\mosaic c:\program files\iLivid\VLC\http\dialogs\playlist c:\program files\iLivid\VLC\http\dialogs\sout c:\program files\iLivid\VLC\http\dialogs\vlm c:\program files\iLivid\VLC\http\flash.html c:\program files\iLivid\VLC\http\iehacks.css c:\program files\iLivid\VLC\http\images\delete.png c:\program files\iLivid\VLC\http\images\delete_small.png c:\program files\iLivid\VLC\http\images\eject.png c:\program files\iLivid\VLC\http\images\empty.png c:\program files\iLivid\VLC\http\images\fullscreen.png c:\program files\iLivid\VLC\http\images\help.png c:\program files\iLivid\VLC\http\images\info.png c:\program files\iLivid\VLC\http\images\loop.png c:\program files\iLivid\VLC\http\images\minus.png c:\program files\iLivid\VLC\http\images\next.png c:\program files\iLivid\VLC\http\images\pause.png c:\program files\iLivid\VLC\http\images\play.png c:\program files\iLivid\VLC\http\images\playlist.png c:\program files\iLivid\VLC\http\images\playlist_small.png c:\program files\iLivid\VLC\http\images\plus.png c:\program files\iLivid\VLC\http\images\prev.png c:\program files\iLivid\VLC\http\images\refresh.png c:\program files\iLivid\VLC\http\images\repeat.png c:\program files\iLivid\VLC\http\images\sd.png c:\program files\iLivid\VLC\http\images\shuffle.png c:\program files\iLivid\VLC\http\images\slider_bar.png c:\program files\iLivid\VLC\http\images\slider_left.png c:\program files\iLivid\VLC\http\images\slider_point.png c:\program files\iLivid\VLC\http\images\slider_right.png c:\program files\iLivid\VLC\http\images\slow.png c:\program files\iLivid\VLC\http\images\snapshot.png c:\program files\iLivid\VLC\http\images\sort.png c:\program files\iLivid\VLC\http\images\sout.png c:\program files\iLivid\VLC\http\images\speaker.png c:\program files\iLivid\VLC\http\images\speaker_mute.png c:\program files\iLivid\VLC\http\images\stop.png c:\program files\iLivid\VLC\http\images\vlc16x16.png c:\program files\iLivid\VLC\http\images\volume_down.png c:\program files\iLivid\VLC\http\images\volume_up.png c:\program files\iLivid\VLC\http\images\white.png c:\program files\iLivid\VLC\http\images\white_cross_small.png c:\program files\iLivid\VLC\http\index.html c:\program files\iLivid\VLC\http\mosaic.html c:\program files\iLivid\VLC\http\requests\browse.xml c:\program files\iLivid\VLC\http\requests\playlist.xml c:\program files\iLivid\VLC\http\requests\readme.txt c:\program files\iLivid\VLC\http\requests\status.xml c:\program files\iLivid\VLC\http\requests\vlm.xml c:\program files\iLivid\VLC\http\requests\vlm_cmd.xml c:\program files\iLivid\VLC\http\style.css c:\program files\iLivid\VLC\http\vlm.html c:\program files\iLivid\VLC\http\vlm_export.html c:\program files\iLivid\VLC\languages\bengali.nsh c:\program files\iLivid\VLC\languages\brazilian_portuguese.nsh c:\program files\iLivid\VLC\languages\bulgarian.nsh c:\program files\iLivid\VLC\languages\catalan.nsh c:\program files\iLivid\VLC\languages\danish.nsh c:\program files\iLivid\VLC\languages\declaration.nsh c:\program files\iLivid\VLC\languages\dutch.nsh c:\program files\iLivid\VLC\languages\english.nsh c:\program files\iLivid\VLC\languages\estonian.nsh c:\program files\iLivid\VLC\languages\finnish.nsh c:\program files\iLivid\VLC\languages\french.nsh c:\program files\iLivid\VLC\languages\german.nsh c:\program files\iLivid\VLC\languages\hungarian.nsh c:\program files\iLivid\VLC\languages\italian.nsh c:\program files\iLivid\VLC\languages\japanese.nsh c:\program files\iLivid\VLC\languages\lithuanian.nsh c:\program files\iLivid\VLC\languages\occitan.nsh c:\program files\iLivid\VLC\languages\polish.nsh c:\program files\iLivid\VLC\languages\punjabi.nsh c:\program files\iLivid\VLC\languages\romanian.nsh c:\program files\iLivid\VLC\languages\schinese.nsh c:\program files\iLivid\VLC\languages\slovak.nsh c:\program files\iLivid\VLC\languages\slovenian.nsh c:\program files\iLivid\VLC\languages\sorani.nsh c:\program files\iLivid\VLC\languages\spanish.nsh c:\program files\iLivid\VLC\locale\ach\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\af\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\am\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ar\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ast\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\be\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\bg\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\bn\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\br\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ca\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\cgg\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ckb\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\co\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\cs\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\da\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\de\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\el\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\en_GB\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\es\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\et\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\eu\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\fa\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ff\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\fi\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\fr\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\fur\