Ga naar inhoud

IMPEGA

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    22

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Berichten die geplaatst zijn door IMPEGA

    Qvo6 virus

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Na het scannen opent zich automatisch adobe reader met bovenstaand bericht.

    Ik heb niet de kans om het via kladblok te openen

    - - - Updated - - -

    txt is opgelost.

    Er is ergens een verkeerde koppeling ontstaan met txt file.

    # DelFix v10.2 - Logfile created 08/04/2013 at 18:29:15

    # Updated 02/04/2013 by Xplode

    # Username : Lies - LIES-PC

    ~ Removing disinfection tools ...

    ~ Cleaning system restore ...

    Deleted : RP #301 [End of disinfection | 04/08/2013 16:24:32]

    New restore point created !

    ~ Resetting system settings ... OK

    ########## - EOF - ##########

    Qvo6 virus

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Zoek.exe Version 4.0.0.2 Updated 05-April-2013

    Tool run by Lies on za 06/04/2013 at 15:47:59,29.

    Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

    Running in: Normal Mode Internet Access Detected

    ==== Deleting CLSID Registry Keys ======================

    ==== Deleting CLSID Registry Values ======================

    ==== FireFox Fix ======================

    Deleted from C:\Users\Lies\AppData\Roaming\Mozilla\Firefox\Profiles\r87s9fc7.default\prefs.js:

    user_pref("browser.startup.homepage", "www.google.be");

    user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");

    user_pref("browser.search.defaulturl", "");

    user_pref("browser.search.defaultenginename", "qvo6");

    user_pref("browser.search.defaultenginename,S", "");

    user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");

    user_pref("browser.search.selectedEngine", "");

    user_pref("browser.search.selectedEngine,S", "");

    user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");

    user_pref("browser.search.order.1", "qvo6");

    user_pref("browser.search.order.1,S", "");

    user_pref("keyword.URL", "http://search.babylon.com/?affID=109986&babsrc=KW_ss&mntrId=bcd4939b000000000000002622631fb9&q=");

    user_pref("sweetim.toolbar.previous.keyword.URL", "");

    user_pref("browser.search.useDBForOrder", true);

    Added to C:\Users\Lies\AppData\Roaming\Mozilla\Firefox\Profiles\r87s9fc7.default\prefs.js:

    user_pref("browser.startup.homepage", "http://www.google.com");

    user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

    user_pref("browser.newtab.url", "http://www.google.com/");

    user_pref("browser.search.defaultengine", "Google");

    user_pref("browser.search.defaultenginename", "Google");

    user_pref("browser.search.selectedEngine", "Google");

    user_pref("browser.search.order.1", "Google");

    user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

    user_pref("browser.search.suggest.enabled", true);

    user_pref("browser.search.useDBForOrder", true);

    ProfilePath: C:\Users\Lies\AppData\Roaming\Mozilla\Firefox\Profiles\r87s9fc7.default

    ---- Lines BabylonToolbar removed from prefs.js ----

    user_pref("extensions.BabylonToolbar.prtkDS", 0);

    user_pref("extensions.BabylonToolbar.prtkHmpg", 0);

    user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

    user_pref("extensions.BabylonToolbar_i.babExt", "");

    user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109986");

    user_pref("extensions.BabylonToolbar_i.hardId", "bcd4939b000000000000002622631fb9");

    user_pref("extensions.BabylonToolbar_i.id", "bcd4939b000000000000002622631fb9");

    user_pref("extensions.BabylonToolbar_i.instlDay", "15466");

    user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

    user_pref("extensions.BabylonToolbar_i.newTab", true);

    user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=109986&babsrc=NT_ss&mntrId=bcd4939b000000000000002622631fb9");

    user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

    user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

    user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

    user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

    user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");

    user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

    user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

    user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:07:37");

    ---- Lines BabylonToolbar modified from prefs.js ----

    ---- Lines BabylonToolbar removed from user.js ----

    user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109986");

    user_pref("extensions.BabylonToolbar_i.babExt", "");

    user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

    user_pref("extensions.BabylonToolbar_i.id", "bcd4939b000000000000002622631fb9");

    user_pref("extensions.BabylonToolbar_i.hardId", "bcd4939b000000000000002622631fb9");

    user_pref("extensions.BabylonToolbar_i.instlDay", "15466");

    user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

    user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

    user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:07:37");

    user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

    user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

    user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

    user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

    user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");

    user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

    ---- Lines qvo6 removed from prefs.js ----

    ---- Lines qvo6 modified from prefs.js ----

    ---- Lines WebSearch removed from prefs.js ----

    user_pref("extensions.toolbar.mindspark._5mMembers_.homepage", "http://home.mywebsearch.com/index.jhtml?ptb=0E3AAE7C-1A36-4663-9CDA-C867FBF0416F&n=77eda26c&ptnrS=ZUxpt175YYbe&si=CLaonNzM5LACFUYntAodxze8yQ");

