peet6
-
Items
19 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door peet6
-
-
Het Probleem is verdwenen de PC start nu op zonder de melding van de eRAgent.
Ik bedank bij deze iedereen die me heeft geholpen dit op te lossen en me een klein beetje wijzer te laten worden in de PC wereld.
Nogmaals hrtelijk bedankt
-
ComboFix 12-02-05.01 - spruit 05-02-2012 7:11.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.959.391 [GMT -12:00]
Gestart vanuit: c:\documents and settings\spruit\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\spruit\Mijn documenten\CFScript.txt.txt
AV: ESET Smart Security 5.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Persoonlijke firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Aanwezig AV is actief
.
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\SweetIM
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\adapter.xml
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\autoupdate.xml
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\contentpackages.xml
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\logger.xml
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\messages.xml
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\sweetim.xml
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\sweetimapp.xml
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\conf\users\main_user_config.xml
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\100\bar.html
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\100\bar.js
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\100\bar.swf
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\200\bar.html
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\200\bar.js
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\200\bar.swf
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\400\bar.html
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\400\bar.js
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\Bars\Default\400\bar.swf
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\contentdb\cache_indx.dat
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\packages\FailDialog\activationFail.htm
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\packages\FailDialog\close_but.gif
c:\documents and settings\All Users\Application Data\SweetIM\Messenger\data\packages\FailDialog\failure_dialog_BG.jpg
c:\documents and settings\All Users\Application Data\SweetIM\Toolbars\Internet Explorer\cache\052fa331a4bfc3dfa2a3603ffa88e8f2.prad39.js
c:\documents and settings\All Users\Application Data\SweetIM\Toolbars\Internet Explorer\cache\473d5c007e793590a1db512a6ef4eb57.games2.png
c:\documents and settings\All Users\Application Data\SweetIM\Toolbars\Internet Explorer\cache\53b597b55d8412d563b720d3585c1af8.facebook.png
c:\documents and settings\All Users\Application Data\SweetIM\Toolbars\Internet Explorer\cache\ae4884ec095a2b4ca0c079f93439dd7f.ieinfb.js
c:\documents and settings\All Users\Application Data\SweetIM\Toolbars\Internet Explorer\cache\fd966cfdfb43e4bfcb57fc08d68b8346.toolbar44.xml
c:\documents and settings\spruit\Application Data\AVG
c:\documents and settings\spruit\Application Data\AVG\PC Tuneup\Logs\PC Tuneup_SN.log
c:\documents and settings\spruit\Application Data\AVG\PC Tuneup\User Reports\Integrator_report.html
c:\documents and settings\spruit\Application Data\AVG\PC Tuneup\User Reports\Integrator_report.xml
c:\documents and settings\spruit\Application Data\AVG\Rescue\PC Tuneup 2011\120107204801845.rsc
c:\documents and settings\spruit\Application Data\AVG\Rescue\PC Tuneup 2011\120107204803908.rsc
c:\program files\SweetIM
c:\program files\SweetIM\Messenger\ContentPackagesActivationHandler.exe
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\KeyboardButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-01-05 to 2012-02-05 ))))))))))))))))))))))))))))))
.
.