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ga\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\gl\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\he\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\hi\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\hr\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\hu\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\hy\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\id\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\is\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\it\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ja\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ka\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\kk\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\km\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ko\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\lg\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\lt\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\lv\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\mk\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ml\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\mn\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ms\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\my\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\nb\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ne\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\nl\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\nn\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\oc\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\pa\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\pl\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ps\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\pt_BR\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ro\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ru\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\si\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\sk\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\sl\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\sq\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\sr\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\sv\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\ta\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\tet\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\th\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\tl\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\tr\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\uk\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\vi\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\wa\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\zh_CN\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\locale\zu\LC_MESSAGES\vlc.mo c:\program files\iLivid\VLC\lua\extensions\allocine-fr.lua c:\program files\iLivid\VLC\lua\extensions\imdb.lua c:\program files\iLivid\VLC\lua\extensions\README.txt c:\program files\iLivid\VLC\lua\http\.hosts c:\program files\iLivid\VLC\lua\http\custom.lua c:\program files\iLivid\VLC\lua\http\dialogs\.hosts c:\program files\iLivid\VLC\lua\http\dialogs\browse c:\program files\iLivid\VLC\lua\http\dialogs\footer c:\program files\iLivid\VLC\lua\http\dialogs\input c:\program files\iLivid\VLC\lua\http\dialogs\main c:\program files\iLivid\VLC\lua\http\dialogs\mosaic c:\program files\iLivid\VLC\lua\http\dialogs\playlist c:\program files\iLivid\VLC\lua\http\dialogs\sout c:\program files\iLivid\VLC\lua\http\dialogs\vlm c:\program files\iLivid\VLC\lua\http\flash.html c:\program files\iLivid\VLC\lua\http\iehacks.css c:\program files\iLivid\VLC\lua\http\images\delete.png c:\program files\iLivid\VLC\lua\http\images\delete_small.png c:\program files\iLivid\VLC\lua\http\images\eject.png c:\program files\iLivid\VLC\lua\http\images\empty.png c:\program files\iLivid\VLC\lua\http\images\fullscreen.png c:\program files\iLivid\VLC\lua\http\images\help.png c:\program files\iLivid\VLC\lua\http\images\info.png c:\program files\iLivid\VLC\lua\http\images\loop.png c:\program files\iLivid\VLC\lua\http\images\minus.png c:\program files\iLivid\VLC\lua\http\images\next.png c:\program files\iLivid\VLC\lua\http\images\pause.png c:\program files\iLivid\VLC\lua\http\images\play.png c:\program files\iLivid\VLC\lua\http\images\playlist.png c:\program files\iLivid\VLC\lua\http\images\playlist_small.png c:\program files\iLivid\VLC\lua\http\images\plus.png c:\program files\iLivid\VLC\lua\http\images\prev.png c:\program files\iLivid\VLC\lua\http\images\refresh.png c:\program files\iLivid\VLC\lua\http\images\repeat.png c:\program files\iLivid\VLC\lua\http\images\reset.png c:\program files\iLivid\VLC\lua\http\images\sd.png c:\program files\iLivid\VLC\lua\http\images\shuffle.png c:\program files\iLivid\VLC\lua\http\images\slider_bar.png c:\program files\iLivid\VLC\lua\http\images\slider_left.png c:\program files\iLivid\VLC\lua\http\images\slider_point.png c:\program files\iLivid\VLC\lua\http\images\slider_right.png c:\program files\iLivid\VLC\lua\http\images\slow.png c:\program files\iLivid\VLC\lua\http\images\snapshot.png c:\program files\iLivid\VLC\lua\http\images\sort.png c:\program files\iLivid\VLC\lua\http\images\sout.png c:\program files\iLivid\VLC\lua\http\images\speaker.png c:\program files\iLivid\VLC\lua\http\images\speaker_mute.png c:\program