    ---- Lines WebSearch modified from prefs.js ----

    ---- Lines search.com removed from prefs.js ----

    ---- Lines search.com modified from prefs.js ----

    ---- Lines SweetIM removed from prefs.js ----

    user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");

    user_pref("sweetim.toolbar.searchguard.enable", "");

    user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");

    user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");

    ---- Lines SweetIM modified from prefs.js ----

    ---- FireFox user.js and prefs.js backups ----

    user_20130604_1552_.backup

    prefs_20130604_1552_.backup

    ==== Batch Command(s) Run By Tool======================

    C:\Windows\System32\roboot64.exe deleted successfully

    ==== Deleting Files \ Folders ======================

    "C:\Windows\SysNative\roboot64.exe" not found

    "C:\user.js" deleted

    "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted

    "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted

    "C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml" deleted

    "C:\user.js" deleted

    "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted

    "C:\Program Files (x86)\BrowseToSave" deleted

    "C:\Users\Lies\AppData\Roaming\eIntaller" deleted

    "C:\Users\Lies\AppData\Roaming\Babylon" deleted

    "C:\Users\Lies\AppData\Roaming\YoudaGames" deleted

    "C:\Users\Lies\AppData\Roaming\Systweak" deleted

    "C:\ProgramData\eSafe" deleted

    "C:\ProgramData\Partner" deleted

    "C:\ProgramData\SoftSafe" deleted

    "C:\ProgramData\InstallMate" deleted

    "C:\ProgramData\Babylon" deleted

    "C:\Users\Lies\AppData\Local\Babylon" deleted

    ==== Files Recently Created / Modified ======================

    ====== C:\Windows ====

    ====== C:\Users\Lies\AppData\Local\Temp ====

    ====== C:\Windows\SysWOW64 =====

    2013-04-03 19:42:51 886B8021074DE010AD6AF053A1722632 420944 ----a-w- C:\Windows\SysWOW64\msvcp100.dll

    2013-04-03 19:42:51 63F13A8C7D297EFD8166EBC39566A24F 773712 ----a-w- C:\Windows\SysWOW64\msvcr100.dll

    ====== C:\Windows\SysWOW64\drivers =====

    2013-03-31 19:08:52 732C8923749A526AB726D867FC9129AB 13608 ----a-w- C:\Windows\SysWOW64\drivers\MoborobAssDriver64.sys

    ====== C:\Windows\Sysnative =====

    2013-04-06 08:10:06 F448ADBEC1DD571CB9FD94887E7690E9 108448 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll

    ====== C:\Windows\Sysnative\drivers =====

    2013-04-03 20:44:02 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

    2013-04-01 09:57:43 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_ggsemc_01009.Wdf

    2013-04-01 09:57:43 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_ggflt_01009.Wdf

    2013-03-31 18:00:52 6B503DF845EABF3457E49FBBDA26C10E 27760 ----a-w- C:\Windows\Sysnative\drivers\ggsemc.sys

    2013-03-31 18:00:51 16C2A6BCDDA8952C2035DEC861492A19 14448 ----a-w- C:\Windows\Sysnative\drivers\ggflt.sys

    2013-03-31 17:55:52 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_WinUsb_01009.Wdf

    2013-03-30 10:26:36 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys

    ====== C:\Windows\Tasks ======

    ====== C:\Windows\Temp ======

    ======= C:\Program Files =====

    2013-03-13 13:03:48 -------- d-----w- C:\Program Files\Microsoft Silverlight

    ======= C:\Program Files (x86) =====

    2013-03-31 19:08:37 -------- d-----w- C:\Program Files (x86)\Moborobo

    2013-03-31 17:59:03 -------- d-----w- C:\Program Files (x86)\Sony Ericsson

    2013-03-31 17:36:13 -------- d-----w- C:\Program Files (x86)\Common Files\Sony Shared

    2013-03-31 17:34:37 -------- d-----w- C:\Program Files (x86)\Sony Media Go Install

    2013-03-31 17:14:09 -------- d-----w- C:\Program Files (x86)\Sony

    2013-03-13 13:03:48 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight

    ======= C: =====

    2013-04-03 20:37:18 199CF21E039A10A29D9AD54F73486338 10398 ----a-w- C:\AdwCleaner[R5].txt

    2013-04-03 20:36:56 05D2745B2064CDB06223D6EF51EF73DE 10337 ----a-w- C:\AdwCleaner[R4].txt

    2013-04-03 20:35:55 F262BED8D162034D08F8D03BAEF53395 10273 ----a-w- C:\AdwCleaner[R3].txt

    2013-04-03 20:35:40 9EC22D53B86A5DB03DE51CF920B7E255 10212 ----a-w- C:\AdwCleaner[R2].txt

    2013-04-03 20:34:50 34675A542941277B06A014479F36D771 10151 ----a-w- C:\AdwCleaner[R1].txt