2012-02-05 03:22 . 2012-02-05 03:22 -------- d-----w- c:\documents and settings\All Users\Application Data\PTV-AG
2012-02-05 03:20 . 2012-02-05 03:20 -------- d-----w- c:\program files\Common Files\ptv shared
2012-02-05 03:16 . 2012-02-05 03:16 -------- d-----w- c:\documents and settings\spruit\Application Data\InstallShield
2012-01-30 05:54 . 2012-01-30 05:54 388096 ----a-r- c:\documents and settings\spruit\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-30 05:54 . 2012-01-30 05:54 -------- d-----w- c:\program files\Trend Micro
2012-01-29 20:36 . 2012-01-29 20:36 -------- d-----w- c:\windows\system32\wbem\Repository
2012-01-15 00:37 . 2012-01-15 00:37 -------- d-----w- c:\documents and settings\spruit\.jordan
2012-01-15 00:12 . 2012-01-15 00:12 -------- d-----w- c:\windows\Sun
2012-01-14 23:34 . 2012-01-14 23:34 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-01-14 23:34 . 2012-01-14 23:34 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-14 19:05 . 2012-01-14 19:05 -------- d-----w- c:\documents and settings\spruit\Local Settings\Application Data\ESET
2012-01-14 19:05 . 2012-01-14 19:05 -------- d-----w- c:\documents and settings\spruit\Application Data\ESET
2012-01-14 19:03 . 2012-01-14 19:03 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2012-01-14 19:02 . 2012-01-14 19:02 -------- d-----w- c:\program files\ESET
2012-01-14 19:02 . 2012-01-14 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2012-01-14 08:32 . 2012-01-14 08:32 -------- d-----w- c:\documents and settings\LocalService\Application Data\TuneUp Software
2012-01-08 07:42 . 2012-01-08 07:42 -------- d-----w- c:\documents and settings\All Users\Application Data\SecretsOfOlympus
2012-01-08 07:35 . 2012-01-14 19:25 -------- d-----w- c:\program files\Secrets Of Olympus
2012-01-08 07:34 . 2012-01-08 07:34 -------- d-----w- c:\program files\ReflexiveArcade
2012-01-08 04:54 . 2012-01-08 04:57 -------- d-----w- c:\program files\RegCleaner
2012-01-08 04:26 . 2011-12-19 17:55 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2012-01-08 04:26 . 2011-12-19 17:50 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2012-01-08 04:25 . 2012-01-08 04:26 -------- d-----w- c:\program files\TuneUp Utilities 2011
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-01 11:08 . 2012-01-01 11:08 32608 ----a-w- c:\windows\king-uninstall.exe
2011-12-16 20:27 . 2011-12-16 20:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-25 21:57 . 2005-09-01 02:28 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2005-10-06 03:11 1859712 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2004-09-02 13:00 60928 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:22 . 2004-09-02 13:00 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:22 . 2004-09-02 13:00 152064 ----a-w- c:\windows\system32\schannel.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-05_10.56.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-05 19:17 . 2012-02-05 19:17 16384 c:\windows\temp\Perflib_Perfdata_508.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-04 16206848]
"SkyTel"="SkyTel.EXE" [2006-04-24 1448960]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-09-02 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-09-02 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-09-02 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-02 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-02 455168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-08 7311360]
"nwiz"="nwiz.exe" [2006-05-08 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-05-08 86016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-10 254696]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-09-23 61440]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-23 3080264]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiSpyWareDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\SnelStart\\v7\\SnelStart.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4-8-2011 9:20 118104]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [22-9-2011 12:03 974944]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [19-12-2011 5:53 1527104]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [7-7-2011 2:46 10064]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.startpagina.nl/
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*Yahoo! UK
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-02-05 07:18
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(1708)
c:\windows\System32\BCMLogon.dll
.
- - - - - - - > 'explorer.exe'(2340)
c:\windows\system32\webcheck.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\windows\RTHDCPL.EXE
c:\windows\SkyTel.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\windows\eHome\ehmsas.exe
c:\windows\eHome\ehSched.exe
c:\windows\system32\dllhost.exe
.
**************************************************************************
.
Voltooingstijd: 2012-02-04 18:19:33 - machine werd herstart
ComboFix-quarantined-files.txt 2012-02-05 06:19
ComboFix2.txt 2012-02-05 11:00
.
Pre-Run: 233.238.831.104 bytes beschikbaar
Post-Run: 233.233.809.408 bytes beschikbaar
.
- - End Of File - - EA164AD8A8376CC9EEFBD8C3D167E690
-
ComboFix 12-02-05.01 - spruit 04-02-2012 22:52:06.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.959.352 [GMT -12:00]
Gestart vanuit: c:\documents and settings\spruit\Bureaublad\ComboFix.exe
AV: ESET Smart Security 5.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Persoonlijke firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Aanwezig AV is actief
.
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\kb913800.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-01-05 to 2012-02-05 ))))))))))))))))))))))))))))))
.
.
