Ga naar inhoud

u99mhh

Lid
  • Items

    16
  • Registratiedatum

  • Laatst bezocht

u99mhh's prestaties

  1. Beste clarkie, het betreft het email programma meegeleverd met windows 8.1 MikeHou
  2. hoi, er wordt mij gevraagd om mijn telenet-account bij te werken om email te gebruiken in windows 8.1 ik krijg de melding : er zijn geen instellingen gevonden voor <mijn email adres> verstrek meer gegevens waarna opnieuw wordt geprobeerd de verbinding tot stand te brengen ! Mijn emaildres, gebruikersnaam en wachtwoord zijn ingevuld en er wordt gevraagd naar serveradres en domein ??? Mikehou
  3. Clarkie,ik doe exact wat er voorgesteld wordt , mijn bestand staat in de regel, maar de Upload!- button is grijs, ik kan daar NIET op klikken !
  4. Beste clarkie,ik kan mijn bestand kiezen , maar de button Uplod blijft Disable !Wat bedoel je met - plaats de link naar het bestand ???
  5. Beste clarkie ik rijg na klikken op Meer opties NIET het scherm van in je bijlage !Ik heb duie menubalk met die icoontjes NIET - ik kan dus NIET op die paperclip klikken !!!!
  6. best kape,ik kan dat bestandje uploaden vanop mijn PC maar dan ????Sluit dit venster ??? Er gebeurt niets ! Hoe stuur ik dit bestand naar het forum ?
  7. ik kan die log zowel in notepad als bvb in Word mooi afgelijnd zien, maar van zodra ik een copy-past doe in het helpforum en op reactie versturen klik is de lay-out om zeep om het zo te zeggen !!!
  8. ComboFix 13-02-01.04 - michael 01/02/2013 22:42:27.1.4 - x86Gestart vanuit: c:\users\michael\Desktop\ComboFix.exe * Aanwezig AV is actief...(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\0tbpw.padc:\programdata\284c:\programdata\284\{BAF92A43-026A-4F3B-885B-FC3E9E1C2625}.swfc:\users\michael\AppData\Roaming\.#c:\users\michael\AppData\Roaming\.#\MBX@960@1C52990.###c:\users\michael\AppData\Roaming\.#\MBX@960@1C529C0.###c:\users\michael\AppData\Roaming\.#\MBX@960@1C529F0.###c:\users\michael\AppData\Roaming\.#\MBX@C8C@1B72990.###c:\users\michael\AppData\Roaming\.#\MBX@C8C@1B729C0.###c:\users\michael\AppData\Roaming\.#\MBX@C8C@1B729F0.###c:\users\michael\AppData\Roaming\.#\MBX@EB4@1DF2990.###c:\users\michael\AppData\Roaming\.#\MBX@EB4@1DF29C0.###c:\users\michael\AppData\Roaming\.#\MBX@EB4@1DF29F0.###..(((((((((((((((((((( Bestanden Gemaakt van 2013-01-01 to 2013-02-01 ))))))))))))))))))))))))))))))..2013-02-01 21:51 . 2013-02-01 21:51 -------- d-----w- c:\users\Default\AppData\Local\temp2013-01-26 17:47 . 2013-01-26 17:47 -------- d-----w- c:\users\michael\AppData\Roaming\Malwarebytes2013-01-26 17:46 . 2013-01-26 17:46 -------- d-----w- c:\programdata\Malwarebytes2013-01-26 17:46 . 2013-01-26 17:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-01-26 17:46 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys2013-01-18 17:24 . 2013-01-18 17:24 388096 ----a-r- c:\users\michael\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe2013-01-18 17:24 . 2013-01-18 17:24 -------- d-----w- c:\program files\Trend Micro2013-01-17 22:15 . 2013-01-17 22:15 -------- d-----w- c:\program files\Common Files\Java2013-01-17 22:14 . 2013-01-17 22:14 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2013-01-10 16:36 . 2012-11-23 01:35 2048000 ----a-w- c:\windows\system32\win32k.sys2013-01-10 16:36 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll2013-01-10 16:36 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll...((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-01-17 22:14 . 2012-07-01 09:20 859552 ----a-w- c:\windows\system32\npdeployJava1.dll2013-01-17 22:14 . 2010-05-29 16:05 780192 ----a-w- c:\windows\system32\deployJava1.dll2013-01-10 16:44 . 2012-04-09 11:52 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-01-10 16:44 . 2011-06-05 10:33 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-12-26 09:12 . 2012-12-16 02:41 60480 ----a-w- c:\windows\system32\drivers\cfwids.sys2012-12-26 09:09 . 2012-12-16 02:41 210168 ----a-w- c:\windows\system32\drivers\mfewfpk.sys2012-12-26 09:09 . 