files\iLivid\VLC\lua\http\images\stop.png c:\program files\iLivid\VLC\lua\http\images\vlc16x16.png c:\program files\iLivid\VLC\lua\http\images\volume_down.png c:\program files\iLivid\VLC\lua\http\images\volume_up.png c:\program files\iLivid\VLC\lua\http\images\white.png c:\program files\iLivid\VLC\lua\http\images\white_cross_small.png c:\program files\iLivid\VLC\lua\http\index.html c:\program files\iLivid\VLC\lua\http\mosaic.html c:\program files\iLivid\VLC\lua\http\requests\browse.xml c:\program files\iLivid\VLC\lua\http\requests\playlist.xml c:\program files\iLivid\VLC\lua\http\requests\readme.txt c:\program files\iLivid\VLC\lua\http\requests\status.xml c:\program files\iLivid\VLC\lua\http\requests\vlm.xml c:\program files\iLivid\VLC\lua\http\requests\vlm_cmd.xml c:\program files\iLivid\VLC\lua\http\style.css c:\program files\iLivid\VLC\lua\http\vlm.html c:\program files\iLivid\VLC\lua\http\vlm_export.html c:\program files\iLivid\VLC\lua\intf\dummy.lua c:\program files\iLivid\VLC\lua\intf\dumpmeta.lua c:\program files\iLivid\VLC\lua\intf\hotkeys.lua c:\program files\iLivid\VLC\lua\intf\http.lua c:\program files\iLivid\VLC\lua\intf\luac.lua c:\program files\iLivid\VLC\lua\intf\modules\common.lua c:\program files\iLivid\VLC\lua\intf\modules\host.lua c:\program files\iLivid\VLC\lua\intf\rc.lua c:\program files\iLivid\VLC\lua\intf\README.txt c:\program files\iLivid\VLC\lua\intf\telnet.lua c:\program files\iLivid\VLC\lua\meta\art\01_googleimage.lua c:\program files\iLivid\VLC\lua\meta\art\02_frenchtv.lua c:\program files\iLivid\VLC\lua\meta\art\03_lastfm.lua c:\program files\iLivid\VLC\lua\meta\art\04_musicbrainz.lua c:\program files\iLivid\VLC\lua\meta\art\README.txt c:\program files\iLivid\VLC\lua\meta\fetcher\README.txt c:\program files\iLivid\VLC\lua\meta\fetcher\tvrage.lua c:\program files\iLivid\VLC\lua\meta\reader\filename.lua c:\program files\iLivid\VLC\lua\meta\reader\README.txt c:\program files\iLivid\VLC\lua\modules\sandbox.lua c:\program files\iLivid\VLC\lua\modules\simplexml.lua c:\program files\iLivid\VLC\lua\playlist\anevia_streams.lua c:\program files\iLivid\VLC\lua\playlist\anevia_xml.lua c:\program files\iLivid\VLC\lua\playlist\appletrailers.lua c:\program files\iLivid\VLC\lua\playlist\bbc_co_uk.lua c:\program files\iLivid\VLC\lua\playlist\break.lua c:\program files\iLivid\VLC\lua\playlist\canalplus.lua c:\program files\iLivid\VLC\lua\playlist\cue.lua c:\program files\iLivid\VLC\lua\playlist\dailymotion.lua c:\program files\iLivid\VLC\lua\playlist\france2.lua c:\program files\iLivid\VLC\lua\playlist\googlevideo.lua c:\program files\iLivid\VLC\lua\playlist\jamendo.lua c:\program files\iLivid\VLC\lua\playlist\joox.lua c:\program files\iLivid\VLC\lua\playlist\katsomo.lua c:\program files\iLivid\VLC\lua\playlist\koreus.lua c:\program files\iLivid\VLC\lua\playlist\lelombrik.lua c:\program files\iLivid\VLC\lua\playlist\megavideo.lua c:\program files\iLivid\VLC\lua\playlist\metacafe.lua c:\program files\iLivid\VLC\lua\playlist\metachannels.lua c:\program files\iLivid\VLC\lua\playlist\mpora.lua c:\program files\iLivid\VLC\lua\playlist\pinkbike.lua c:\program files\iLivid\VLC\lua\playlist\README.txt c:\program files\iLivid\VLC\lua\playlist\rockbox_fm_presets.lua c:\program files\iLivid\VLC\lua\playlist\vimeo.lua c:\program files\iLivid\VLC\lua\playlist\youtube.lua c:\program files\iLivid\VLC\lua\playlist\youtube_homepage.lua c:\program files\iLivid\VLC\lua\README.txt c:\program files\iLivid\VLC\lua\sd\fmc.lua c:\program files\iLivid\VLC\lua\sd\freebox.lua c:\program files\iLivid\VLC\lua\sd\icecast.lua c:\program files\iLivid\VLC\lua\sd\jamendo.lua c:\program files\iLivid\VLC\lua\sd\metachannels.lua c:\program files\iLivid\VLC\lua\sd\README.txt c:\program files\iLivid\VLC\NEWS.txt c:\program files\iLivid\VLC\NSIS\UAC.nsh c:\program files\iLivid\VLC\osdmenu\default\selected\bw.png c:\program files\iLivid\VLC\osdmenu\default\selected\esc.png c:\program files\iLivid\VLC\osdmenu\default\selected\fw.png c:\program files\iLivid\VLC\osdmenu\default\selected\next.png c:\program files\iLivid\VLC\osdmenu\default\selected\play_pause.png c:\program files\iLivid\VLC\osdmenu\default\selected\previous.png c:\program files\iLivid\VLC\osdmenu\default\selected\stop.png c:\program files\iLivid\VLC\osdmenu\default\selected\volume.png c:\program files\iLivid\VLC\osdmenu\default\selection\bw.png c:\program files\iLivid\VLC\osdmenu\default\selection\esc.png c:\program files\iLivid\VLC\osdmenu\default\selection\fw.png c:\program files\iLivid\VLC\osdmenu\default\selection\next.png c:\program files\iLivid\VLC\osdmenu\default\selection\play_pause.png c:\program files\iLivid\VLC\osdmenu\default\selection\previous.png c:\program files\iLivid\VLC\osdmenu\default\selection\stop.png c:\program files\iLivid\VLC\osdmenu\default\selection\volume.png c:\program files\iLivid\VLC\osdmenu\default\unselected.png c:\program files\iLivid\VLC\osdmenu\default\volume\volume_00.png c:\program files\iLivid\VLC\osdmenu\default\volume\volume_01.png c:\program files\iLivid\VLC\osdmenu\default\volume\volume_02.png c:\program files\iLivid\VLC\osdmenu\default\volume\volume_03.png c:\program files\iLivid\VLC\osdmenu\default\volume\volume_04.png c:\program files\iLivid\VLC\osdmenu\default\volume\volume_05.png c:\program files\iLivid\VLC\osdmenu\default\volume\volume_06.png c:\program files\iLivid\VLC\osdmenu\default\volume\volume_07.png c:\program