ekster
-
Items
122 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door ekster
-
-
Ongeveer tien keer geprobeerd, ik heb geen idee waar die bestandjes blijven. De eerste keer open ik kladblok na opslaan als...en dan zie ik het. Het opent gewoon.
Probeer ik het later nog eens dan krijg ik een venster met: Het item hallo2.text waarnaar deze snelkoppeling verwijst, is gewijzigd of verplaatst, waardoor deze snelkoppeling niet goed meer werkt.
Wilt u deze snelkoppeling verwijderen?
Waar zijn ze dan gebleven, het is me een raadsel.
Vriendelijke groet, ekster
-
Ik heb een nieuwe printer Canon MP 550.
Scannen van document gaat prima. Op de pc kom ik dan terecht bij temp-kladblok (volgens handleiding moet dat zijn Kladblok).
Dat document kan ik, zoals ik wens, bewerken.
Maar als ik opsla als.....weet ik niet waar het bestand blijft. Wat is temp-kladblok?
Kunnen jullie me helpen?
Hartelijke groet, ekster
-
E-reader heb ik gereset en toen deed alles het weer. Bedankt. Opgelost. Vriendelijke groet, ekster
-
Hallo Helpforum,
Vorige week is mijn volkomen op hol geslagen computer door jullie prachtig in orde gemaakt.
Maar...nu wil ik sony e-reader gebruiken en dat gaat niet. Om te beginnen bij het verbinden met USB kabel zie ik in Computer staan:
Verwisselbare schijf I, maar ook verwisselbare schijf G.
Ik heb ereader library verwijderd en geprobeerd opnieuw te installeren. Maar....dat gaat niet.
Als ik hardware verwijder geeft hij aan I en G te verwijderen...
Bijgevoegd HijackThis log. Dat moet meestal...
Groet eksterLogfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:41:51, on 22-8-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\System32\rundll32.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Users\EKKER1~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\\PLFSetL.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9259 bytes
-
Kape heeft mij fantastisch geholpen toen mijn pc helemaal van slag was. Ik moest toen o.m. CCleaner downloaden. Mag ik CCleaner nu gewoon blijven gebruiken???
Het lijkt me veel beter dan schijfopruiming.
Hartelijke groet, ekster
-
CCleaner gedaan.
Wel, geleerde, geduldige computer-meester vind je het goed dat ik tot morgen wacht met met op discussie opgelost klikken. Kijken of alles het dan ook nog doet? In ieder geval duizend maal dank.
Ik zal het uitkijken naar de hulpmails nog missen............Groet, ekster
-
Hoera, hoera AVG zit erin.
AVG zei halverwege dat McAfee eruit moest, dat heb ik spontaan met OK gedaan.
Wat ellende was dat Virtual Technical Help bleef eindeloos scannen, drukken op herstel zei alleen dat MCAfee ge-update was. Kortom het is weg, good riddance.
Moet ik nu nog een andere of betaalde versie van AVG aanschaffen?
Moet ik nog eens nakijken met CCleaner?
Dat rare D: bestand met letters en cijfersstaat er nog in. Die lange rij met cijfers gaan er niet uit, de rest wel. Toen ik zo'n bestand 3082 opende kreeg ik: Beveiliging, U moet aangemeld zijn met beheersmachtigingen om dit object te kunnen weergeven.
Goede groet, goede nacht, ekster
-
Zou ik die ellendige McAfee er niet helemaal uithalen. Het abonnement loopt tot 9-2-2011. Ik het steeds een kreng gevonden. Ik ga AGV proberen.
Groet, ekster.
-
Ik word er nu wel heel verdrietig van.
Ik vlieg ieder moment uit Internet.
Chat van McAfee Help kan ik niet bereiken, ik vlieg er steeds uit. McAfee doet bij herstellen alleen updaten. Maar er blijft staan dat er geen bescherming ..............
-
Voor mij is alles prima, nu begint Mc Afee met een geel uitroepteken te roepen dat de computer niet beschermd is...............
Ik ben maar begonnen met updaten en scannen!
Groetjes ekster
-
Hoera, ik heb CCleaner aanwijzingen wel gevonden en gedaan en bovendien een nieuw herstelpunt gemaakt.
Er staat nog steeds beveiligde modus uitgeschakeld.
Groet, ekster
-
Blijf jij mij opdrachten geven die ik niet kan uitvoeren?
In Cofiguratie staat Systeem en Systeembeheer(geen tabbladen), geen Systeem en Onderhoud.
Wat nu?
-
1. Beveiligde modus uitgeschakeld is dat goed?
2. Unlocker sluit Internet af GED en McAfee wordt knalrood
3. CCleaner heeft 514 MB verwijderd, maar................................
in de linkerkolom zie ik hoofdjes: IE, WE, Systeem, geavonceerd, maar geen "register", scan naar problemen enz.
Groet, ekster
-
Combofix is van bureaublad. D bestand kan niet worden verwijderd.
Wat nu?
Ik kan C:\Qoobox of Q00b0x niet vinden.
Ga ik nu door met CCleaner?
Groet, ekster
-
Spatie was ik vergeten. Er werd aangegeven dat Combofix was verwijderd.
Het icoon van combofix staat nog steeds op bureaublad. Verwijderen lukt, omdat ik "niet gemachtigd ben". In het icoon staat een geel/groen schildje.
Map op D gaat ook niet weg: "niet gemachtigd. Groet, ekster
-
Wat een geluk dat je de discussie weer geopend hebt. Ik was zo blij dat iets goed was dat ik er gelijk vanaf wou. Toen ik op opgelost gedrukt had, had ik meteen spijt.
Combofix/uninstall lukt niet. Hoewel ik het op bureaublad zie staan, herkent uitvoeren het niet. Het staat niet bij "software" verwijderen, maar wel in "map bureaublad".
Verder is er in station D plotseling een bestand (naam allemaal cijfers)verschenen, er staat in:
rij van ong. 30 getallen onder elkaar b.v. 1025
DHtmlHeader.html
header.bmp
Hotfixinstaller.exe
NDDP35P!_KB963707
ParameterInfo.xml
watermerk.bmp
Kan ik dat verwijderen?
Hartelijke groet, ekster
-
Ik heb geprobeerd te downloaden. Dat ging.
Fantastisch bedankt voor al je hulp en je geduld. Lieve groet, ekster
-
VolgeLogfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:54:54, on 8-8-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Windows\Explorer.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\\PLFSetL.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Reader Library Launcher] C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SiteAdvisor-service (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9151 bytes
volgens mij ging het hetzelfde.....
ComboFix 10-08-07.02 - Ekker 1 08-08-2010 17:37:08.5.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3069.1707 [GMT 2:00]
Gestart vanuit: c:\users\Ekker 1\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Ekker 1\Desktop\CFScript.txt
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
SP: McAfee VirusScan *disabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-07-08 to 2010-08-08 ))))))))))))))))))))))))))))))
.