2012-12-16 02:42 171976 ----a-w- c:\windows\system32\mfevtps.exe2012-12-26 09:08 . 2012-12-16 02:42 9648 ----a-w- c:\windows\system32\drivers\mfeclnk.sys2012-12-26 09:07 . 2012-12-16 02:41 92192 ----a-w- c:\windows\system32\drivers\mferkdet.sys2012-12-26 09:06 . 2012-12-16 02:41 565416 ----a-w- c:\windows\system32\drivers\mfehidk.sys2012-12-26 09:05 . 2012-12-16 02:41 362640 ----a-w- c:\windows\system32\drivers\mfefirek.sys2012-12-26 09:05 . 2012-12-16 02:41 65488 ----a-w- c:\windows\system32\drivers\mfebopk.sys2012-12-26 09:05 . 2012-12-16 02:41 234824 ----a-w- c:\windows\system32\drivers\mfeavfk.sys2012-12-26 09:04 . 2012-12-16 02:41 132976 ----a-w- c:\windows\system32\drivers\mfeapfk.sys2012-12-16 13:12 . 2012-12-20 18:49 34304 ----a-w- c:\windows\system32\atmlib.dll2012-12-16 10:50 . 2012-12-20 18:49 293376 ----a-w- c:\windows\system32\atmfd.dll2012-11-14 02:09 . 2012-12-16 02:08 1800704 ----a-w- c:\windows\system32\jscript9.dll2012-11-14 01:58 . 2012-12-16 02:08 1427968 ----a-w- c:\windows\system32\inetcpl.cpl2012-11-14 01:57 . 2012-12-16 02:08 1129472 ----a-w- c:\windows\system32\wininet.dll2012-11-14 01:49 . 2012-12-16 02:08 142848 ----a-w- c:\windows\system32\ieUnatt.exe2012-11-14 01:48 . 2012-12-16 02:08 420864 ----a-w- c:\windows\system32\vbscript.dll2012-11-14 01:44 . 2012-12-16 02:08 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-11-13 01:29 . 2012-12-15 13:56 2048 ----a-w- c:\windows\system32\tzres.dll2012-11-09 05:53 . 2012-12-16 02:42 167344 ----a-w- c:\windows\system32\mfevtps.exe.9fd5.deleteme..((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))..*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]2009-06-30 11:03 398784 ----a-w- c:\program files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]2008-03-04 21:38 121392 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2008-01-09 326176]"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]"PCMMediaSharing"="c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 204908]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-22 30192]"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]"Skytel"="Skytel.exe" [2007-11-20 1826816]"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2008-05-06 196128]"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-06 86016]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-06 8530464]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-06 81920]"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1278648]"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]@="Service".[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]"DisableMonitoring"=dword:00000001.S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [x]..--- Andere Services/Drivers In Geheugen ---.*Deregistered* - mfeavfk01*Deregistered* - mfeavfk02*Deregistered* - mfehidk01.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceAndNoImpersonation REG_MULTI_SZ FontCachebthsvcs REG_MULTI_SZ BthServ.Inhoud van de 'Gedeelde Taken' map.2013-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 16:44].2013-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1151326156-3499597662-2831108977-1000Core.job- c:\users\michael\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-22 17:40].2013-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1151326156-3499597662-2831108977-1000UA.job- c:\users\michael\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-22 17:40]..------- Bijkomende Scan -------.uStart Page = hxxp://www.google.com/mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=1&o=vp32&d=1208&m=aspire_m3641IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000TCP: DhcpNameServer = 195.130.131.2 195.130.130.130.- - - - ORPHANS VERWIJDERD - - - -.WebBrowser-{196C3A46-4758-433D-A600-802C804AF39C} - (no file)HKLM-Run-Apanel - c:\acersw\config\SetApanel.cmdHKLM-Run-eRecoveryService - (no file)AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\standard_1.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, PC Helpforum - Gratis hulp bij computer problemen scan 2013-02-01 22:51Windows 6.0.6002 Service Pack 2 NTFS.scannen van verborgen processen ... .scannen van verborgen autostart items ... .scannen van verborgen bestanden ... .Scan succesvol afgerondverborgen bestanden: 0.**************************************************************************.--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.Voltooingstijd: 2013-02-01 22:54:32ComboFix-quarantined-files.txt 2013-02-01 21:54.Pre-Run: 201.052.921.856 bytes beschikbaarPost-Run: 201.539.297.280 bytes beschikbaar.- - End Of File - - F6C5E1B3C31BA234F689E22C98FE22D1