files\iLivid\VLC\osdmenu\default\volume\volume_08.png c:\program files\iLivid\VLC\osdmenu\default\volume\volume_09.png c:\program files\iLivid\VLC\osdmenu\default\volume\volume_10.png c:\program files\iLivid\VLC\plugins\plugins-04041e-3e8.dat c:\program files\iLivid\VLC\README.txt c:\program files\iLivid\VLC\sdk\include\vlc\deprecated.h c:\program files\iLivid\VLC\sdk\include\vlc\libvlc.h c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_events.h c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_media.h c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_media_discoverer.h c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_media_library.h c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_media_list.h c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_media_list_player.h c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_media_player.h c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_structures.h c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_version.h c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_vlm.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_access.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_acl.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_aout.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_aout_mixer.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_arrays.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_art_finder.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_avcodec.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_bits.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_block.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_block_helper.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_charset.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_codec.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_common.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_config.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_config_cat.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_configuration.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_cpu.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_demux.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_dialog.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_epg.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_es.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_es_out.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_events.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_filter.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_fourcc.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_fs.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_gcrypt.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_http.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_httpd.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_image.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_inhibit.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_input.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_input_item.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_main.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_md5.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_messages.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_meta.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_modules.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_mouse.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_mtime.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_objects.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_picture.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_picture_fifo.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_picture_pool.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_playlist.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_plugin.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_probe.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_rand.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_services_discovery.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_sout.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_sql.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_stream.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_strings.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_subpicture.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_threads.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_url.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_variables.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_video_splitter.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_vlm.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_vout.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_vout_display.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_vout_opengl.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_vout_window.