2010-08-08 15:46 . 2010-08-08 15:46 -------- d-----w- c:\users\Ekker 1\AppData\Local\temp
2010-08-08 15:46 . 2010-08-08 15:46 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-08 15:46 . 2010-08-08 15:46 -------- d-----w- c:\users\Dixons\AppData\Local\temp
2010-08-08 15:46 . 2010-08-08 15:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-08 14:30 . 2010-08-08 14:30 -------- d-----w- c:\programdata\WindowsSearch
2010-08-08 14:01 . 2010-08-08 14:01 -------- d-----w- c:\programdata\SSScanAppDataDir
2010-08-07 21:28 . 2010-08-07 21:28 -------- d-----w- c:\users\Ekker 1\Library
2010-08-07 21:28 . 2010-08-07 21:28 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\Apple Computer
2010-08-07 21:28 . 2010-08-07 21:28 -------- d-----w- c:\users\Ekker 1\AppData\Local\Apple Computer
2010-08-07 19:43 . 2010-08-07 19:43 -------- d-----w- c:\programdata\Save Data
2010-08-07 15:51 . 2010-08-07 15:51 388096 ----a-r- c:\users\Ekker 1\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-07 15:51 . 2010-08-07 15:51 -------- d-----w- c:\program files\Trend Micro
2010-08-06 16:34 . 2010-08-06 16:34 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\Uniblue
2010-08-06 14:02 . 2010-08-06 14:02 -------- d-----w- c:\program files\Citrix
2010-08-06 13:47 . 2010-08-06 13:47 -------- d-----w- c:\programdata\Citrix
2010-08-06 13:45 . 2010-08-06 13:45 -------- d-----w- c:\users\Ekker 1\AppData\Local\Citrix
2010-08-06 13:45 . 2010-08-06 14:42 -------- d-----w- c:\users\Ekker 1\AppData\Local\Deployment
2010-08-06 13:45 . 2010-08-06 13:45 -------- d-----w- c:\users\Ekker 1\AppData\Local\Apps
2010-08-06 13:37 . 2010-08-06 13:37 -------- d-----w- c:\users\Ekker 1\AppData\Local\Threat Expert
2010-08-06 13:37 . 2010-08-06 13:37 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\Yahoo!
2010-08-06 13:34 . 2010-08-06 13:34 300384 ----a-w- c:\users\Ekker 1\AppData\Roaming\McAfee\Supportability\MVTLogs\Results\detect.dll
2010-08-06 13:34 . 2010-08-06 13:34 300384 ----a-w- c:\programdata\McAfee\Supportability\Content\MVT\XMLFiles\detect.dll
2010-08-06 13:33 . 2010-08-06 13:33 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\McAfee
2010-08-05 10:04 . 2010-08-06 06:00 -------- d-----w- c:\users\Ekker 1\AppData\Local\Adobe
2010-08-04 23:12 . 2010-08-08 15:29 -------- d-----w- c:\users\Ekker 1\Tracing
2010-08-04 20:18 . 2010-08-04 20:18 -------- d-----w- c:\program files\Windows Portable Devices
2010-08-04 20:16 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-08-04 20:16 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-08-04 20:16 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-08-04 20:14 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-08-04 20:12 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-08-04 20:12 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-08-04 20:12 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-08-04 15:48 . 2010-08-04 15:50 -------- d-----w- c:\users\Ekker 1\AppData\Local\Microsoft Games
2010-08-04 15:42 . 2010-08-05 06:27 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\MyHeritage
2010-08-04 15:07 . 2010-08-04 15:09 -------- d-----w- c:\windows\system32\ca-ES
2010-08-04 15:07 . 2010-08-04 15:09 -------- d-----w- c:\windows\system32\eu-ES
2010-08-04 15:07 . 2010-08-04 15:08 -------- d-----w- c:\windows\system32\vi-VN
2010-08-04 12:49 . 2010-08-04 12:49 -------- d-----w- c:\users\Ekker 1\AppData\Local\Sony Corporation
2010-08-04 12:49 . 2010-08-04 12:49 -------- d-----w- c:\users\Ekker 1\AppData\Local\kinoma
2010-08-04 12:49 . 2010-08-04 12:49 -------- d--h--w- c:\users\Ekker 1\AppData\Local\acer eNM
2010-08-04 12:48 . 2010-08-08 15:29 680 ----a-w- c:\users\Ekker 1\AppData\Local\d3d9caps.dat
2010-08-04 12:48 . 2010-08-04 12:48 -------- d-----w- c:\users\Ekker 1\AppData\Local\PlayMovie
2010-08-04 12:48 . 2010-08-04 12:48 72384 ----a-w- c:\users\Ekker 1\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-04 12:48 . 2010-08-04 12:48 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\SiteAdvisor
2010-08-04 09:41 . 2010-08-04 09:41 -------- d-----w- c:\windows\system32\EventProviders
2010-08-04 08:06 . 2010-08-04 08:06 -------- d-----w- C:\EGIS_Drive
2010-08-04 05:20 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-08-04 05:20 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-08-04 05:20 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-08-04 05:20 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-08-04 05:20 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-08-04 05:10 . 2009-04-11 06:28 747008 ----a-w- c:\windows\system32\WsmSvc.dll
2010-08-04 05:09 . 2009-04-11 06:28 657408 ----a-w- c:\windows\system32\WMVXENCD.DLL
2010-08-04 05:08 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-08-04 05:08 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-08-04 05:08 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-08-04 05:08 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-08-04 04:36 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\users\Public\Roaming
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\users\Default\AppData\Roaming\Intel
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\users\Dixons\Roaming
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\users\Default\Roaming
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\programdata\Roaming
2010-08-03 22:44 . 2010-08-03 22:44 -------- d-----w- c:\program files\Cisco
2010-08-03 22:44 . 2010-08-03 22:44 -------- d-----w- c:\program files\Common Files\Intel
2010-08-03 22:44 . 2010-08-03 22:44 -------- d-----w- c:\programdata\Intel
2010-08-03 22:23 . 2010-08-03 22:23 -------- d-----w- c:\programdata\Office Genuine Advantage
2010-08-03 18:52 . 2010-08-03 18:52 -------- d-----w- c:\users\Dixons\AppData\Local\Threat Expert
2010-08-03 18:13 . 2010-01-22 07:56 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-08-03 18:13 . 2010-01-22 07:56 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-08-03 18:13 . 2010-01-22 07:56 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-08-03 18:13 . 2010-01-22 07:55 767952 ----a-w- c:\windows\BDTSupport.dll
2010-08-03 18:13 . 2009-10-27 23:36 1152444 ----a-w- c:\windows\UDB.zip
2010-08-03 18:13 . 2008-11-26 10:08 131 ----a-w- c:\windows\IDB.zip
2010-08-03 18:11 . 2010-02-05 07:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-08-03 18:11 . 2010-02-05 07:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-08-03 18:11 . 2010-08-03 18:34 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-08-03 18:11 . 2009-11-23 11:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-08-03 18:10 . 2010-08-03 18:34 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-08-03 18:10 . 2010-08-08 15:38 -------- d-----w- c:\program files\Spyware Doctor
2010-08-03 18:10 . 2010-08-03 18:14 -------- d-----w- c:\program files\Common Files\PC Tools
2010-08-03 18:10 . 2010-08-03 18:10 -------- d-----w- c:\users\Dixons\AppData\Roaming\PC Tools
2010-08-03 18:10 . 2010-08-03 18:10 -------- d-----w- c:\programdata\PC Tools
2010-08-03 15:16 . 2010-08-03 15:16 -------- d-----w- c:\programdata\MSScanAppDataDir
2010-08-03 13:56 . 2010-08-03 13:56 680 ----a-w- c:\users\Dixons\AppData\Local\d3d9caps.dat
2010-08-03 13:13 . 2010-08-03 13:13 292878 ----a-r- c:\users\Dixons\AppData\Roaming\Microsoft\Installer\{A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}\ARPPRODUCTICON.exe
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\program files\DIFX