  9. beste kape , ik heb problemen om de log-file in een correct formaar door te sturen - ik heb getracht om deze manueel aan te passen in het bericht maar blijkbaar mag een wijziging niet langer dan 3 minuten duren !!!???ComboFix 13-02-01.04 - michael 01/02/2013 22:42:27.1.4 - x86Gestart vanuit: c:\users\michael\Desktop\ComboFix.exe * Aanwezig AV is actief...(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\0tbpw.padc:\programdata\284c:\programdata\284\{BAF92A43-026A-4F3B-885B-FC3E9E1C2625}.swfc:\users\michael\AppData\Roaming\.#c:\users\michael\AppData\Roaming\.#\MBX@960@1C52990.###c:\users\michael\AppData\Roaming\.#\MBX@960@1C529C0.###c:\users\michael\AppData\Roaming\.#\MBX@960@1C529F0.###c:\users\michael\AppData\Roaming\.#\MBX@C8C@1B72990.###c:\users\michael\AppData\Roaming\.#\MBX@C8C@1B729C0.###c:\users\michael\AppData\Roaming\.#\MBX@C8C@1B729F0.###c:\users\michael\AppData\Roaming\.#\MBX@EB4@1DF2990.###c:\users\michael\AppData\Roaming\.#\MBX@EB4@1DF29C0.###c:\users\michael\AppData\Roaming\.#\MBX@EB4@1DF29F0.###..(((((((((((((((((((( Bestanden Gemaakt van 2013-01-01 to 2013-02-01 ))))))))))))))))))))))))))))))..2013-02-01 21:51 . 2013-02-01 21:51 -------- d-----w- c:\users\Default\AppData\Local\temp2013-01-26 17:47 . 2013-01-26 17:47 -------- d-----w- c:\users\michael\AppData\Roaming\Malwarebytes2013-01-26 17:46 . 2013-01-26 17:46 -------- d-----w- c:\programdata\Malwarebytes2013-01-26 17:46 . 2013-01-26 17:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-01-26 17:46 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys2013-01-18 17:24 . 2013-01-18 17:24 388096 ----a-r- c:\users\michael\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe2013-01-18 17:24 . 2013-01-18 17:24 -------- d-----w- c:\program files\Trend Micro2013-01-17 22:15 . 2013-01-17 22:15 -------- d-----w- c:\program files\Common Files\Java2013-01-17 22:14 . 2013-01-17 22:14 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2013-01-10 16:36 . 2012-11-23 01:35 2048000 ----a-w- c:\windows\system32\win32k.sys2013-01-10 16:36 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll2013-01-10 16:36 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll...((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-01-17 22:14 . 2012-07-01 09:20 859552 ----a-w- c:\windows\system32\npdeployJava1.dll2013-01-17 22:14 . 2010-05-29 16:05 780192 ----a-w- c:\windows\system32\deployJava1.dll2013-01-10 16:44 . 2012-04-09 11:52 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-01-10 16:44 . 2011-06-05 10:33 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-12-26 09:12 . 2012-12-16 02:41 60480 ----a-w- c:\windows\system32\drivers\cfwids.sys2012-12-26 09:09 . 2012-12-16 02:41 210168 ----a-w- c:\windows\system32\drivers\mfewfpk.sys2012-12-26 09:09 . 2012-12-16 02:42 171976 ----a-w- c:\windows\system32\mfevtps.exe2012-12-26 09:08 . 2012-12-16 02:42 9648 ----a-w- c:\windows\system32\drivers\mfeclnk.sys2012-12-26 09:07 . 2012-12-16 02:41 92192 ----a-w- c:\windows\system32\drivers\mferkdet.sys2012-12-26 09:06 . 2012-12-16 02:41 565416 ----a-w- c:\windows\system32\drivers\mfehidk.sys2012-12-26 09:05 . 2012-12-16 02:41 362640 ----a-w- c:\windows\system32\drivers\mfefirek.sys2012-12-26 09:05 . 2012-12-16 02:41 65488 ----a-w- c:\windows\system32\drivers\mfebopk.sys2012-12-26 09:05 . 2012-12-16 02:41 234824 ----a-w- c:\windows\system32\drivers\mfeavfk.sys2012-12-26 09:04 . 