2012-02-05 10:40 . 2012-02-05 10:41 -------- d-----w- c:\documents and settings\All Users\Application Data\SweetIM
2012-02-05 10:40 . 2012-02-05 10:41 -------- d-----w- c:\program files\SweetIM
2012-02-05 03:22 . 2012-02-05 03:22 -------- d-----w- c:\documents and settings\All Users\Application Data\PTV-AG
2012-02-05 03:20 . 2012-02-05 03:20 -------- d-----w- c:\program files\Common Files\ptv shared
2012-02-05 03:16 . 2012-02-05 03:16 -------- d-----w- c:\documents and settings\spruit\Application Data\InstallShield
2012-01-30 05:54 . 2012-01-30 05:54 388096 ----a-r- c:\documents and settings\spruit\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-30 05:54 . 2012-01-30 05:54 -------- d-----w- c:\program files\Trend Micro
2012-01-29 20:36 . 2012-01-29 20:36 -------- d-----w- c:\windows\system32\wbem\Repository
2012-01-15 00:37 . 2012-01-15 00:37 -------- d-----w- c:\documents and settings\spruit\.jordan
2012-01-15 00:12 . 2012-01-15 00:12 -------- d-----w- c:\windows\Sun
2012-01-14 23:34 . 2012-01-14 23:34 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-01-14 23:34 . 2012-01-14 23:34 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-14 19:05 . 2012-01-14 19:05 -------- d-----w- c:\documents and settings\spruit\Local Settings\Application Data\ESET
2012-01-14 19:05 . 2012-01-14 19:05 -------- d-----w- c:\documents and settings\spruit\Application Data\ESET
2012-01-14 19:03 . 2012-01-14 19:03 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2012-01-14 19:02 . 2012-01-14 19:02 -------- d-----w- c:\program files\ESET
2012-01-14 19:02 . 2012-01-14 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2012-01-14 08:32 . 2012-01-14 08:32 -------- d-----w- c:\documents and settings\LocalService\Application Data\TuneUp Software
2012-01-08 07:42 . 2012-01-08 07:42 -------- d-----w- c:\documents and settings\All Users\Application Data\SecretsOfOlympus
2012-01-08 07:35 . 2012-01-14 19:25 -------- d-----w- c:\program files\Secrets Of Olympus
2012-01-08 07:34 . 2012-01-08 07:34 -------- d-----w- c:\program files\ReflexiveArcade
2012-01-08 04:54 . 2012-01-08 04:57 -------- d-----w- c:\program files\RegCleaner
2012-01-08 04:26 . 2011-12-19 17:55 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2012-01-08 04:26 . 2011-12-19 17:50 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2012-01-08 04:25 . 2012-01-08 04:26 -------- d-----w- c:\program files\TuneUp Utilities 2011
2012-01-07 19:48 . 2012-01-07 19:48 -------- d-----w- c:\documents and settings\spruit\Application Data\AVG
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-01 11:08 . 2012-01-01 11:08 32608 ----a-w- c:\windows\king-uninstall.exe
2011-12-16 20:27 . 2011-12-16 20:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-25 21:57 . 2005-09-01 02:28 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2005-10-06 03:11 1859712 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2004-09-02 13:00 60928 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:22 . 2004-09-02 13:00 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:22 . 2004-09-02 13:00 152064 ----a-w- c:\windows\system32\schannel.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2012-01-16 130864]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-01-16 00:27 1330480 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-01-16 1330480]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-01-16 1330480]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-04 16206848]
"SkyTel"="SkyTel.EXE" [2006-04-24 1448960]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-09-02 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-09-02 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-09-02 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-02 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-02 455168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-08 7311360]
"nwiz"="nwiz.exe" [2006-05-08 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-05-08 86016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-10 254696]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-09-23 61440]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-23 3080264]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2012-01-20 114992]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiSpyWareDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\SnelStart\\v7\\SnelStart.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4-8-2011 9:20 118104]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [22-9-2011 12:03 974944]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [19-12-2011 5:53 1527104]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [7-7-2011 2:46 10064]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.startpagina.nl/
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*Yahoo! UK
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Zoek op het web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.1.1
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-02-04 22:56
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(1848)
c:\windows\System32\BCMLogon.dll
.