    2013-03-23 16:33:55 87A8AC905A8D4C9A3A1D9DB69B69D520 10256480 ----a-w- C:\nj.jpg

    ====== C:\Users\Lies\AppData\Roaming ======

    2013-04-03 20:43:52 -------- d-----w- C:\users\Lies\AppData\Local\Programs

    2013-04-03 17:22:23 -------- d-----w- C:\users\Lies\AppData\Local\Xenocode

    2013-03-31 17:36:18 -------- d-----w- C:\users\Lies\AppData\Local\Sony

    2013-03-31 17:34:53 -------- d-----w- C:\users\Lies\AppData\Local\Downloaded Installations

    2013-03-31 17:34:36 -------- d-----w- C:\users\Lies\AppData\Roaming\Sony

    2013-03-15 16:12:32 -------- d-----w- C:\users\Lies\AppData\Local\Chromium

    ====== C:\Users\Lies ======

    2013-03-31 19:08:37 -------- d-----w- C:\ProgramData\Moborobo

    2013-03-31 17:59:28 -------- d-----w- C:\ProgramData\Sony Ericsson

    2013-03-31 17:36:41 -------- d-----w- C:\Users\Lies\Podcasts

    2013-03-31 17:36:13 -------- d-----w- C:\ProgramData\Sony Corporation

    2013-03-31 17:14:09 -------- d-----w- C:\ProgramData\Sony

    ====== C: exe-files ==

    2013-04-06 08:01:13 9C2FE0561CB31A762AE2A1EA74A6E121 33003424 ----a-w- C:\Users\Lies\Desktop\jre-7u17-windows-x64.exe

    2013-04-03 21:16:09 57E626878D667E65127D1725279B0965 12384 ----atw- C:\Users\Lies\AppData\Local\Temp\{13A5014D-11A4-4F20-ADCB-5986C84623BB}\x86\regsvr32.exe

    2013-04-03 21:16:09 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- C:\Users\Lies\AppData\Local\Temp\{13A5014D-11A4-4F20-ADCB-5986C84623BB}\x64\regsvr32.exe

    2013-04-03 20:43:03 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Lies\Downloads\mbam-setup-1.70.0.1100.exe

    2013-04-03 19:42:41 B6DF79993609D49DD949B7EFF9E18F69 1411664 ----a-w- C:\Users\Lies\AppData\Local\Temp\Desk365\eInstall\eInstall.exe

    2013-04-03 17:22:23 1FADB5E128AB938AE07BFDC1EA876910 117248 ----a-w- C:\Users\Lies\AppData\Local\Xenocode\XSandbox\installAPK\1.0.0.0\2009.06.01T16.17\Virtual\MODIFIED\@PROGRAMFILES@\installAPK\installAPK.EXE

    2013-04-01 09:53:16 6E0105823B4FE91632C9DA8314418417 655536 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe

    2013-04-01 09:43:20 738FFA4D0DD95618A793BFF870780D28 183928 ----a-w- C:\ProgramData\Sony Ericsson\Update Engine\configuration\org.eclipse.osgi\bundles\89\1\.cp\lib\x64\DeviceRemover.exe

    2013-04-01 08:22:04 C46257D70EA8326D72C5A4ED79C4601C 19752 ----a-w- C:\Program Files (x86)\Moborobo\FuncStaticPczs.exe

    2013-04-01 08:22:04 0B443F8B221A1F4996628D9D26365A46 1277937 ----a-w- C:\Program Files (x86)\Moborobo\unins000.exe

    2013-03-31 19:08:46 DCFB2F5DD98728785302260B10E3A80F 731432 ----a-w- C:\Program Files (x86)\Moborobo\update.exe

    2013-03-31 19:08:42 DCFB2F5DD98728785302260B10E3A80F 731432 ----a-w- C:\Program Files (x86)\Moborobo\update\update.exe

    2013-03-31 19:08:41 5B9277B9DB672E59B94E81D6D8F98507 76800 ----a-w- C:\Program Files (x86)\Moborobo\Common\Codes\faac.exe

    2013-03-31 19:08:40 BEF52BDBC9FDCCE8820E73156EA5BB01 61440 ----a-w- C:\Program Files (x86)\Moborobo\Common\Codes\BeSweet.exe

    2013-03-31 19:08:40 93FEA87EA9E64CD6E9EA8617AA2C587E 20904 ----a-w- C:\Program Files (x86)\Moborobo\wavstk.exe

    2013-03-31 19:08:40 8026B6B24B4EC9F04A4072D8EE482C69 80680 ----a-w- C:\Program Files (x86)\Moborobo\NoticeWordUpdate.exe

    2013-03-31 19:08:38 F7628F488950959E8A94AD599C63575D 71976 ----a-w- C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe

    2013-03-31 19:08:38 EB9E6895D2CA548E647B287DD83483BC 752056 ----a-w- C:\Program Files (x86)\Moborobo\MoboroboDeviceNotice.exe