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_xlib.h c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_xml.h c:\program files\iLivid\VLC\sdk\include\vlc\vlc.h c:\program files\iLivid\VLC\sdk\lib\libvlc.dll.a c:\program files\iLivid\VLC\sdk\lib\libvlc.la c:\program files\iLivid\VLC\sdk\lib\libvlccore.dll.a c:\program files\iLivid\VLC\sdk\lib\libvlccore.la c:\program files\iLivid\VLC\sdk\lib\pkgconfig\libvlc.pc c:\program files\iLivid\VLC\sdk\lib\pkgconfig\vlc-plugin.pc c:\program files\iLivid\VLC\skins\default.vlt c:\program files\iLivid\VLC\skins\skin.catalog c:\program files\iLivid\VLC\skins\skin.dtd c:\program files\iLivid\VLC\THANKS.txt c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} c:\programdata\qqeibkctojzjwzt c:\programdata\qqeibkctojzjwzt\be-flag.png c:\programdata\qqeibkctojzjwzt\be-image.png c:\programdata\qqeibkctojzjwzt\btn-green.png c:\programdata\qqeibkctojzjwzt\corners-btn.png c:\programdata\qqeibkctojzjwzt\corners1.png c:\programdata\qqeibkctojzjwzt\corners2.png c:\programdata\qqeibkctojzjwzt\corners3.png c:\programdata\qqeibkctojzjwzt\corners4.png c:\programdata\qqeibkctojzjwzt\ie6-7.css c:\programdata\qqeibkctojzjwzt\McAfee.png c:\programdata\qqeibkctojzjwzt\pays-be.png c:\programdata\qqeibkctojzjwzt\steps-be.png c:\programdata\qqeibkctojzjwzt\steps-en.png c:\programdata\qqeibkctojzjwzt\steps-nl.png c:\programdata\qqeibkctojzjwzt\style.css c:\programdata\qqeibkctojzjwzt\tabs.png c:\programdata\qqeibkctojzjwzt\wait.html . . (((((((((((((((((((( Bestanden Gemaakt van 2012-09-14 to 2012-10-14 )))))))))))))))))))))))))))))) . . 2012-10-14 14:39 . 2012-10-14 14:39 -------- d-----w- c:\users\Fsc Renew\AppData\Local\temp 2012-10-14 14:39 . 2012-10-14 14:39 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-13 17:51 . 2012-10-13 17:56 -------- d-----w- c:\users\Fsc Renew\AppData\Local\Spoon 2012-10-13 17:51 . 2012-10-13 17:51 -------- d-----w- c:\users\Fsc Renew\AppData\Local\Xenocode 2012-10-12 20:58 . 2012-10-12 20:58 -------- d-----w- c:\users\Fsc Renew\AppData\Roaming\Malwarebytes 2012-10-12 20:58 . 2012-10-12 20:58 -------- d-----w- c:\programdata\Malwarebytes 2012-10-12 20:58 . 2012-10-12 20:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-10-12 20:58 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-12 19:34 . 2012-10-12 19:34 -------- d-----w- c:\program files\ESET 2012-10-10 20:30 . 2012-10-10 20:30 -------- d-----w- c:\users\Fsc Renew\AppData\Roaming\eType 2012-09-25 09:01 . 2012-05-29 15:27 31584 ----a-w- c:\windows\system32\TURegOpt.exe 2012-09-25 09:01 . 2012-05-29 15:27 21344 ----a-w- c:\windows\system32\authuitu.dll 2012-09-25 09:00 . 2012-09-25 09:01 -------- d-----w- c:\program files\TuneUp Utilities 2012 2012-09-25 08:58 . 2012-09-25 08:58 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-09-25 06:57 . 2012-09-25 09:00 -------- d-----w- c:\users\Fsc Renew\AppData\Roaming\TuneUp Software 2012-09-25 06:56 . 2012-09-25 08:59 -------- d-----w- c:\program files\TuneUp Utilities 2013 2012-09-25 06:55 . 2012-09-25 09:00 -------- d-----w- c:\programdata\TuneUp Software 2012-09-24 14:30 . 2012-09-24 14:30 -------- d-----w- c:\users\Fsc Renew\AppData\Roaming\RecoolTec 2012-09-24 14:25 . 2012-09-25 07:27 -------- d-----w- c:\program files\AviSynth 2.5 2012-09-24 14:25 . 2011-04-12 19:43 219136 ----a-w- c:\windows\system32\frvSource.ax 2012-09-24 14:25 . 2012-09-24 14:25 -------- d-----w- c:\program files\Recool SWF to HTML5 Converter 2012-09-24 14:20 . 2012-09-24 14:20 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2012-09-19 09:12 . 2012-09-19 09:13 -------- d-----w- c:\users\Fsc Renew\copy-movieClip-with-bitmapData-CS3 2012-09-17 06:17 . 2012-10-05 18:27 -------- d-----w- c:\windows\system32\WNLT 2012-09-17 06:17 . 2012-10-01 11:39 -------- d-----w- c:\windows\system32\ARFC 2012-09-17 06:17 . 2012-09-13 13:26 1006448 ----a-w- c:\windows\system32\dmwu.exe 2012-09-17 06:17 . 2012-09-13 13:24 28160 ----a-w- c:\windows\system32\ImHttpComm.dll 2012-09-17 06:17 . 2011-06-10 22:58 773968 ----a-w- c:\windows\system32\msvcr100.dll 2012-09-17 06:17 . 2011-06-10 22:58 421200 ----a-w- c:\windows\system32\msvcp100.dll 2012-09-17 06:17 . 2011-05-13 23:17 632656 ----a-w- c:\windows\system32\msvcr80.dll 2012-09-17 06:17 . 2011-05-13 23:17 479232 ----a-w- c:\windows\system32\msvcm80.dll 2012-09-17 06:17 . 2011-05-13 23:17 554832 ----a-w- c:\windows\system32\msvcp80.dll 2012-09-14 18:39 . 2012-09-14 18:39 -------- d-----w- c:\users\Fsc Renew\ultimatefontpack 2012-09-14 15:22 . 2012-09-14 15:22 -------- d-----w- c:\users\Fsc Renew\walt_disney . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-17 06:41 . 2012-04-13 11:48 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-17 06:41 . 2011-10-27 06:49 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Fsc Renew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Fsc Renew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Fsc Renew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-05-28 6144000] "Skytel"="Skytel.exe" [2007-11-20 1826816] "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-08-21 98304] "D-Link D-Link Wireless G DWL-G122_DWA-110"="c:\program files\D-Link\DWL-G122_DWA-110\AirGCFG.exe" [2009-09-18 1708032] . c:\users\Fsc Renew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Spoon.net Console.lnk - c:\users\Fsc Renew\AppData\Local\Spoon\3.33.3.7\Spoon-Console.exe [2012-10-13 6930128] Spoon.net Sandbox Manager 3.33.lnk - c:\users\Fsc Renew\AppData\Local\Spoon\3.33.3.7\Spoon-Sandbox-Native.exe [2012-10-13 348920] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Google Update"="c:\users\Fsc Renew\AppData\Local\Google\Update\GoogleUpdate.exe" /c "Facebook Update"="c:\users\Fsc Renew\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver "BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" /MINIMIZED "MobileDocuments"=c:\program files\Common Files\Apple\Internet Services\ubd.exe "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background "Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun "KiesPDLR"=c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiSpywareOverride"=dword:00000001 . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - AVGTP *NewlyCreated* - MBAMPROTECTOR *NewlyCreated* - TUNEUPUTILITIESDRV *Deregistered* - eeCtrl . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2012-09-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2478391444-495470778-2787323053-1000Core.job - c:\users\Fsc Renew\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-30 10:00] . 2012-09-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2478391444-495470778-2787323053-1000UA.job - c:\users\Fsc Renew\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-30 10:00] . 2012-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 19:33] . 2012-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 19:33] . 2012-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478391444-495470778-2787323053-1000Core.job - c:\users\Fsc Renew\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-01 05:00] . 2012-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478391444-495470778-2787323053-1000UA.job - c:\users\Fsc Renew\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-01 05:00] . . ------- Bijkomende Scan ------- . uStart Page = https://www.google.be/ mStart Page = hxxp://www.telenet.be mWindow Title = Telenet Internet IE: Download with &Media Finder - c:\program files\Media Finder\hook.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 TCP: Interfaces\{B0ECDDAE-6CED-4074-8F5D-15368F135EE5}: NameServer = 8.26.56.26,156.154.70.22 TCP: Interfaces\{F2D7B778-AAEB-4C84-891F-A24A71F11E2B}: NameServer = 8.26.56.26,156.154.70.22 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-10-14 16:39 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-10-14 16:42:30 ComboFix-quarantined-files.txt 2012-10-14 14:42 ComboFix2.txt 2012-10-14 13:00 . Pre-Run: 29.470.019.584 bytes beschikbaar Post-Run: 29.463.941.120 bytes beschikbaar . - - End Of File - - 28C95636F88CAD91497E65CBAA56E6E9
-
nogmaals bedankt, hieronder mijn logje van combofix ComboFix 12-10-14.03 - Fsc Renew 14-10-2012 12:39:45.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1919.1040 [GMT 2:00] Gestart vanuit: c:\users\Fsc Renew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRORCB8Q\ComboFix.exe AV: avast! antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\animbigN.bmp c:\windows\animsmalN.bmp c:\windows\IsUn0413.exe c:\windows\security\Database\tmp.edb c:\windows\system32\DEBUG.log c:\windows\system32\drivers\358897b5db95f52.sys c:\windows\system32\muzapp.exe c:\windows\system32\rnaph.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_nvsvc -------\Legacy_358897b5db95f52 -------\Service_358897b5db95f52 . . (((((((((((((((((((( Bestanden Gemaakt van 2012-09-14 to 2012-10-14 )))))))))))))))))))))))))))))) . . 2012-10-14 10:48 . 2012-10-14 10:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-10-13 17:51 . 2012-10-13 17:56 -------- d-----w- c:\users\Fsc Renew\AppData\Local\Spoon 2012-10-13 17:51 . 2012-10-13 17:51 -------- d-----w- c:\users\Fsc Renew\AppData\Local\Xenocode 2012-10-12 20:58 . 2012-10-12 20:58 -------- d-----w- c:\users\Fsc Renew\AppData\Roaming\Malwarebytes 2012-10-12 20:58 . 2012-10-12 20:58 -------- d-----w- c:\programdata\Malwarebytes 2012-10-12 20:58 . 2012-10-12 20:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-10-12 20:58 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-12 19:34 . 2012-10-12 19:34 -------- d-----w- c:\program files\ESET 2012-10-12 18:11 . 2012-10-12 20:14 -------- d-----w- c:\programdata\qqeibkctojzjwzt 2012-10-12 15:25 . 2012-10-12 15:26 -------- d-----w- c:\program files\iLivid 2012-10-10 20:30 . 2012-10-10 20:30 -------- d-----w- c:\users\Fsc Renew\AppData\Roaming\eType 2012-09-25 09:01 . 2012-05-29 15:27 31584 ----a-w- c:\windows\system32\TURegOpt.exe 2012-09-25 09:01 . 2012-05-29 15:27 21344 ----a-w- c:\windows\system32\authuitu.dll 2012-09-25 09:00 . 2012-09-25 09:01 -------- d-----w- c:\program files\TuneUp Utilities 2012 2012-09-25 08:58 . 2012-09-25 08:58 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-09-25 06:57 . 2012-09-25 09:00 -------- d-----w- c:\users\Fsc Renew\AppData\Roaming\TuneUp Software 2012-09-25 06:56 . 2012-09-25 08:59 -------- d-----w- c:\program files\TuneUp Utilities 2013 2012-09-25 06:55 . 2012-09-25 09:00 -------- d-----w- c:\programdata\TuneUp Software 2012-09-25 06:55 . 2012-09-25 07:08 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2012-09-24 14:30 . 2012-09-24 14:30 -------- d-----w- c:\users\Fsc Renew\AppData\Roaming\RecoolTec 2012-09-24 14:25 . 2012-09-25 07:27 -------- d-----w- c:\program files\AviSynth 2.5 2012-09-24 14:25 . 2011-04-12 19:43 219136 ----a-w- c:\windows\system32\frvSource.ax 2012-09-24 14:25 . 2012-09-24 14:25 -------- d-----w- c:\program files\Recool SWF to HTML5 Converter 2012-09-24 14:20 . 2012-09-24 14:20 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2012-09-19 09:12 . 2012-09-19 09:13 -------- d-----w- c:\users\Fsc Renew\copy-movieClip-with-bitmapData-CS3 2012-09-17 06:17 . 2012-10-05 18:27 -------- d-----w- c:\windows\system32\WNLT 2012-09-17 06:17 . 2012-10-01 11:39 -------- d-----w- c:\windows\system32\ARFC 2012-09-17 06:17 . 