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\users\Dixons\AppData\Roaming\Apple Computer
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\users\Dixons\AppData\Local\Apple Computer
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\users\Dixons\Library
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\programdata\kinoma
2010-08-03 13:12 . 2010-08-03 13:13 -------- d-----w- c:\users\Dixons\AppData\Local\Sony Corporation
2010-08-03 13:12 . 2010-08-03 13:13 -------- d-----w- c:\program files\Sony
2010-08-03 13:12 . 2010-08-03 13:12 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-08-03 13:09 . 2010-08-03 13:09 -------- d-----w- c:\users\Dixons\AppData\Local\kinoma
2010-08-03 13:03 . 2010-08-03 13:03 -------- d-----w- c:\users\Dixons\AppData\Roaming\Uniblue
2010-08-03 13:03 . 2010-08-03 13:03 -------- d-----w- c:\program files\Uniblue
2010-08-03 08:50 . 2010-08-03 08:50 -------- d-----w- c:\users\Dixons\AppData\Local\Adobe
2010-08-03 06:18 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-08-03 06:16 . 2010-05-21 12:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-08-03 04:54 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-08-03 04:47 . 2010-02-12 10:48 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-08-03 04:44 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-08-03 04:43 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-08-03 04:43 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-08-03 04:43 . 2010-08-03 04:43 -------- d-----w- c:\program files\MSXML 4.0
2010-08-03 04:13 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-08-03 04:13 . 2009-12-11 11:43 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-03 04:13 . 2009-12-11 11:43 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-03 04:13 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-08-03 04:13 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-08-03 04:11 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2010-08-03 04:10 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-08-03 04:10 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2010-08-03 04:10 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-08-03 04:10 . 2009-04-11 06:28 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-08-03 04:10 . 2009-04-11 06:28 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-08-03 04:10 . 2010-05-26 14:47 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-08-03 04:10 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-08-03 04:10 . 2010-05-26 17:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-08-03 04:10 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2010-08-03 04:10 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-08-03 04:09 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2010-08-03 04:09 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-08 15:34 . 2008-01-21 06:47 667352 ----a-w- c:\windows\system32\perfh013.dat
2010-08-08 15:34 . 2008-01-21 06:47 126854 ----a-w- c:\windows\system32\perfc013.dat
2010-08-08 15:28 . 2010-08-02 11:47 42301 ----a-w- c:\programdata\nvModes.dat
2010-08-07 14:48 . 2008-04-16 05:22 -------- d-----w- c:\program files\McAfee
2010-08-06 13:32 . 2008-04-16 05:22 -------- d-----w- c:\programdata\McAfee
2010-08-06 05:59 . 2008-04-16 05:53 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-04 20:17 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-08-04 20:17 . 2010-08-04 20:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-08-04 20:17 . 2010-08-04 20:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-08-04 15:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-08-03 22:45 . 2010-08-04 12:47 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\Intel
2010-08-03 22:44 . 2008-04-16 04:56 -------- d-----w- c:\program files\Intel
2010-08-03 21:57 . 2010-08-02 11:47 -------- d-----w- c:\users\Dixons\AppData\Roaming\SiteAdvisor
2010-08-03 06:09 . 2010-08-03 06:09 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-08-03 04:45 . 2008-04-16 05:14 -------- d-----w- c:\program files\Microsoft Works
2010-08-02 18:19 . 2010-08-02 18:19 0 ----a-w- c:\users\Dixons\AppData\Roaming\wklnhst.dat
2010-08-02 16:15 . 2010-08-02 16:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-08-02 15:03 . 2008-04-16 05:12 -------- d-----w- c:\programdata\Microsoft Help
2010-08-02 12:02 . 2008-04-16 05:46 -------- d-----w- c:\programdata\CyberLink
2010-08-02 11:58 . 2010-08-02 11:58 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2010-08-02 11:52 . 2008-04-16 05:45 -------- d-----w- c:\program files\Acer Arcade Deluxe
2010-08-02 11:52 . 2008-04-16 05:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-02 11:47 . 2010-08-02 21:28 2220 ----a-w- c:\windows\CLEANUP.CMD
2010-08-02 11:47 . 2010-08-02 11:47 -------- d-----w- c:\users\Dixons\AppData\Roaming\InstallShield
2010-08-02 11:39 . 2010-08-02 11:39 -------- d-----w- c:\program files\Common Files\snp2uvc
2010-08-02 11:39 . 2010-08-02 11:39 -------- d-----w- c:\programdata\InstallShield
2010-08-02 11:38 . 2008-04-16 05:00 -------- d-----w- c:\program files\Common Files\InstallShield
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-01-03 00:00 39472 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2010-07-27 67448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
"SiteAdvisor"="c:\program files\SiteAdvisor\6172\SiteAdv.exe" [2007-08-24 36640]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-05 525360]
"Skytel"="Skytel.exe" [2007-08-03 1826816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-03 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-03 92704]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"PLFSetL"="c:\windows\\PLFSetL.exe" [2007-07-05 94208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-10-10 1286144]
"SetPanel"="c:\acer\APanel\APanel.cmd" [bU]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-01-04 768520]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2008-01-22 200704]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-21 159744]
"eRecoveryService"="" [bU]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [bU]
"Reader Library Launcher"="c:\program files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe" [2010-05-10 906656]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-08-03 1287120]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-4-16 535336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 2 (0x2)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2010-08-06 14:02 13672 ----a-w- c:\program files\Citrix\GoToAssist\615\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(
:25,a5,ac,df,e7,33,cb,01R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-08-03 218592]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-01-04 41456]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]
S3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
--- Andere Services/Drivers In Geheugen ---
*Deregistered* - PCTSDInjDriver32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de 'Gedeelde Taken' map
2008-04-16 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-04-16 13:10]
2008-04-16 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-04-16 13:10]
2010-08-08 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-08-03 07:50]
2010-08-08 c:\windows\Tasks\User_Feed_Synchronization-{81F699E3-61A6-434E-9722-902F0DA72BC1}.job
- c:\windows\system32\msfeedssync.exe [2010-08-03 04:30]
.