    2013-03-31 19:08:38 DD55AB65C45DF5550E4F4F83FFE446C9 116520 ----a-w- C:\Program Files (x86)\Moborobo\iTunesKbHelper.exe

    2013-03-31 19:08:38 AB9FF234A263E45B527A9C7D13E14200 81704 ----a-w- C:\Program Files (x86)\Moborobo\Moborobo PC Suite.exe

    2013-03-31 19:08:37 C5C7F519BBD1B8999B7BCB25F6B34DAC 485672 ----a-w- C:\Program Files (x86)\Moborobo\Moborobo.exe

    2013-03-31 19:08:37 2EF068E0C4E7C2191B727ABFCBB66880 821544 ----a-w- C:\Program Files (x86)\Moborobo\AndroidInterface.exe

    2013-03-31 17:59:35 83957520224D1C8441988C5F403A3606 191608 ----a-w- C:\ProgramData\Sony Ericsson\Update Engine\configuration\org.eclipse.osgi\bundles\91\1\.cp\lib\x64\DriverInstaller.exe

    2013-03-31 17:38:33 AF0F4824911C46AE517148051545FC67 84992 ----a-w- C:\Program Files (x86)\Sony\Sony PC Companion\Pexplore.exe

    2013-03-31 17:35:21 0011A27DEBC94A4D04D0208381412677 23584360 ----a-w- C:\Program Files (x86)\Sony Media Go Install\B64072D6-3955-4ce6-BB4F-BDA62E58EEA1\sdkupdate.exe

    2013-03-31 17:14:10 CD306F302AE7955BCD3347ACB825B373 447152 ----a-w- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe

    2013-03-31 17:14:10 9C88D70C1F8136452C7C46C3D57DEAD6 106160 ----a-w- C:\Program Files (x86)\Sony\Sony PC Companion\rpshell.exe

    2013-03-31 17:14:10 3A4F2C0BB87A0895ABEBA341AA1E341B 155824 ----a-w- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

    2013-03-31 17:14:10 14AB31B4F673A3AF348A40B20BB2F587 70832 ----a-w- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe

    2013-03-31 17:14:09 578CC14A972EBE6B1FAE1A19AF1D3AE8 49152 ----a-w- C:\Program Files (x86)\Sony\Sony PC Companion\AvqBtEnum.exe

    === C: other files ==

    2013-04-03 20:44:02 92EB844D90615CB266F84C3202B8786E 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

    2013-03-31 19:08:52 732C8923749A526AB726D867FC9129AB 13608 ----a-w- C:\Windows\SysWOW64\drivers\MoborobAssDriver64.sys

    2013-03-31 19:08:38 732C8923749A526AB726D867FC9129AB 13608 ----a-w- C:\Program Files (x86)\Moborobo\MoboroboAssDriver64.sys

    2013-03-31 19:08:38 4F534ACBA8E27AA2F6337D6EFEF173D1 12072 ----a-w- C:\Program Files (x86)\Moborobo\MoboroboAssDriver.sys

    2013-03-31 18:00:52 6B503DF845EABF3457E49FBBDA26C10E 27760 ----a-w- C:\Windows\System32\drivers\ggsemc.sys

    2013-03-31 18:00:51 16C2A6BCDDA8952C2035DEC861492A19 14448 ----a-w- C:\Windows\System32\drivers\ggflt.sys

    ==== Startup Registry Enabled ======================

    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

    "Sidebar"="%ProgramFiles(x86)%\Windows Sidebar\Sidebar.exe /autoRun"

    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

    "Sidebar"="%ProgramFiles(x86)%\Windows Sidebar\Sidebar.exe /autoRun"

    [HKEY_USERS\S-1-5-21-963788649-3157601562-336401128-1000\Software\Microsoft\Windows\CurrentVersion\Run]

    "Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"

    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

    "mctadmin"="C:\Windows\System32\mctadmin.exe"

    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

    "mctadmin"="C:\Windows\System32\mctadmin.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe"

    "AVG_TRAY"="C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

    "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    "AVG9_TRAY"="C:\PROGRA~2\AVG\AVG9\avgtray.exe"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

    "Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"

    ==== Startup Registry Disabled x64 ======================

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acer ePower Management]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="Acer ePower Management"

    "hkey"="HKLM"

    "command"="C:\\Program Files\\Acer\\Acer ePower Management\\ePowerTray.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="Adobe ARM"

    "hkey"="HKLM"

    "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="Adobe Reader Speed Launcher"

    "hkey"="HKLM"

    "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Apoint]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="Apoint"

    "hkey"="HKLM"

    "command"="C:\\Program Files\\Apoint2K\\Apoint.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeDeluxeAgent]

    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="ArcadeDeluxeAgent"

    "hkey"="HKLM"

    "command"="\"C:\\Program Files (x86)\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecLiveUpdate]

    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="EgisTecLiveUpdate"

    "hkey"="HKLM"

    "command"="\"C:\\Program Files (x86)\\EgisTec Egis Software Update\\EgisUpdate.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Global Registration]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="Global Registration"