2012-12-16 02:41 132976 ----a-w- c:\windows\system32\drivers\mfeapfk.sys2012-12-16 13:12 . 2012-12-20 18:49 34304 ----a-w- c:\windows\system32\atmlib.dll2012-12-16 10:50 . 2012-12-20 18:49 293376 ----a-w- c:\windows\system32\atmfd.dll2012-11-14 02:09 . 2012-12-16 02:08 1800704 ----a-w- c:\windows\system32\jscript9.dll2012-11-14 01:58 . 2012-12-16 02:08 1427968 ----a-w- c:\windows\system32\inetcpl.cpl2012-11-14 01:57 . 2012-12-16 02:08 1129472 ----a-w- c:\windows\system32\wininet.dll2012-11-14 01:49 . 2012-12-16 02:08 142848 ----a-w- c:\windows\system32\ieUnatt.exe2012-11-14 01:48 . 2012-12-16 02:08 420864 ----a-w- c:\windows\system32\vbscript.dll2012-11-14 01:44 . 2012-12-16 02:08 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-11-13 01:29 . 2012-12-15 13:56 2048 ----a-w- c:\windows\system32\tzres.dll2012-11-09 05:53 . 2012-12-16 02:42 167344 ----a-w- c:\windows\system32\mfevtps.exe.9fd5.deleteme..((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))..*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]2009-06-30 11:03 398784 ----a-w- c:\program files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]2008-03-04 21:38 121392 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2008-01-09 326176]"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]"PCMMediaSharing"="c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 204908]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-22 30192]"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]"Skytel"="Skytel.exe" [2007-11-20 1826816]"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2008-05-06 196128]"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-06 86016]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-06 8530464]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-06 81920]"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1278648]"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]@="Service".[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]"DisableMonitoring"=dword:00000001.S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [x]..--- Andere Services/Drivers In Geheugen ---.*Deregistered* - mfeavfk01*Deregistered* - mfeavfk02*Deregistered* - mfehidk01.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceAndNoImpersonation REG_MULTI_SZ FontCachebthsvcs REG_MULTI_SZ BthServ.Inhoud van de 'Gedeelde Taken' map.2013-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 16:44].2013-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1151326156-3499597662-2831108977-1000Core.job- c:\users\michael\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-22 17:40].2013-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1151326156-3499597662-2831108977-1000UA.job- c:\users\michael\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-22 17:40]..------- Bijkomende Scan -------.uStart Page = hxxp://www.google.com/mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=1&o=vp32&d=1208&m=aspire_m3641IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000TCP: DhcpNameServer = 195.130.131.2 195.130.130.130.- - - - ORPHANS VERWIJDERD - - - -.WebBrowser-{196C3A46-4758-433D-A600-802C804AF39C} - (no file)HKLM-Run-Apanel - c:\acersw\config\SetApanel.cmdHKLM-Run-eRecoveryService - (no file)AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\standard_1.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, PC Helpforum - Gratis hulp bij computer problemen scan 2013-02-01 22:51Windows 6.0.6002 Service Pack 2 NTFS.scannen van verborgen processen ... .scannen van verborgen autostart items ... .scannen van verborgen bestanden ... .Scan succesvol afgerondverborgen bestanden: 0.**************************************************************************.--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.Voltooingstijd: 2013-02-01 22:54:32ComboFix-quarantined-files.txt 2013-02-01 21:54.Pre-Run: 201.052.921.856 bytes beschikbaarPost-Run: 201.539.297.280 bytes beschikbaar.- - End Of File - - F6C5E1B3C31BA234F689E22C98FE22D1
  10. beste kape,waar kan ik die log terugvinden ?