2012-09-13 13:26 1006448 ----a-w- c:\windows\system32\dmwu.exe 2012-09-17 06:17 . 2012-09-13 13:24 28160 ----a-w- c:\windows\system32\ImHttpComm.dll 2012-09-17 06:17 . 2011-06-10 22:58 773968 ----a-w- c:\windows\system32\msvcr100.dll 2012-09-17 06:17 . 2011-06-10 22:58 421200 ----a-w- c:\windows\system32\msvcp100.dll 2012-09-17 06:17 . 2011-05-13 23:17 632656 ----a-w- c:\windows\system32\msvcr80.dll 2012-09-17 06:17 . 2011-05-13 23:17 479232 ----a-w- c:\windows\system32\msvcm80.dll 2012-09-17 06:17 . 2011-05-13 23:17 554832 ----a-w- c:\windows\system32\msvcp80.dll 2012-09-14 18:39 . 2012-09-14 18:39 -------- d-----w- c:\users\Fsc Renew\ultimatefontpack 2012-09-14 15:22 . 2012-09-14 15:22 -------- d-----w- c:\users\Fsc Renew\walt_disney . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-17 06:41 . 2012-04-13 11:48 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-17 06:41 . 2011-10-27 06:49 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Fsc Renew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Fsc Renew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Fsc Renew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-05-28 6144000] "Skytel"="Skytel.exe" [2007-11-20 1826816] "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-08-21 98304] "D-Link D-Link Wireless G DWL-G122_DWA-110"="c:\program files\D-Link\DWL-G122_DWA-110\AirGCFG.exe" [2009-09-18 1708032] . c:\users\Fsc Renew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Spoon.net Console.lnk - c:\users\Fsc Renew\AppData\Local\Spoon\3.33.3.7\Spoon-Console.exe [2012-10-13 6930128] Spoon.net Sandbox Manager 3.33.lnk - c:\users\Fsc Renew\AppData\Local\Spoon\3.33.3.7\Spoon-Sandbox-Native.exe [2012-10-13 348920] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Google Update"="c:\users\Fsc Renew\AppData\Local\Google\Update\GoogleUpdate.exe" /c "Facebook Update"="c:\users\Fsc Renew\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver "BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" /MINIMIZED "MobileDocuments"=c:\program files\Common Files\Apple\Internet Services\ubd.exe "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background "Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun "KiesPDLR"=c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - AVGTP *NewlyCreated* - MBAMPROTECTOR *NewlyCreated* - TUNEUPUTILITIESDRV *Deregistered* - eeCtrl . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2012-09-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2478391444-495470778-2787323053-1000Core.job - c:\users\Fsc Renew\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-30 10:00] . 2012-09-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2478391444-495470778-2787323053-1000UA.job - c:\users\Fsc Renew\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-30 10:00] . 2012-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 19:33] . 2012-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 19:33] . 2012-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478391444-495470778-2787323053-1000Core.job - c:\users\Fsc Renew\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-01 05:00] . 2012-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478391444-495470778-2787323053-1000UA.job - c:\users\Fsc Renew\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-01 05:00] . . ------- Bijkomende Scan ------- . uStart Page = https://www.google.be/ mStart Page = hxxp://www.telenet.be mWindow Title = Telenet Internet IE: Download with &Media Finder - c:\program files\Media Finder\hook.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 TCP: Interfaces\{B0ECDDAE-6CED-4074-8F5D-15368F135EE5}: NameServer = 8.26.56.26,156.154.70.22 TCP: Interfaces\{F2D7B778-AAEB-4C84-891F-A24A71F11E2B}: NameServer = 8.26.56.26,156.154.70.22 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) WebBrowser-{2D8D9ACC-F6D7-4362-8876-A275CA929591} - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) WebBrowser-{A94E8DC9-07AA-45A7-8AF2-A0375473A5CD} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) MSConfigStartUp-86husiji3w - c:\users\Fsc Renew\86husiji3w.exe AddRemove-Adobe_a68eec966ce913ddaa63251dc82ed31 - c:\program files\Common Files\Adobe\Installers\a68eec966ce913ddaa63251dc82ed31\Setup.exe AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-10-14 14:52 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{7fcf96b7-6c6a-4da8-b78c-8cde8189c2f5}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:10020054 "Dhcpv6State"=dword:00000001 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{9c642153-bfe0-4511-a0b6-e778ddd5ea9e}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:07001422 "Dhcpv6State"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{b0ecddae-6ced-4074-8f5d-15368f135ee5}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:125cd998 "Dhcpv6State"=dword:00000001 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{ba32a50a-3d27-4fae-8591-5916311409be}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:0c001422 "Dhcpv6State"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{c4a86fc8-d1e6-4919-8fc8-7373d07b741c}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:0e000000 "Dhcpv6State"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f2d7b778-aaeb-4c84-891f-a24a71f11e2b}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:0d001d92 "Dhcpv6State"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f50c0996-5b4a-4c6a-a322-6e991d4caa0e}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:06001422 "Dhcpv6State"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f70a361f-6437-4fcc-91a4-cd88d468d91b}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:0e001422 "Dhcpv6State"=dword:00000000 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(1696) c:\users\Fsc Renew\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll c:\program files\K-Lite Codec Pack\Filters\vsfilter.dll c:\program files\Common Files\Nero\DSFilter\NeMP4Splitter.ax c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\SYSTEM32\WISPTIS.EXE c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\windows\SYSTEM32\WISPTIS.EXE c:\windows\system32\ANIWConnService.exe c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe c:\windows\system32\dmwu.