    "hkey"="HKCU"

    "command"="\"C:\\Program Files (x86)\\Acer\\Registration\\GREG.exe\" BOOT"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="HotKeysCmds"

    "hkey"="HKLM"

    "command"="C:\\Windows\\system32\\hkcmd.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAAnotif]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="IAAnotif"

    "hkey"="HKLM"

    "command"="C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="IgfxTray"

    "hkey"="HKLM"

    "command"="C:\\Windows\\system32\\igfxtray.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]

    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="LManager"

    "hkey"="HKLM"

    "command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mwlDaemon]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="mwlDaemon"

    "hkey"="HKLM"

    "command"="C:\\Program Files (x86)\\EgisTec\\MyWinLocker 3\\x86\\mwlDaemon.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck]

    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="NeroFilterCheck"

    "hkey"="HKLM"

    "command"="C:\\Windows\\system32\\NeroCheck.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pando Media Booster]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="Pando Media Booster"

    "hkey"="HKCU"

    "command"="C:\\Program Files (x86)\\Pando Networks\\Media Booster\\PMB.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="Persistence"

    "hkey"="HKLM"

    "command"="C:\\Windows\\system32\\igfxpers.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlayMovie]

    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="PlayMovie"

    "hkey"="HKLM"

    "command"="\"C:\\Program Files (x86)\\Acer Arcade Deluxe\\PlayMovie\\PMVService.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PLFSetI]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="PLFSetI"

    "hkey"="HKLM"

    "command"="C:\\Windows\\PLFSetI.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="RtHDVCpl"

    "hkey"="HKLM"

    "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="Steam"

    "hkey"="HKCU"

    "command"="C:\\Program Files (x86)\\Valve\\Steam\\\\Steam.exe -silent"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="SunJavaUpdateSched"

    "hkey"="HKLM"

    "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]

    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

    "item"="swg"

    "hkey"="HKCU"

    "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk]

    "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\hpoddt01.exe.lnk"

    "backup"="C:\\Windows\\pss\\hpoddt01.exe.lnk.CommonStartup"

    "backupExtension"=".CommonStartup"

    "command"="C:\\PROGRA~2\\HEWLET~1\\DIGITA~1\\bin\\hpotdd01.exe "

    "item"="hpoddt01.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]

    "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk"

    "backup"="C:\\Windows\\pss\\Microsoft Office.lnk.CommonStartup"

    "backupExtension"=".CommonStartup"

    "command"="C:\\PROGRA~2\\MICROS~1\\Office10\\OSA.EXE -b -l"

    "item"="Microsoft Office"

    ==== Task Scheduler Jobs ======================

    C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/03/2013 08:34]

    C:\Windows\tasks\ROC_REG_JAN_DELETE.job --a------ [undertermined Task]

    ==== Firefox Extensions ======================

    ProfilePath: C:\Users\Lies\AppData\Roaming\Mozilla\Firefox\Profiles\r87s9fc7.default

    - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

    AppDir: C:\Program Files (x86)\Mozilla Firefox

    - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ==== Firefox Plugins ======================

    Profilepath: C:\Users\Lies\AppData\Roaming\Mozilla\Firefox\Profiles\r87s9fc7.default

    47299371607DC2FB234444EEACB1639E - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash

    E2CCA1B3BA59949AE16EC587E89A09BA - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

    ==== Chrome Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

    jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx[26/07/2012 03:23]

    ndibdjnfmopecpmkdieinmbadjfpblof - C:\Program Files (x86)\AVG\AVG2012\Chrome\donottrack.crx[20/04/2012 06:18]

    ==== Set IE to Default ======================

    Old Values:

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

    "Start Page"="http://www.google.be/"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

    New Values:

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

    "Start Page"="http://www.google.be/"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

    "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

    ==== Reset Google Chrome ======================

    Nothing found to reset

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-963788649-3157601562-336401128-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

    HKEY_USERS\S-1-5-21-963788649-3157601562-336401128-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

    HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

    ==== Deleting CLSID Registry Values ======================

    ==== shortcuts on All Users Desktop ======================

    C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

    C:\Users\Public\Desktop\Media Go.lnk - C:\Program Files (x86)\Sony\Media Go\MediaGo.exe

    C:\Users\Public\Desktop\Moborobo.lnk - C:\Program Files (x86)\Moborobo\Moborobo.exe

    C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Qvo6.com

    C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe

    ==== shortcuts in Users Start Menu ======================

    C:\Users\Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com

    C:\Users\Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com

    C:\Users\Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com

    ==== shortcuts in All Users Start Menu ======================

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moborobo\Moborobo.lnk - C:\Program Files (x86)\Moborobo\Moborobo.exe

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moborobo\Uninstall Moborobo.lnk - C:\Program Files (x86)\Moborobo\unins000.exe

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Media Go\Media Go.lnk - C:\Program Files (x86)\Sony\Media Go\MediaGo.exe