  11. beste kape,logfile van combofixComboFix 13-02-01.04 - michael 01/02/2013 22:42:27.1.4 - x86Gestart vanuit: c:\users\michael\Desktop\ComboFix.exe * Aanwezig AV is actief...(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\0tbpw.padc:\programdata\284c:\programdata\284\{BAF92A43-026A-4F3B-885B-FC3E9E1C2625}.swfc:\users\michael\AppData\Roaming\.#c:\users\michael\AppData\Roaming\.#\MBX@960@1C52990.###c:\users\michael\AppData\Roaming\.#\MBX@960@1C529C0.###c:\users\michael\AppData\Roaming\.#\MBX@960@1C529F0.###c:\users\michael\AppData\Roaming\.#\MBX@C8C@1B72990.###c:\users\michael\AppData\Roaming\.#\MBX@C8C@1B729C0.###c:\users\michael\AppData\Roaming\.#\MBX@C8C@1B729F0.###c:\users\michael\AppData\Roaming\.#\MBX@EB4@1DF2990.###c:\users\michael\AppData\Roaming\.#\MBX@EB4@1DF29C0.###c:\users\michael\AppData\Roaming\.#\MBX@EB4@1DF29F0.###..(((((((((((((((((((( Bestanden Gemaakt van 2013-01-01 to 2013-02-01 ))))))))))))))))))))))))))))))..2013-02-01 21:51 . 2013-02-01 21:51 -------- d-----w- c:\users\Default\AppData\Local\temp2013-01-26 17:47 . 2013-01-26 17:47 -------- d-----w- c:\users\michael\AppData\Roaming\Malwarebytes2013-01-26 17:46 . 2013-01-26 17:46 -------- d-----w- c:\programdata\Malwarebytes2013-01-26 17:46 . 2013-01-26 17:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-01-26 17:46 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys2013-01-18 17:24 . 2013-01-18 17:24 388096 ----a-r- c:\users\michael\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe2013-01-18 17:24 . 2013-01-18 17:24 -------- d-----w- c:\program files\Trend Micro2013-01-17 22:15 . 2013-01-17 22:15 -------- d-----w- c:\program files\Common Files\Java2013-01-17 22:14 . 2013-01-17 22:14 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2013-01-10 16:36 . 2012-11-23 01:35 2048000 ----a-w- c:\windows\system32\win32k.sys2013-01-10 16:36 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll2013-01-10 16:36 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll...((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-01-17 22:14 . 2012-07-01 09:20 859552 ----a-w- c:\windows\system32\npdeployJava1.dll2013-01-17 22:14 . 2010-05-29 16:05 780192 ----a-w- c:\windows\system32\deployJava1.dll2013-01-10 16:44 . 2012-04-09 11:52 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-01-10 16:44 . 2011-06-05 10:33 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-12-26 09:12 . 2012-12-16 02:41 60480 ----a-w- c:\windows\system32\drivers\cfwids.sys2012-12-26 09:09 . 2012-12-16 02:41 210168 ----a-w- c:\windows\system32\drivers\mfewfpk.sys2012-12-26 09:09 . 2012-12-16 02:42 171976 ----a-w- c:\windows\system32\mfevtps.exe2012-12-26 09:08 . 2012-12-16 02:42 9648 ----a-w- c:\windows\system32\drivers\mfeclnk.sys2012-12-26 09:07 . 2012-12-16 02:41 92192 ----a-w- c:\windows\system32\drivers\mferkdet.sys2012-12-26 09:06 . 2012-12-16 02:41 565416 ----a-w- c:\windows\system32\drivers\mfehidk.sys2012-12-26 09:05 . 2012-12-16 02:41 362640 ----a-w- c:\windows\system32\drivers\mfefirek.sys2012-12-26 09:05 . 2012-12-16 02:41 65488 ----a-w- c:\windows\system32\drivers\mfebopk.sys2012-12-26 09:05 . 2012-12-16 02:41 234824 ----a-w- c:\windows\system32\drivers\mfeavfk.sys2012-12-26 09:04 . 2012-12-16 02:41 132976 ----a-w- c:\windows\system32\drivers\mfeapfk.sys2012-12-16 13:12 . 2012-12-20 18:49 34304 ----a-w- c:\windows\system32\atmlib.dll2012-12-16 10:50 . 2012-12-20 18:49 293376 ----a-w- c:\windows\system32\atmfd.dll2012-11-14 02:09 . 2012-12-16 02:08 1800704 ----a-w- c:\windows\system32\jscript9.dll2012-11-14 01:58 . 2012-12-16 02:08 1427968 ----a-w- c:\windows\system32\inetcpl.cpl2012-11-14 01:57 . 2012-12-16 02:08 1129472 ----a-w- c:\windows\system32\wininet.dll2012-11-14 01:49 . 2012-12-16 02:08 142848 ----a-w- c:\windows\system32\ieUnatt.exe2012-11-14 01:48 . 2012-12-16 02:08 420864 ----a-w- c:\windows\system32\vbscript.dll2012-11-14 01:44 . 2012-12-16 02:08 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-11-13 01:29 . 2012-12-15 13:56 2048 ----a-w- c:\windows\system32\tzres.dll2012-11-09 05:53 . 2012-12-16 02:42 167344 ----a-w- c:\windows\system32\mfevtps.exe.9fd5.deleteme..((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))..*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]2009-06-30 11:03 398784 ----a-w- c:\program files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]2008-03-04 21:38 121392 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2008-01-09 326176]"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]"PCMMediaSharing"="c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 204908]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-22 30192]"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]"Skytel"="Skytel.exe" [2007-11-20 1826816]"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2008-05-06 196128]"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-06 86016]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-06 8530464]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-06 81920]"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1278648]"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]@="Service".