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe c:\windows\system32\WUDFHost.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\system32\conime.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Voltooingstijd: 2012-10-14 15:00:29 - machine werd herstart ComboFix-quarantined-files.txt 2012-10-14 13:00 . Pre-Run: 29.652.844.544 bytes beschikbaar Post-Run: 29.298.008.064 bytes beschikbaar . - - End Of File - - 89EBF77CCE7C11844D7D70B76F429F15
-
bedankt Kape, dit is mijn vervolg file van hijackthis in de normale modus zou je hier ook naar willen kijken BVD katia Logfile of HijackThis v1.99.1 Scan saved at 13:56:57, on 13-10-2012 Platform: Unknown Windows (WinNT 6.00.1906 SP2) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Running processes: C:\Windows\system32\taskeng.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\DWL-G122_DWA-110\AirGCFG.exe C:\Windows\ehome\ehtray.exe C:\Windows\System32\mobsync.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\hijackthis\hijackthis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Program Files\D-Link\DWL-G122_DWA-110\AirGCFG.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O11 - Options group: [iNTERNATIONAL] International O13 - Gopher Prefix: O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B0ECDDAE-6CED-4074-8F5D-15368F135EE5}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CCS\Services\Tcpip\..\{F2D7B778-AAEB-4C84-891F-A24A71F11E2B}: NameServer = 8.26.56.26,156.154.70.22 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\Windows\system32\ANIWConnService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc (file missing) O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe O23 - Service: WebOptimizer - Unknown owner - C:\Windows\system32\dmwu.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
-
hallo allemaal, ik heb gisteren kennisgemaakt met het (belgische) politievirus (ukash) na allerlei scans, eset online en enkele malen malwarebytes wil iik weten of mijn pc terug vrij is van het virus, daar ik nu nog in de veilige modus zit. dus wanneer is het veilig om terug op te starten in normale modus hieronder mailware logje Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.0.1400 www.malwarebytes.org Databaseversie: v2012.10.12.07 Windows Vista Service Pack 2 x86 NTFS (Veilige modus/netwerkmogelijkheden) Internet Explorer 9.0.8112.16421 Fsc Renew :: PC_VAN_FSCRENEW [administrator] Realtime bescherming: Uitgeschakeld 13-10-2012 8:33:13 mbam-log-2012-10-13 (08-33-13).txt Scantype: Flash-scan Ingeschakelde scanopties: Geheugen | Opstartitems | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: Register | Bestanden en mappen | P2P Objecten gescand: 145346 Verstreken tijd: 3 minuut/minuten, 3 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) hieronder het hijack this logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:44:18, on 13-10-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Safe mode with network support Running processes: C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\Explorer.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Fsc Renew\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\tbBitt.dll R3 - URLSearchHook: ZoneAlarm Extreme Security Toolbar - {a94e8dc9-07aa-45a7-8af2-a0375473a5cd} - C:\Program Files\ZoneAlarm_Extreme_Security\prxtbZone.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\tbBitt.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ZoneAlarm Extreme Security - {a94e8dc9-07aa-45a7-8af2-a0375473a5cd} - C:\Program Files\ZoneAlarm_Extreme_Security\prxtbZone.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O3 - Toolbar: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\tbBitt.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O3 - Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file) O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: ZoneAlarm Extreme Security Toolbar - {a94e8dc9-07aa-45a7-8af2-a0375473a5cd} - C:\Program Files\ZoneAlarm_Extreme_Security\prxtbZone.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Program Files\D-Link\DWL-G122_DWA-110\AirGCFG.exe O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B0ECDDAE-6CED-4074-8F5D-15368F135EE5}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CCS\Services\Tcpip\..\{F2D7B778-AAEB-4C84-891F-A24A71F11E2B}: NameServer = 8.26.56.26,156.154.70.22 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\Windows\system32\ANIWConnService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe O23 - Service: WebOptimizer - Unknown owner - C:\Windows\system32\dmwu.exe -- End of file - 8964 bytes bij voorbaat dank katia