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Sony PC Companion 2.1.lnk - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Verwijderen.lnk - C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe -uninst -runfromtemp

    ==== shortcuts in Quick Launch ======================

    C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com

    C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe

    C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com

    C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Qvo6.com

    ==== shortcuts After Repair ======================

    C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    C:\Users\Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe

    C:\Users\Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Users\Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

    C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Users\Lies\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    ==== Empty IE Cache ======================

    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Users\Lies\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

    C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Users\Lies\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

    ==== Empty FireFox Cache ======================

    No FireFox Cache found

    ==== Empty Chrome Cache ======================

    No Chrome User Data found

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    After Reboot

    ==== Empty Temp Folders ======================

    C:\Windows\Temp successfully emptied

    C:\Users\Lies\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== Deleting Files / Folders ======================

    "C:\Users\Lies\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

    - - - Updated - - -

    Na de heropstart die het logbestand opleverde van zoek.exe en vervolgens het opnieuw openen van Firefox om de log hier op het forum te posten, lijkt het mij al of alles weer normaal is. In ieder geval geen Qvo6 qstartpagina meer!

    Qvo6 virus

    in Archief Bestrijding malware & virussen

    Geplaatst:

    2 logbestanden op datum van 06/04 van malwarebytes

    Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100

    Malwarebytes : Free anti-malware download

    Databaseversie: v2013.04.06.03

    Windows 7 Service Pack 1 x64 NTFS

    Internet Explorer 9.0.8112.16421

    Lies :: LIES-PC [administrator]

    Bescherming: Ingeschakeld

    6/04/2013 10:11:21

    mbam-log-2013-04-06 (10-11-21).txt

    Scan type: Snelle scan

    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

    Uitgeschakelde scan opties: P2P

    Objecten gescand: 210114

    Verstreken tijd: 5 minuut/minuten, 24 seconde(n)

    Geheugenprocessen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 2

    C:\Windows\System32\user32.dat (Trojan.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd.

    C:\Windows\SysWOW64\user32.dat (Trojan.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd.

    (einde)

    2013/04/06 09:11:57 +0200 LIES-PC Lies MESSAGE Executing scheduled update: Daily

    2013/04/06 09:11:58 +0200 LIES-PC Lies ERROR Scheduled update failed: No address found failed with error code 0

    2013/04/06 09:12:03 +0200 LIES-PC Lies MESSAGE Starting protection

    2013/04/06 09:12:03 +0200 LIES-PC Lies MESSAGE Protection started successfully

    2013/04/06 09:12:03 +0200 LIES-PC Lies MESSAGE Starting IP protection

    2013/04/06 09:12:32 +0200 LIES-PC Lies MESSAGE IP Protection started successfully

    2013/04/06 10:07:27 +0200 LIES-PC Lies MESSAGE Starting protection

    2013/04/06 10:07:27 +0200 LIES-PC Lies MESSAGE Protection started successfully

    2013/04/06 10:07:27 +0200 LIES-PC Lies MESSAGE Starting IP protection

    2013/04/06 10:07:59 +0200 LIES-PC Lies MESSAGE IP Protection started successfully

    2013/04/06 10:10:53 +0200 LIES-PC Lies MESSAGE Starting database refresh

    2013/04/06 10:10:53 +0200 LIES-PC Lies MESSAGE Stopping IP protection

    2013/04/06 10:10:55 +0200 LIES-PC Lies MESSAGE IP Protection stopped successfully

    2013/04/06 10:10:59 +0200 LIES-PC Lies MESSAGE Database refreshed successfully

    2013/04/06 10:10:59 +0200 LIES-PC Lies MESSAGE Starting IP protection

    2013/04/06 10:11:19 +0200 LIES-PC Lies MESSAGE IP Protection started successfully

    2013/04/06 10:31:04 +0200 LIES-PC Lies MESSAGE Starting protection

    2013/04/06 10:31:04 +0200 LIES-PC Lies MESSAGE Protection started successfully

    2013/04/06 10:31:04 +0200 LIES-PC Lies MESSAGE Starting IP protection

    2013/04/06 10:31:44 +0200 LIES-PC Lies MESSAGE IP Protection started successfully

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 10:36:44, on 6/04/2013

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v9.00 (9.00.8112.16470)

    Boot mode: Normal

    Running processes:

    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe

    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe

    C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE

    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

    C:\Windows\SysWOW64\NOTEPAD.EXE

    C:\Windows\SysWOW64\NOTEPAD.EXE

    C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    C:\Windows\SysWOW64\NOTEPAD.EXE

    C:\Windows\SysWOW64\NOTEPAD.EXE

    C:\Users\Lies\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

    F2 - REG:system.ini: UserInit=userinit.exe,

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe

    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe

    O4 - HKCU\..\Run: [sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles(x86)%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles(x86)%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000

    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: AVG Free E-mail Scanner (avg9emc) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (file missing)

    O23 - Service: AVG Free WatchDog (avg9wd) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (file missing)