.
------- Bijkomende Scan -------
.
uStart Page = about:blank
mStart Page = hxxp://search.myheritage.com
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: internet
Trusted Zone: mcafee.com
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-08-08 17:46
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'Explorer.exe'(3228)
c:\program files\Spyware Doctor\pctgmhk.dll
c:\program files\SiteAdvisor\6172\saHook.dll
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
Voltooingstijd: 2010-08-08 17:52:16
ComboFix-quarantined-files.txt 2010-08-08 15:52
ComboFix2.txt 2010-08-08 13:45
ComboFix3.txt 2010-08-08 12:28
Pre-Run: 105.828.646.912 bytes beschikbaar
Post-Run: 105.816.907.776 bytes beschikbaar
- - End Of File - - 6A5BF9285E4F0C7D84193F165D6F0696
groet, ekster
-
ComboFix 10-08-07.02 - Ekker 1 08-08-2010 15:28:36.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3069.1838 [GMT 2:00]
Gestart vanuit: c:\users\Ekker 1\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Ekker 1\Desktop\CFScript - Snelkoppeling.lnk
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-07-08 to 2010-08-08 ))))))))))))))))))))))))))))))
.
2010-08-08 13:38 . 2010-08-08 13:39 -------- d-----w- c:\users\Ekker 1\AppData\Local\temp
2010-08-08 13:38 . 2010-08-08 13:38 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-08 13:38 . 2010-08-08 13:38 -------- d-----w- c:\users\Dixons\AppData\Local\temp
2010-08-08 13:38 . 2010-08-08 13:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-07 21:28 . 2010-08-07 21:28 -------- d-----w- c:\users\Ekker 1\Library
2010-08-07 21:28 . 2010-08-07 21:28 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\Apple Computer
2010-08-07 21:28 . 2010-08-07 21:28 -------- d-----w- c:\users\Ekker 1\AppData\Local\Apple Computer
2010-08-07 19:43 . 2010-08-07 19:43 -------- d-----w- c:\programdata\Save Data
2010-08-07 15:51 . 2010-08-07 15:51 388096 ----a-r- c:\users\Ekker 1\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-07 15:51 . 2010-08-07 15:51 -------- d-----w- c:\program files\Trend Micro
2010-08-06 16:34 . 2010-08-06 16:34 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\Uniblue
2010-08-06 14:02 . 2010-08-06 14:02 -------- d-----w- c:\program files\Citrix
2010-08-06 13:47 . 2010-08-06 13:47 -------- d-----w- c:\programdata\Citrix
2010-08-06 13:45 . 2010-08-06 13:45 -------- d-----w- c:\users\Ekker 1\AppData\Local\Citrix
2010-08-06 13:45 . 2010-08-06 14:42 -------- d-----w- c:\users\Ekker 1\AppData\Local\Deployment
2010-08-06 13:45 . 2010-08-06 13:45 -------- d-----w- c:\users\Ekker 1\AppData\Local\Apps
2010-08-06 13:37 . 2010-08-06 13:37 -------- d-----w- c:\users\Ekker 1\AppData\Local\Threat Expert
2010-08-06 13:37 . 2010-08-06 13:37 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\Yahoo!
2010-08-06 13:34 . 2010-08-06 13:34 300384 ----a-w- c:\users\Ekker 1\AppData\Roaming\McAfee\Supportability\MVTLogs\Results\detect.dll
2010-08-06 13:34 . 2010-08-06 13:34 300384 ----a-w- c:\programdata\McAfee\Supportability\Content\MVT\XMLFiles\detect.dll
2010-08-06 13:33 . 2010-08-06 13:33 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\McAfee
2010-08-05 10:04 . 2010-08-06 06:00 -------- d-----w- c:\users\Ekker 1\AppData\Local\Adobe
2010-08-04 23:12 . 2010-08-08 13:12 -------- d-----w- c:\users\Ekker 1\Tracing
2010-08-04 20:18 . 2010-08-04 20:18 -------- d-----w- c:\program files\Windows Portable Devices
2010-08-04 20:16 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-08-04 20:16 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-08-04 20:16 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-08-04 20:14 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-08-04 20:12 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-08-04 20:12 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-08-04 20:12 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-08-04 15:48 . 2010-08-04 15:50 -------- d-----w- c:\users\Ekker 1\AppData\Local\Microsoft Games
2010-08-04 15:42 . 2010-08-05 06:27 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\MyHeritage
2010-08-04 15:07 . 2010-08-04 15:09 -------- d-----w- c:\windows\system32\ca-ES
2010-08-04 15:07 . 2010-08-04 15:09 -------- d-----w- c:\windows\system32\eu-ES
2010-08-04 15:07 . 2010-08-04 15:08 -------- d-----w- c:\windows\system32\vi-VN
2010-08-04 12:49 . 2010-08-04 12:49 -------- d-----w- c:\users\Ekker 1\AppData\Local\Sony Corporation
2010-08-04 12:49 . 2010-08-04 12:49 -------- d-----w- c:\users\Ekker 1\AppData\Local\kinoma
2010-08-04 12:49 . 2010-08-04 12:49 -------- d--h--w- c:\users\Ekker 1\AppData\Local\acer eNM
2010-08-04 12:48 . 2010-08-08 11:43 680 ----a-w- c:\users\Ekker 1\AppData\Local\d3d9caps.dat
2010-08-04 12:48 . 2010-08-04 12:48 -------- d-----w- c:\users\Ekker 1\AppData\Local\PlayMovie
2010-08-04 12:48 . 2010-08-04 12:48 72384 ----a-w- c:\users\Ekker 1\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-04 12:48 . 2010-08-04 12:48 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\SiteAdvisor
2010-08-04 09:41 . 2010-08-04 09:41 -------- d-----w- c:\windows\system32\EventProviders
2010-08-04 08:06 . 2010-08-04 08:06 -------- d-----w- C:\EGIS_Drive
2010-08-04 05:20 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-08-04 05:20 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-08-04 05:20 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-08-04 05:20 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-08-04 05:20 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-08-04 05:10 . 2009-04-11 06:28 747008 ----a-w- c:\windows\system32\WsmSvc.dll
2010-08-04 05:09 . 2009-04-11 06:28 657408 ----a-w- c:\windows\system32\WMVXENCD.DLL
2010-08-04 05:08 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-08-04 05:08 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-08-04 05:08 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-08-04 05:08 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-08-04 04:36 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\users\Public\Roaming
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\users\Default\AppData\Roaming\Intel
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\users\Dixons\Roaming
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\users\Default\Roaming
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\programdata\Roaming
2010-08-03 22:44 . 2010-08-03 22:44 -------- d-----w- c:\program files\Cisco
2010-08-03 22:44 . 2010-08-03 22:44 -------- d-----w- c:\program files\Common Files\Intel
2010-08-03 22:44 . 2010-08-03 22:44 -------- d-----w- c:\programdata\Intel
2010-08-03 22:23 . 2010-08-03 22:23 -------- d-----w- c:\programdata\Office Genuine Advantage
2010-08-03 18:52 . 2010-08-03 18:52 -------- d-----w- c:\users\Dixons\AppData\Local\Threat Expert