[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]"DisableMonitoring"=dword:00000001.S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [x]..--- Andere Services/Drivers In Geheugen ---.*Deregistered* - mfeavfk01*Deregistered* - mfeavfk02*Deregistered* - mfehidk01.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceAndNoImpersonation REG_MULTI_SZ FontCachebthsvcs REG_MULTI_SZ BthServ.Inhoud van de 'Gedeelde Taken' map.2013-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 16:44].2013-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1151326156-3499597662-2831108977-1000Core.job- c:\users\michael\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-22 17:40].2013-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1151326156-3499597662-2831108977-1000UA.job- c:\users\michael\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-22 17:40]..------- Bijkomende Scan -------.uStart Page = hxxp://www.google.com/mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=1&o=vp32&d=1208&m=aspire_m3641IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000TCP: DhcpNameServer = 195.130.131.2 195.130.130.130.- - - - ORPHANS VERWIJDERD - - - -.WebBrowser-{196C3A46-4758-433D-A600-802C804AF39C} - (no file)HKLM-Run-Apanel - c:\acersw\config\SetApanel.cmdHKLM-Run-eRecoveryService - (no file)AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\standard_1.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, PC Helpforum - Gratis hulp bij computer problemen scan 2013-02-01 22:51Windows 6.0.6002 Service Pack 2 NTFS.scannen van verborgen processen ... .scannen van verborgen autostart items ... .scannen van verborgen bestanden ... .Scan succesvol afgerondverborgen bestanden: 0.**************************************************************************.--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.Voltooingstijd: 2013-02-01 22:54:32ComboFix-quarantined-files.txt 2013-02-01 21:54.Pre-Run: 201.052.921.856 bytes beschikbaarPost-Run: 201.539.297.280 bytes beschikbaar.- - End Of File - - F6C5E1B3C31BA234F689E22C98FE22D1
  12. Beste kape,hierbij de log van HijackThis :Logfile of Trend Micro HijackThis v2.0.4Scan saved at 20:17:13, on 31/01/2013Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v9.00 (9.00.8112.16457)Boot mode: NormalRunning processes:C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\RtHDVCpl.exeC:\Acer\Empowering Technology\SysMonitor.exeC:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\Windows\System32\nvraidservice.exeC:\Windows\System32\rundll32.exeC:\Program Files\Belgium Identity Card\beid35gui.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exeC:\Program Files\Sony\PMB\PMBVolumeWatcher.exeC:\Windows\system32\taskeng.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Windows\ehome\ehtray.exeC:\Windows\System32\spool\drivers\w32x86\3\E_FATIEGE.EXEC:\Windows\ehome\ehmsas.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEC:\Windows\system32\wbem\unsecapp.exeC:\Windows\System32\mobsync.exeC:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXEC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\taskeng.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files\Trend Micro\HiJackThis\HiJackThis.exeC:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Search - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = PC Helpforum - Gratis hulp bij computer problemen - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhostO2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dllO2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllO3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dllO3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exeO4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exeO4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startupO4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\SetApanel.cmdO4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exeO4 - HKLM\..\Run: [skytel] Skytel.exeO4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exeO4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStartO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startupO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exeO4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeyO4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startupO4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststartO4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_SF23A.tmp" /EF "HKCU"O4 - HKCU\..