    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

    O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 8932 bytes

    (Qvo6 opent zich nog steeds als startpagina)

    Qvo6 virus

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 19:55:07, on 5/04/2013

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v9.00 (9.00.8112.16470)

    Boot mode: Normal

    Running processes:

    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

    C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    C:\Users\Lies\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    F2 - REG:system.ini: UserInit=userinit.exe

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe

    O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe

    O4 - HKCU\..\Run: [sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles(x86)%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles(x86)%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000

    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

    O20 - AppInit_DLLs: c:\progra~2\browse~1\sprote~1.dll

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: AVG Free E-mail Scanner (avg9emc) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (file missing)

    O23 - Service: AVG Free WatchDog (avg9wd) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (file missing)

    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

    O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 9463 bytes

    Qvo6 virus

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Ok merci alvast !

    Zal dit morgenavond doen aangezien ik dan pas terug thuis ben.

    Deze restore via HJT is dus ook nodig om een analyse te kunnen doen van het Qvo6 virus neem ik aan?

    Want hoewel ik nu dus zowel juiste als foute items heb verwijderd via HJT, heb ik op het eerste zicht geen problemen gemerkt wat betreft de werking van de laptop.

    Qvo6 virus

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Ik heb hijackthis als administrator uitgevoerd, een systemscan gedaan en daarna alles aangevinkt en verwijderd.

    Toen de laptop opnieuw opgestart in de hoop dat het probleem al zou opgelost zijn. Was niet het geval dus opnieuw een systemscan gedaan en daarvan het resultaat hier gepost.

    Qvo6 virus

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 8:05:08, on 4/04/2013

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v9.00 (9.00.8112.16470)

    Boot mode: Normal

    Running processes:

    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

    C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    C:\Users\Lies\Downloads\HijackThis.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: AVG Free E-mail Scanner (avg9emc) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (file missing)

    O23 - Service: AVG Free WatchDog (avg9wd) - Unknown owner - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (file missing)

    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

    O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 5128 bytes

    Qvo6 virus

    in Archief Bestrijding malware & virussen

    Geplaatst:

    Beste

    Ik heb deze avond op een of andere manier het Qvo6 virus binnengehaald.

    Heb al op verschillende manieren proberen te verwijderen na opzoeking op internet en doorlopen vd voorgeschreven stappen ... manueel en met enkele virusscanners (malwarebytes anti malwares en Hijackthis).

    Toch elke keer als ik IE of Firefox opstart, blijf ik opnieuw uitkomen op Qvo6 als startpagina.

    Wie kan mij helpen?

    Grtz

    3d kaart Poworcolor hd 6870 - instellen

    in Archief Hardware algemeen

    Geplaatst:

    Besten

    Ik heb een poworcolor hd 6870 kaart met één hdmi en 2 DVI aansluitingen.

    Heb mijn scherm altijd aangesloten met een dvi kabel naar de 3d kaart. Werkte perfect.

    Onlangs problemen gehad met mijn scherm en onder garantie een nieuw gekregen ... net hetzelfde ... Philips brillance HD scherm.

    Ik krijg dit nu enkel aangesloten met een HDMI kabel (geen beeld via DVI).

    Dus dacht ik dat mijn DVI kabel stuk was ... dus een nieuwe gekocht => een DVI - dual.

    Probleem: Bij aansluiten van de DVI naar scherm (geen van beide slots) krijg ik een signaal naar mijn scherm. Scherm geeft aan "no signal input" en valt na verloop van tijd uit. Aangezien het scherm en de 3d kaart en de kabel pas nieuw zijn vermoed ik niet dat het hieraan kan liggen. (Als ik switch naar HDMI werkt wel alles)

    Heb op het scherm, het schermmenu ook al handmatig omgezet van hdmi naar dvi en ook dit werkt niet.

    Kan ik nog ergens bij mijn 3d kaart instellingen iets veranderen (gva, hdmi of dvi)?

    Of waar kan het nog aan liggen?

    zware luidsprekers/monitors voor pc

    in Archief Multimedia

    Geplaatst:

    Beste

    Ik drum al sinds jaar en dag live mee met mijn oude stereoset. Deze heeft het onlangs begeven.

    Nu zoek ik een manier om te kunnen meedrummen met de muziek die op mijn pc staat

    (aangezien hier de meeste muziek op staat.)

    Let wel ik moet zeker een hoog volume kunnen halen en de muziek moet redelijk van kwaliteit blijven.

    Ik zou mezelf graag voorzien van 2 speakers ... één links en één rechts van mij geposteerd.

    Budget wil ik niet boven de 250 euro gaan ... heb al eens zitten kijken op Musicstore en denk hiermee toe te komen.

    Zelf dacht ik 2 actieve luidsprekers te kopen. Zodat ik het volume ook nog kan bijregelen ad box zelf.

    Nu maak ik mij de volgende bedenking ...

    Wat is het verschil tussen actieve monitors en actieve luidsprekers en welke zijn het meest geschikt?