2010-08-03 18:13 . 2010-01-22 07:56 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-08-03 18:13 . 2010-01-22 07:56 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-08-03 18:13 . 2010-01-22 07:56 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-08-03 18:13 . 2010-01-22 07:55 767952 ----a-w- c:\windows\BDTSupport.dll
2010-08-03 18:13 . 2009-10-27 23:36 1152444 ----a-w- c:\windows\UDB.zip
2010-08-03 18:13 . 2008-11-26 10:08 131 ----a-w- c:\windows\IDB.zip
2010-08-03 18:11 . 2010-02-05 07:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-08-03 18:11 . 2010-02-05 07:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-08-03 18:11 . 2010-08-03 18:34 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-08-03 18:11 . 2009-11-23 11:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-08-03 18:10 . 2010-08-03 18:34 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-08-03 18:10 . 2010-08-08 13:39 -------- d-----w- c:\program files\Spyware Doctor
2010-08-03 18:10 . 2010-08-03 18:14 -------- d-----w- c:\program files\Common Files\PC Tools
2010-08-03 18:10 . 2010-08-03 18:10 -------- d-----w- c:\users\Dixons\AppData\Roaming\PC Tools
2010-08-03 18:10 . 2010-08-03 18:10 -------- d-----w- c:\programdata\PC Tools
2010-08-03 15:16 . 2010-08-03 15:16 -------- d-----w- c:\programdata\MSScanAppDataDir
2010-08-03 13:56 . 2010-08-03 13:56 680 ----a-w- c:\users\Dixons\AppData\Local\d3d9caps.dat
2010-08-03 13:13 . 2010-08-03 13:13 292878 ----a-r- c:\users\Dixons\AppData\Roaming\Microsoft\Installer\{A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}\ARPPRODUCTICON.exe
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\program files\DIFX
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\users\Dixons\AppData\Roaming\Apple Computer
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\users\Dixons\AppData\Local\Apple Computer
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\users\Dixons\Library
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\programdata\kinoma
2010-08-03 13:12 . 2010-08-03 13:13 -------- d-----w- c:\users\Dixons\AppData\Local\Sony Corporation
2010-08-03 13:12 . 2010-08-03 13:13 -------- d-----w- c:\program files\Sony
2010-08-03 13:12 . 2010-08-03 13:12 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-08-03 13:09 . 2010-08-03 13:09 -------- d-----w- c:\users\Dixons\AppData\Local\kinoma
2010-08-03 13:03 . 2010-08-03 13:03 -------- d-----w- c:\users\Dixons\AppData\Roaming\Uniblue
2010-08-03 13:03 . 2010-08-03 13:03 -------- d-----w- c:\program files\Uniblue
2010-08-03 08:50 . 2010-08-03 08:50 -------- d-----w- c:\users\Dixons\AppData\Local\Adobe
2010-08-03 06:18 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-08-03 06:16 . 2010-05-21 12:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-08-03 04:54 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-08-03 04:47 . 2010-02-12 10:48 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-08-03 04:44 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-08-03 04:43 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-08-03 04:43 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-08-03 04:43 . 2010-08-03 04:43 -------- d-----w- c:\program files\MSXML 4.0
2010-08-03 04:13 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-08-03 04:13 . 2009-12-11 11:43 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-03 04:13 . 2009-12-11 11:43 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-03 04:13 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-08-03 04:13 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-08-03 04:11 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2010-08-03 04:10 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-08-03 04:10 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2010-08-03 04:10 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-08-03 04:10 . 2009-04-11 06:28 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-08-03 04:10 . 2009-04-11 06:28 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-08-03 04:10 . 2010-05-26 14:47 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-08-03 04:10 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-08-03 04:10 . 2010-05-26 17:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-08-03 04:10 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2010-08-03 04:10 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-08-03 04:09 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2010-08-03 04:09 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2010-08-03 04:09 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-08-03 04:09 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-08 13:16 . 2008-01-21 06:47 667352 ----a-w- c:\windows\system32\perfh013.dat
2010-08-08 13:16 . 2008-01-21 06:47 126854 ----a-w- c:\windows\system32\perfc013.dat
2010-08-08 13:11 . 2010-08-02 11:47 42301 ----a-w- c:\programdata\nvModes.dat
2010-08-07 14:48 . 2008-04-16 05:22 -------- d-----w- c:\program files\McAfee
2010-08-06 13:32 . 2008-04-16 05:22 -------- d-----w- c:\programdata\McAfee
2010-08-06 05:59 . 2008-04-16 05:53 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-04 20:17 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-08-04 20:17 . 2010-08-04 20:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-08-04 20:17 . 2010-08-04 20:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-08-04 15:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-08-03 22:45 . 2010-08-04 12:47 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\Intel
2010-08-03 22:44 . 2008-04-16 04:56 -------- d-----w- c:\program files\Intel
2010-08-03 21:57 . 2010-08-02 11:47 -------- d-----w- c:\users\Dixons\AppData\Roaming\SiteAdvisor
2010-08-03 06:09 . 2010-08-03 06:09 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-08-03 04:45 . 2008-04-16 05:14 -------- d-----w- c:\program files\Microsoft Works
2010-08-02 18:19 . 2010-08-02 18:19 0 ----a-w- c:\users\Dixons\AppData\Roaming\wklnhst.dat
2010-08-02 16:15 . 2010-08-02 16:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-08-02 15:03 . 2008-04-16 05:12 -------- d-----w- c:\programdata\Microsoft Help
2010-08-02 12:02 . 2008-04-16 05:46 -------- d-----w- c:\programdata\CyberLink
2010-08-02 11:58 . 2010-08-02 11:58 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2010-08-02 11:52 . 2008-04-16 05:45 -------- d-----w- c:\program files\Acer Arcade Deluxe
2010-08-02 11:52 . 2008-04-16 05:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-02 11:47 . 2010-08-02 21:28 2220 ----a-w- c:\windows\CLEANUP.CMD
2010-08-02 11:47 . 2010-08-02 11:47 -------- d-----w- c:\users\Dixons\AppData\Roaming\InstallShield
2010-08-02 11:39 . 2010-08-02 11:39 -------- d-----w- c:\program files\Common Files\snp2uvc