Voltooingstijd: 2012-02-04 22:58:00
ComboFix-quarantined-files.txt 2012-02-05 10:57
.
Pre-Run: 232.972.369.920 bytes beschikbaar
Post-Run: 233.239.863.296 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 15CF02C2BA436718508F4DEAC306D0EB
-
Beste Kape. Ik heb gedaan wat U heeft geadviseerd en de betreffende dingen verwijderd volgens Uw bericht.Helaas blijft de melding bij het opstarten komen.
-
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:58:25, on 29-1-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SkyTel.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! UK
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl - alles op een rijtje! (ook op mobiel)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! UK
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [skyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 7622 bytes
-
Goedemorgen U vroeg mij om services.msc te openen en naar de status van erecovery te kijken .Erecovery komt niet in die lijst voor.Als ik via zoeken naar erecovery zoek krijg ik een lijst met van alles wat start met erecovery.als ik dat probeer te uploaden naar U zegt het uploadprogram dat het een invalid file is.Tevens krijg ik de melding dat erecovery management niet beschikbaar is, zoals gemeld staat het wel in de pc. .Hopelijk kunt U hier iets uit halen.
Bij voorbaat dank. Groeten Peet6.
-
Ik heb gedaan wat U heeft gezegd en helaas heeft het niet geleid tot het verdwijnen van de eragent. Het is nog steeds daar.
Hopelijk wordt het U niet teveel. Groeten Peet6
-
133333.bmp[ATTACH]16187[/ATTACH]
-
Hallo helaas kan ik er geen screenshot van maken ik kan het wel naar u mailen als ik het adres heb. Elke keer zegt het programma dat het bestand te groot is
-
Nee nog nooit sorry
-
http://speccy.piriform.com/results/Z3Ys68aoiYgyznYAiZaffZr
Bij deze de link die U vroeg. Tevens de vermeldingen die er verschijnen als ik de pc start
Er staat Press F1 to continue, Del to enter Setup
Daarboven staat: CMOS Checksum error Defaults loaded.Na het indrukken van f1 komt er eRagent
An invalid argument was encountered.
Ik hoop dat U me niet kwalijk neem dat ik laat reageer. Ik ben voor mijn werk de hele week in het buitenland. Groeten Peter
-
Ok dankjewel
-
het is een acer espire L100 desktop
-
Ik gebruik xp en heb in de software gezocht naar het door U genoemde erecovery , helaas niet gevonden
-
helaas is het probleem nog aanwezig ik heb gedaan wat U geadviseerd heeft en de cc cleaner er diverse malen overheen laten lopen. Het probleem blijft, moet nog steeds F1 indrukken om de pc te starten daarna weer de melding eRAgent an invalid argument was encountered.
-
ok bedankt voor de tip ik ga er nu mee aan de slag cc cleaner heb ik en het gaat inderdaat om een acer
-
Kan iemand mij laten weten hoe het komt dat mijn pc bij het opstarten voordat er wat gebeurd vraagd de F1 toets
in te drukken. Daarna start hij gewoon op , en als de opstartprocedure klaar is staat er in mijn Scherm het volgende: eRAgent
an invalid argument was encoutered.
Als ik het wegclick doet de pc het normaal en kan ik niet merken dat er iets niet goed is.
Wie helpt me op een simpele manier uit de droom ik ben geen wizzkid.
Bij voorbaar bedankt
Peet6
-
Mijnheer/mevr.
Hoe komt het dat mijn acer pc als ik hem een week niet gebruik de tijd terug zet naar 2006 Ik zet de tijd constand weer op de huidige tijd maar na een week staat er weer 2006 1 01. heel graag een antwoord .
Opstartprobleem
in Archief Windows Algemeen
Geplaatst:
Via deze weg wil ik de heren die mijn PC weer geheel in orde hebben weten te krijgen hartelijk bedanken voor hun gedane inspanningen . De opstartproblemen zijn verdwenen en ook de klok doet het weer normaal nadat ik een nieuwe moederbordbatterij geplaatst heb.