\Run: [Google Update] "C:\Users\michael\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEO8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dllO18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dllO18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dllO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLLO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dllO23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exeO23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exeO23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exeO23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exeO23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exeO23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exeO23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exeO23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exeO23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exeO23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exeO23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exeO23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exeO23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exeO23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exeO23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exeO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exeO23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe--End of file - 11017 bytes
  13. Beste Jion,hieronder de inhoud van de log na het volgen van uw instructies :mijn probleem blijft hetzelfde !Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100www.malwarebytes.orgDatabaseversie: v2013.01.26.09Windows Vista Service Pack 2 x86 NTFSInternet Explorer 9.0.8112.16421michael :: PC_VAN_MICHAEL [administrator]Bescherming: Ingeschakeld26/01/2013 18:48:14mbam-log-2013-01-26 (18-48-14).txtScan type: Snelle scanIngeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUMUitgeschakelde scan opties: P2PObjecten gescand: 214175Verstreken tijd: 9 minuut/minuten, 25 seconde(n)Geheugenprocessen gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd)Geheugenmodulen gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd)Registersleutels gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd)Registerwaarden gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd)Registerdata gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd)Mappen gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd)Bestanden gedetecteerd: 1C:\ProgramData\lsass.exe (Trojan.Delf) -> Succesvol in quarantaine geplaatst en verwijderd.(einde)2de log 2013/01/26 18:47:14 +0100 PC_VAN_MICHAEL michael MESSAGE Executing scheduled update: Daily2013/01/26 18:47:17 +0100 PC_VAN_MICHAEL michael MESSAGE Starting protection2013/01/26 18:47:17 +0100 PC_VAN_MICHAEL michael MESSAGE Protection started successfully2013/01/26 18:47:17 +0100 PC_VAN_MICHAEL michael MESSAGE Starting IP protection2013/01/26 18:47:20 +0100 PC_VAN_MICHAEL michael MESSAGE IP Protection started successfully2013/01/26 18:47:23 +0100 PC_VAN_MICHAEL michael MESSAGE Starting database refresh2013/01/26 18:47:23 +0100 PC_VAN_MICHAEL michael MESSAGE Stopping IP protection2013/01/26 18:47:23 +0100 PC_VAN_MICHAEL michael MESSAGE IP Protection stopped successfully2013/01/26 18:47:23 +0100 PC_VAN_MICHAEL michael MESSAGE Scheduled update executed successfully: database updated from version v2012.12.14.11 to version v2013.01.26.092013/01/26 18:47:25 +0100 PC_VAN_MICHAEL michael MESSAGE Database refreshed successfully2013/01/26 18:47:25 +0100 PC_VAN_MICHAEL michael MESSAGE Starting IP protection2013/01/26 18:47:28 +0100 PC_VAN_MICHAEL michael MESSAGE IP Protection started successfully2013/01/26 19:14:04 +0100 PC_VAN_MICHAEL michael MESSAGE Starting protection2013/01/26 19:14:04 +0100 PC_VAN_MICHAEL michael MESSAGE Protection started successfully2013/01/26 19:14:04 +0100 PC_VAN_MICHAEL michael MESSAGE Starting IP protection2013/01/26 19:14:06 +0100 PC_VAN_MICHAEL michael MESSAGE IP Protection started successfully
  14. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:29:48, on 18/01/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: NormalRunning processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Acer\Empowering Technology\SysMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\System32\nvraidservice.exe C:\Windows\System32\rundll32.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\ehome\ehtray.exe C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEGE.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\rundll32.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Search - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120628231554.dll (file missing) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: MediaBar - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\ShareazaTb\ShareazaDx.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: MediaBar - {EE9A4208-64EC-11DE-8440-204256D89593} - C:\Program Files\ShareazaTb\ShareazaDx.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\SetApanel.cmd O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_SF23A.tmp" /EF "HKCU" O4 - HKCU\..\Run: [Google Update] "C:\Users\michael\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: ASETRES.EXE O4 - Global Startup: Empowering Technology Launcher.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe --End of file - 12009 bytes
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.