2010-08-02 11:39 . 2010-08-02 11:39 -------- d-----w- c:\programdata\InstallShield
2010-08-02 11:38 . 2008-04-16 05:00 -------- d-----w- c:\program files\Common Files\InstallShield
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"= "c:\program files\Family Toolbar\tbhelper.dll" [2009-05-07 355840]
[HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}]
[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}]
[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]
2009-05-07 21:46 2642432 ----a-w- c:\program files\Family Toolbar\tbcore3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]
[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]
[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-01-03 00:00 39472 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2010-07-27 67448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
"SiteAdvisor"="c:\program files\SiteAdvisor\6172\SiteAdv.exe" [2007-08-24 36640]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-05 525360]
"Skytel"="Skytel.exe" [2007-08-03 1826816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-03 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-03 92704]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"PLFSetL"="c:\windows\\PLFSetL.exe" [2007-07-05 94208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-10-10 1286144]
"SetPanel"="c:\acer\APanel\APanel.cmd" [bU]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-01-04 768520]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2008-01-22 200704]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-21 159744]
"eRecoveryService"="" [bU]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [bU]
"Reader Library Launcher"="c:\program files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe" [2010-05-10 906656]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-08-03 1287120]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-4-16 535336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 2 (0x2)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2010-08-06 14:02 13672 ----a-w- c:\program files\Citrix\GoToAssist\615\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(
:25,a5,ac,df,e7,33,cb,01R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-08-03 218592]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-01-04 41456]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]
S3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
--- Andere Services/Drivers In Geheugen ---
*Deregistered* - PCTSDInjDriver32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de 'Gedeelde Taken' map
2008-04-16 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-04-16 13:10]
2008-04-16 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-04-16 13:10]
2010-08-08 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-08-03 07:50]
2010-08-08 c:\windows\Tasks\User_Feed_Synchronization-{81F699E3-61A6-434E-9722-902F0DA72BC1}.job
- c:\windows\system32\msfeedssync.exe [2010-08-03 04:30]
.
.
------- Bijkomende Scan -------
.
uStart Page = about:blank
mStart Page = hxxp://search.myheritage.com
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: internet
Trusted Zone: mcafee.com
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-08-08 15:39
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'Explorer.exe'(2836)
c:\program files\Spyware Doctor\pctgmhk.dll
c:\program files\SiteAdvisor\6172\saHook.dll
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
Voltooingstijd: 2010-08-08 15:45:39
ComboFix-quarantined-files.txt 2010-08-08 13:45
ComboFix2.txt 2010-08-08 12:28
Pre-Run: 105.944.031.232 bytes beschikbaar
Post-Run: 105.910.640.640 bytes beschikbaar
- - End Of File - - C29D94F23D538225781534EE9F780484
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:54:58, on 8-8-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Windows\Explorer.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Family Toolbar\tbcore3.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\\PLFSetL.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Reader Library Launcher] C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SiteAdvisor-service (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10167 bytes
-
Hallo Kape,
Hoera, het logje is er. Ik had een keer op McAfee gedrukt.
Nog eens overgedaan en.....................
ComboFix 10-08-07.02 - Ekker 1 08-08-2010 14:12:30.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3069.1828 [GMT 2:00]
Gestart vanuit: c:\users\Ekker 1\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
SP: McAfee VirusScan *disabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Voorgaande Run -------
.
c:\programdata\1296160
c:\programdata\1296160\BackUp\Empowering Technology Launcher.lnk
c:\programdata\1296160\SMAV.ico
c:\programdata\1296160\SMAVSys\vd952342.bd
c:\programdata\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam Video Class Camera
c:\programdata\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam Video Class Camera \Uninstall.lnk
c:\users\Ekker 1\GoToAssistDownloadHelper.exe
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-07-08 to 2010-08-08 ))))))))))))))))))))))))))))))
.
2010-08-08 12:22 . 2010-08-08 12:23 -------- d-----w- c:\users\Ekker 1\AppData\Local\temp
2010-08-08 12:22 . 2010-08-08 12:22 -------- d-----w- c:\users\Dixons\AppData\Local\temp
2010-08-08 12:22 . 2010-08-08 12:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-07 21:28 . 2010-08-07 21:28 -------- d-----w- c:\users\Ekker 1\Library
2010-08-07 21:28 . 2010-08-07 21:28 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\Apple Computer
2010-08-07 21:28 . 2010-08-07 21:28 -------- d-----w- c:\users\Ekker 1\AppData\Local\Apple Computer
2010-08-07 19:43 . 2010-08-07 19:43 -------- d-----w- c:\programdata\Save Data
2010-08-07 15:51 . 2010-08-07 15:51 388096 ----a-r- c:\users\Ekker 1\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-08-07 15:51 . 2010-08-07 15:51 -------- d-----w- c:\program files\Trend Micro
2010-08-06 16:34 . 2010-08-06 16:34 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\Uniblue
2010-08-06 14:02 . 2010-08-06 14:02 -------- d-----w- c:\program files\Citrix
2010-08-06 13:47 . 2010-08-06 13:47 -------- d-----w- c:\programdata\Citrix
2010-08-06 13:45 . 2010-08-06 13:45 -------- d-----w- c:\users\Ekker 1\AppData\Local\Citrix
2010-08-06 13:45 . 2010-08-06 14:42 -------- d-----w- c:\users\Ekker 1\AppData\Local\Deployment
2010-08-06 13:45 . 2010-08-06 13:45 -------- d-----w- c:\users\Ekker 1\AppData\Local\Apps
2010-08-06 13:37 . 2010-08-06 13:37 -------- d-----w- c:\users\Ekker 1\AppData\Local\Threat Expert
2010-08-06 13:37 . 2010-08-06 13:37 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\Yahoo!