    Hoe sluit ik deze aan op mijn pc? ik heb een ASROCK890CX Extreme3 Moederbord?

    Kunnen jullie een set voorstellen of hebben jullie nog andere voorstellen?

    thanx

    Internetsnelheid - Router

    in Archief Internet & Netwerk

    Geplaatst:

    Beste

    Mijn ouders hebben via Belgacom ADSL het Internet Intense pakket.

    Als ik zowat rondkijk zijn de snelheden volgens Belgacom 30 Mbps download en 4 Mbps upload.

    Tijdens het downloaden halen wij hoogstens snelheden van 800 KB/s.

    Nu hebben wij hier wel al sinds 2005 een Technicolor/Thomson SPeedtouch 510i. DSL Router.

    Kan het zijn dat deze de snelheden beperkt?

    Deze info vind ik op het net over de Router ...

    The SpeedTouch 510 is an ADSL1/2/2+ router with one RJ-11 WAN port and four 10/100Mbps LAN ports.

    This router supports VPN pass-through for IPSec and PPTP. It features a built-in SPI firewall to protect the network against hackers and Denial of Service (DoS) attacks.

    The router can be easily configured via Web-based configuration utility or SNMP v.1.

    Bedankt

    Traxdata multi media station

    in Archief Hardware algemeen

    Geplaatst: · aangepast door IMPEGA

    Beste

    Iemand een idee hoe ik de veel te grote ondertitels kleiner krijg? Deze vullen bijna de helft van mijn TV. Heb de laatste firmware geïnstalleerd V3.12. Ik gebruik het toestel met een externe harde schijf (via usb) … niet dat dit iets uitmaakt waarschijnlijk.

    Als ik dezelfde bestanden via mijn externe harde schijf via usb kabel naar mijn lg bd550 blu ray speler stuur, zijn ze niet zo reusachtig maar die ondersteunt dan weer niet zoveel videoformaten …

    merci

    nieuwe gamepc / toch hapert GTA IV

    in Archief Hardware algemeen

    Geplaatst:

    Hallo

    Heb paar dagen nieuwe pc binnen met onderstaande prestaties.

    Dacht GTA IV vlot te kunnen draaien ... dit ging in lage resolutie zelfs nog op mijn oude pc en nu hapert het spel constant ... iemand een idee ? Als ik canyourunit doe, zit ik ver over recommended...

    -Powercolor HD6870 - Grafische adapter - Radeon HD 6870 - PCI Express 2.1 x16 - 1 GB GDDR5 -

    -MD Black Edition - Processor - 1 x AMD Phenom II X6 1090T / 3.2 GHz - Socket AM3ASRock 890GX -Extreme3 - Moederbord - ATX - AMD 890GX - Socket AM3 - SATA-600 (RAID),

    -8 gig RAM

    Heb laatste directx geinstalleerd en al laatste upgrade van 3d kaart gedaan.

    Scherm is van 2009 en is HD

    game pc +/- 1.000 Euro

    in Archief Aan- en verkoopadvies

    Geplaatst:

    Hallo

    Willen jullie je eens laten gaan in het samenstellen van een game pc...

    budget rond de 1.000 euro

    Alvast bedankt.

    1. Waarvoor heb ik een PC nodig ? gamen
    2. Wat is mijn budget ? - ongeveer 1.000 euro
    3. Een merkcomputer of een samenstelling ? - samenstelling
    4. Ga ik overklokken ? - neen
    5. Ga ik later upgraden ? - ja ... wil er ook effe mee verder kunnen
    6. Heb ik al die nieuwe functies wel nodig ? - ja, USB 3.0. en Sata600 lijken me wel nuttig ...
    7. Ga ik zelf assembleren ? - Neen
    8. Heb ik een besturingssysteem nodig ? - ja, Windows 7 Home Premium
    9. Ga ik zelf installeren ? - Windows 7 kan ik zelf installeren...
    10. Heb ik een voorkeur aan onderdelen ? - Neen
    11. Heb ik nog randapparatuur nodig ? - basisbehuizing + inhoud is alles
    12. Heb ik specifieke wensen ? - genoeg slots om Ram bij te steken ... 6 core is misschien nuttig ... USB 3.0 en Sata 600 zoals hoger aangegeven.

    RAM geheugen (waar) controleren

    in Archief Hardware algemeen

    Geplaatst:

    Beste

    Mijn pc start tegenwoordig redelijk traag op. Heb onlangs aan het RAM geheugen zitten klooien. Waar kan ik nakijken of de 2GiG ook nog werken. Of slechts 1 vd 2 GiG ...

    Heb onderstaande gegevens uit systeeminfo kunnen kopieren via "msinfo32". Is het hieruit af te leiden?

    Total Physical Memory 2.048,00 MB

    Available Physical Memory 1,16 GB

    Total Virtual Memory 2,00 GB

    Available Virtual Memory 1,96 GB

    Bedankt

Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.