2010-08-06 13:34 . 2010-08-06 13:34 300384 ----a-w- c:\users\Ekker 1\AppData\Roaming\McAfee\Supportability\MVTLogs\Results\detect.dll
2010-08-06 13:34 . 2010-08-06 13:34 300384 ----a-w- c:\programdata\McAfee\Supportability\Content\MVT\XMLFiles\detect.dll
2010-08-06 13:33 . 2010-08-06 13:33 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\McAfee
2010-08-05 10:04 . 2010-08-06 06:00 -------- d-----w- c:\users\Ekker 1\AppData\Local\Adobe
2010-08-04 23:12 . 2010-08-08 11:43 -------- d-----w- c:\users\Ekker 1\Tracing
2010-08-04 20:18 . 2010-08-04 20:18 -------- d-----w- c:\program files\Windows Portable Devices
2010-08-04 20:16 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-08-04 20:16 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-08-04 20:16 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-08-04 20:14 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-08-04 20:12 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-08-04 20:12 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-08-04 20:12 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-08-04 15:48 . 2010-08-04 15:50 -------- d-----w- c:\users\Ekker 1\AppData\Local\Microsoft Games
2010-08-04 15:42 . 2010-08-05 06:27 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\MyHeritage
2010-08-04 15:07 . 2010-08-04 15:09 -------- d-----w- c:\windows\system32\ca-ES
2010-08-04 15:07 . 2010-08-04 15:09 -------- d-----w- c:\windows\system32\eu-ES
2010-08-04 15:07 . 2010-08-04 15:08 -------- d-----w- c:\windows\system32\vi-VN
2010-08-04 12:49 . 2010-08-04 12:49 -------- d-----w- c:\users\Ekker 1\AppData\Local\Sony Corporation
2010-08-04 12:49 . 2010-08-04 12:49 -------- d-----w- c:\users\Ekker 1\AppData\Local\kinoma
2010-08-04 12:49 . 2010-08-04 12:49 -------- d--h--w- c:\users\Ekker 1\AppData\Local\acer eNM
2010-08-04 12:48 . 2010-08-08 11:43 680 ----a-w- c:\users\Ekker 1\AppData\Local\d3d9caps.dat
2010-08-04 12:48 . 2010-08-04 12:48 -------- d-----w- c:\users\Ekker 1\AppData\Local\PlayMovie
2010-08-04 12:48 . 2010-08-04 12:48 72384 ----a-w- c:\users\Ekker 1\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-04 12:48 . 2010-08-04 12:48 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\SiteAdvisor
2010-08-04 09:41 . 2010-08-04 09:41 -------- d-----w- c:\windows\system32\EventProviders
2010-08-04 08:06 . 2010-08-04 08:06 -------- d-----w- C:\EGIS_Drive
2010-08-04 05:20 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-08-04 05:20 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-08-04 05:20 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-08-04 05:20 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-08-04 05:20 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-08-04 05:10 . 2009-04-11 06:28 747008 ----a-w- c:\windows\system32\WsmSvc.dll
2010-08-04 05:09 . 2009-04-11 06:28 657408 ----a-w- c:\windows\system32\WMVXENCD.DLL
2010-08-04 05:08 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-08-04 05:08 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-08-04 05:08 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-08-04 05:08 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-08-04 04:36 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\users\Public\Roaming
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\users\Default\AppData\Roaming\Intel
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\users\Dixons\Roaming
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\users\Default\Roaming
2010-08-03 22:45 . 2010-08-03 22:45 -------- d-----w- c:\programdata\Roaming
2010-08-03 22:44 . 2010-08-03 22:44 -------- d-----w- c:\program files\Cisco
2010-08-03 22:44 . 2010-08-03 22:44 -------- d-----w- c:\program files\Common Files\Intel
2010-08-03 22:44 . 2010-08-03 22:44 -------- d-----w- c:\programdata\Intel
2010-08-03 22:23 . 2010-08-03 22:23 -------- d-----w- c:\programdata\Office Genuine Advantage
2010-08-03 18:52 . 2010-08-03 18:52 -------- d-----w- c:\users\Dixons\AppData\Local\Threat Expert
2010-08-03 18:13 . 2010-01-22 07:56 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-08-03 18:13 . 2010-01-22 07:56 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-08-03 18:13 . 2010-01-22 07:56 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-08-03 18:13 . 2010-01-22 07:55 767952 ----a-w- c:\windows\BDTSupport.dll
2010-08-03 18:13 . 2009-10-27 23:36 1152444 ----a-w- c:\windows\UDB.zip
2010-08-03 18:13 . 2008-11-26 10:08 131 ----a-w- c:\windows\IDB.zip
2010-08-03 18:11 . 2010-02-05 07:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-08-03 18:11 . 2010-02-05 07:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-08-03 18:11 . 2010-08-03 18:34 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-08-03 18:11 . 2009-11-23 11:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-08-03 18:10 . 2010-08-03 18:34 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-08-03 18:10 . 2010-08-08 12:21 -------- d-----w- c:\program files\Spyware Doctor
2010-08-03 18:10 . 2010-08-03 18:14 -------- d-----w- c:\program files\Common Files\PC Tools
2010-08-03 18:10 . 2010-08-03 18:10 -------- d-----w- c:\users\Dixons\AppData\Roaming\PC Tools
2010-08-03 18:10 . 2010-08-03 18:10 -------- d-----w- c:\programdata\PC Tools
2010-08-03 15:16 . 2010-08-03 15:16 -------- d-----w- c:\programdata\MSScanAppDataDir
2010-08-03 13:56 . 2010-08-03 13:56 680 ----a-w- c:\users\Dixons\AppData\Local\d3d9caps.dat
2010-08-03 13:13 . 2010-08-03 13:13 292878 ----a-r- c:\users\Dixons\AppData\Roaming\Microsoft\Installer\{A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}\ARPPRODUCTICON.exe
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\program files\DIFX
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\users\Dixons\AppData\Roaming\Apple Computer
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\users\Dixons\AppData\Local\Apple Computer
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\users\Dixons\Library
2010-08-03 13:13 . 2010-08-03 13:13 -------- d-----w- c:\programdata\kinoma
2010-08-03 13:12 . 2010-08-03 13:13 -------- d-----w- c:\users\Dixons\AppData\Local\Sony Corporation
2010-08-03 13:12 . 2010-08-03 13:13 -------- d-----w- c:\program files\Sony
2010-08-03 13:12 . 2010-08-03 13:12 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-08-03 13:09 . 2010-08-03 13:09 -------- d-----w- c:\users\Dixons\AppData\Local\kinoma
2010-08-03 13:03 . 2010-08-03 13:03 -------- d-----w- c:\users\Dixons\AppData\Roaming\Uniblue
2010-08-03 13:03 . 2010-08-03 13:03 -------- d-----w- c:\program files\Uniblue
2010-08-03 08:50 . 2010-08-03 08:50 -------- d-----w- c:\users\Dixons\AppData\Local\Adobe
2010-08-03 06:18 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-08-03 06:16 . 2010-05-21 12:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-08-03 04:54 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-08-03 04:47 . 2010-02-12 10:48 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-08-03 04:44 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-08-03 04:43 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-08-03 04:43 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-08-03 04:43 . 2010-08-03 04:43 -------- d-----w- c:\program files\MSXML 4.0
2010-08-03 04:13 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-08-03 04:13 . 2009-12-11 11:43 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-03 04:13 . 2009-12-11 11:43 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-03 04:13 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-08-03 04:13 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-08-03 04:11 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2010-08-03 04:10 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-08-03 04:10 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2010-08-03 04:10 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-08-03 04:10 . 2009-04-11 06:28 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-08-03 04:10 . 2009-04-11 06:28 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-08-03 04:10 . 2010-05-26 14:47 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-08-03 04:10 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-08-03 04:10 . 2010-05-26 17:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-08-03 04:10 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2010-08-03 04:10 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-08-03 04:09 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2010-08-03 04:09 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2010-08-03 04:09 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-08-03 04:09 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-08-03 04:09 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-08 11:47 . 2008-01-21 06:47 667352 ----a-w- c:\windows\system32\perfh013.dat
2010-08-08 11:47 . 2008-01-21 06:47 126854 ----a-w- c:\windows\system32\perfc013.dat
2010-08-08 11:41 . 2010-08-02 11:47 42301 ----a-w- c:\programdata\nvModes.dat
2010-08-07 14:48 . 2008-04-16 05:22 -------- d-----w- c:\program files\McAfee
2010-08-06 13:32 . 2008-04-16 05:22 -------- d-----w- c:\programdata\McAfee
2010-08-06 05:59 . 2008-04-16 05:53 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-04 20:17 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-08-04 20:17 . 2010-08-04 20:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-08-04 20:17 . 2010-08-04 20:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-08-04 15:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-08-04 15:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-08-03 22:45 . 2010-08-04 12:47 -------- d-----w- c:\users\Ekker 1\AppData\Roaming\Intel
2010-08-03 22:44 . 2008-04-16 04:56 -------- d-----w- c:\program files\Intel
2010-08-03 21:57 . 2010-08-02 11:47 -------- d-----w- c:\users\Dixons\AppData\Roaming\SiteAdvisor
2010-08-03 06:09 . 2010-08-03 06:09 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-08-03 04:45 . 2008-04-16 05:14 -------- d-----w- c:\program files\Microsoft Works
2010-08-02 18:19 . 2010-08-02 18:19 0 ----a-w- c:\users\Dixons\AppData\Roaming\wklnhst.dat
2010-08-02 16:15 . 2010-08-02 16:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-08-02 15:03 . 2008-04-16 05:12 -------- d-----w- c:\programdata\Microsoft Help
2010-08-02 12:02 . 2008-04-16 05:46 -------- d-----w- c:\programdata\CyberLink
2010-08-02 11:58 . 2010-08-02 11:58 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2010-08-02 11:52 . 2008-04-16 05:45 -------- d-----w- c:\program files\Acer Arcade Deluxe
2010-08-02 11:52 . 2008-04-16 05:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-02 11:47 . 2010-08-02 21:28 2220 ----a-w- c:\windows\CLEANUP.CMD
2010-08-02 11:47 . 2010-08-02 11:47 -------- d-----w- c:\users\Dixons\AppData\Roaming\InstallShield
2010-08-02 11:39 . 2010-08-02 11:39 -------- d-----w- c:\program files\Common Files\snp2uvc
2010-08-02 11:39 . 2010-08-02 11:39 -------- d-----w- c:\programdata\InstallShield
2010-08-02 11:38 . 2008-04-16 05:00 -------- d-----w- c:\program files\Common Files\InstallShield
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"= "c:\program files\Family Toolbar\tbhelper.dll" [2009-05-07 355840]
[HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}]
[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}]
[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]
2009-05-07 21:46 2642432 ----a-w- c:\program files\Family Toolbar\tbcore3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]
[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]
[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-01-03 00:00 39472 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2010-07-27 67448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
"SiteAdvisor"="c:\program files\SiteAdvisor\6172\SiteAdv.exe" [2007-08-24 36640]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-05 525360]
"Skytel"="Skytel.exe" [2007-08-03 1826816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-03 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-03 92704]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"PLFSetL"="c:\windows\\PLFSetL.exe" [2007-07-05 94208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-10-10 1286144]
"SetPanel"="c:\acer\APanel\APanel.cmd" [bU]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-01-04 768520]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2008-01-22 200704]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-21 159744]
"eRecoveryService"="" [bU]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [bU]
"Reader Library Launcher"="c:\program files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe" [2010-05-10 906656]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-08-03 1287120]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-4-16 535336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 2 (0x2)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2010-08-06 14:02 13672 ----a-w- c:\program files\Citrix\GoToAssist\615\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(
:25,a5,ac,df,e7,33,cb,01R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-08-03 218592]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-01-04 41456]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]
S3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
--- Andere Services/Drivers In Geheugen ---
*Deregistered* - PCTSDInjDriver32
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de 'Gedeelde Taken' map
2008-04-16 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-04-16 13:10]
2008-04-16 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-04-16 13:10]
2010-08-08 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-08-03 07:50]
2010-08-08 c:\windows\Tasks\User_Feed_Synchronization-{81F699E3-61A6-434E-9722-902F0DA72BC1}.job
- c:\windows\system32\msfeedssync.exe [2010-08-03 04:30]
.
.
------- Bijkomende Scan -------
.
uStart Page = about:blank
mStart Page = hxxp://search.myheritage.com
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: internet
Trusted Zone: mcafee.com
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-08-08 14:23
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'Explorer.exe'(1720)
c:\program files\Spyware Doctor\pctgmhk.dll
c:\program files\SiteAdvisor\6172\saHook.dll
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
Voltooingstijd: 2010-08-08 14:28:24
ComboFix-quarantined-files.txt 2010-08-08 12:28
Pre-Run: 105.934.852.096 bytes beschikbaar
Post-Run: 105.902.170.112 bytes beschikbaar
- - End Of File - - 8D85F7577CE2355F64E5F60B71D830E0
-
Combofix gedownload eindelijk.
Laten werken. Alles ging geloof ik goed, alleen op het allerlaatst, moest combofix.text komen en dat gebeurde niet. McAfee stond uit. Dus alleen maar weer Hijacklog.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:03:54, on 8-8-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\System32\rundll32.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Users\EKKER1~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Family Toolbar\tbcore3.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [skytel] Skytel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\\PLFSetL.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Reader Library Launcher] C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SiteAdvisor-service (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10330 bytes
-
Het is wel ontzettend stom, maar combifix die ik heb gedownload heeft geen link 1 link 2. het is een trail versie. Hij opent wel, maar vraagt registratiecode en naam.
Hoe ik Registrybooster McAfee en Spyware doctor moet uitzetten weet ik ook niet via die link. Wat een sukkel he. Groet, ekster
-
Bij het openen wordt er direct om toestemming gevraagd. Ik klik op Ja en dan komen die errors. Groet ekster i
-
Malewirebites Anti malware staat op USB stick. Bij mijn vriendin bij wie ik hem van de computer haalde, opende MBAM direct met de vraag om te scannen.
Bij mij geeft hij echter:
runtime error 0
automation error 440.
Wat een puinhoop. Begrijp jij het kape. Groeten ekster.
:25,a5,ac,df,e7,33,cb,01
Ocr
in Archief Windows Algemeen
Geplaatst:
Ik vind ze wel, maar als ik erop klik krijg steeds hetzelfde venster als hierboven. Groetjes, ekster