Ook problemen met ING, tan codes geblokkeerd
Geplaatst: 13 sep 2011 19:10
Goedenavond,
ook wij hebben, nu tot meerdere malen toe, het probleem dat de ING onze tan codes blokkeerd ivm een virus. Wij hebben op hun aanraden het besturingssysteem opnieuw geinstalleerd maar eind vorige week is de functie nu wederom geblokkeerd, het lijkt erop dat het virus moeilijk te vinden is (niet door AVG, MC Afee gevonden). Ook de ING Cleaner heeft niets gevonden.
Ik post hieronder de gevraagde log files, hopelijk kunnen jullie helpen!
Malware Bytes:
Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org" onclick="window.open(this.href);return false;
Databaseversie: 7709
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19088
13-9-2011 17:58:34
mbam-log-2011-09-13 (17-58-34).txt
Scantype: Snelle scan
Objecten gescand: 160607
Verstreken tijd: 13 minuut/minuten, 11 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 1
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
c:\END (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HIJAKE THIS
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:58:44, on 13-9-2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Users\Henrieke\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wuauclt.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hyves.nl" onclick="window.open(this.href);return false;
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... spire_5520" onclick="window.open(this.href);return false;
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll
O2 - BHO: TBSB00081 - {32B279E3-5023-4CD8-A295-70C79EDBB294} - C:\Program Files\HyvesToolbar\Hyves Toolbar\tbcore3.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110904132421.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: BullGuard Safe Browsing - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll
O3 - Toolbar: Hyves Toolbar - {AB8DC1E0-22BE-4181-B77E-02C495E031F8} - C:\Program Files\HyvesToolbar\Hyves Toolbar\tbcore3.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\\PLFSetL.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [AutoEJCD_0ACE20FF] C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE /VID=0ACE /PID=20FF
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C" onclick="window.open(this.href);return false;:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C" onclick="window.open(this.href);return false;:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O18 - Protocol: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL BgGamingMonitor.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: Partner Service - Google Inc. - c:\programdata\partner\partner.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 14009 bytes
DDS
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19088
Run by Henrieke at 18:59:14 on 2011-09-13
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3070.1739 [GMT 2:00]
.
AV: McAfee Antivirus en antispyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: BullGuard Antivirus *Enabled/Updated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}
SP: BullGuard Antispyware *Enabled/Updated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Antivirus en antispyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: BullGuard Firewall *Enabled* {68747E43-7A47-EA26-053F-CB84640E3E67}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\SvcHost.exe -k BullGuard_Main
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_LowPriv
C:\Windows\System32\SvcHost.exe -k BullGuard
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Users\Henrieke\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wuauclt.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conime.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.hotmail.com/" onclick="window.open(this.href);return false;
uDefault_Page_URL = hxxp://www.hyves.nl" onclick="window.open(this.href);return false;
uWindow Title = Windows Internet Explorer wordt aangeboden door Hyves
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0911&m=aspire_5520" onclick="window.open(this.href);return false;
mDefault_Page_URL = hxxp://nl.intl.acer.yahoo.com" onclick="window.open(this.href);return false;
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.35.10\bh\BabylonToolbar.dll
BHO: TBSB00081 Class: {32b279e3-5023-4cd8-a295-70c79edbb294} - c:\program files\hyvestoolbar\hyves toolbar\tbcore3.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110904132421.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
BHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - c:\programdata\partner\partner.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: BullGuard Safe Browsing: {fc872b94-35e3-4b94-b028-184a2a1c7cce} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIEBHO.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.35.10\BabylonToolbarTlbr.dll
TB: Hyves Toolbar: {ab8dc1e0-22be-4181-b77e-02c495e031f8} - c:\program files\hyvestoolbar\hyves toolbar\tbcore3.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\x86\eDSloader.exe
mRun: [eAudio] "c:\acer\empowering technology\eaudio\eAudio.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SetPanel] c:\acer\apanel\APanel.cmd
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [PlayMovie] "c:\program files\acer arcade deluxe\play movie\PMVService.exe"
mRun: [WarReg_PopUp] c:\program files\acer\wr_popup\WarReg_PopUp.exe
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [PLFSetL] c:\windows\\PLFSetL.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [eRecoveryService]
mRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe
mRun: [AutoEJCD_0ACE20FF] c:\program files\autoinstall\zd1211b_auto_install_cd_only_gen_0ace20ff\AutoEJCD.EXE /VID=0ACE /PID=20FF
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [BullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\windows\system32\BGLsp.dll
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{5D25DAFA-2500-47E1-B214-F34F802BAC99} : DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{EB5BBD8A-006B-42AE-A647-A150D71D5249} : DhcpNameServer = 62.179.104.196 213.46.228.196
Handler: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIEBHO.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL BgGamingMonitor.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-5-22 459728]
R1 AFW;Agnitum Firewall Driver;c:\windows\system32\drivers\afw.sys [2011-8-31 34920]
R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [2011-8-31 61152]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-9-4 64584]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-9-4 165032]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [2011-8-31 215624]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [2011-8-31 20040]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\play movie\000.fcl [2011-9-4 41456]
R2 BsBhvScan;BullGuard behavioural detection service;c:\program files\bullguard ltd\bullguard\BullGuardBhvScanner.exe [2011-7-27 338264]
R2 BsBrowser;BullGuard antiphishing service;c:\windows\system32\SvcHost.exe -k BullGuard_LowPriv [2008-1-21 21504]
R2 BsFileScan;BullGuard on-access service;c:\windows\system32\SvcHost.exe -k BullGuard [2008-1-21 21504]
R2 BsFire;BullGuard firewall service;c:\windows\system32\SvcHost.exe -k BullGuard [2008-1-21 21504]
R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\system32\SvcHost.exe -k BullGuard [2008-1-21 21504]
R2 BsMain;BullGuard main service;c:\windows\system32\SvcHost.exe -k BullGuard_Main [2008-1-21 21504]
R2 BsUpdate;BullGuard update service;c:\program files\bullguard ltd\bullguard\BullGuardUpdate.exe [2011-5-18 320344]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-13 366152]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-9-4 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-9-4 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-9-4 148520]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2011-8-31 328296]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\drivers\athrusb.sys [2011-9-4 894976]
R3 BsScanner;BullGuard scanning service;c:\program files\bullguard ltd\bullguard\BullGuardScanner.exe [2011-8-3 288088]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-9-4 56064]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-5-23 32256]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-13 22216]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-9-4 153280]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-9-4 52320]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-9-4 314088]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-9-5 135664]
S3 BgRaSvc;BgRaSvc;c:\program files\bullguard ltd\bullguard\support\BgRaSvc.exe [2011-5-18 125784]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-9-4 30192]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-9-5 135664]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-9-4 84488]
S3 Partner Service;Partner Service;c:\programdata\partner\partner.exe [2011-9-4 110576]
.
=============== Created Last 30 ================
.
2011-09-13 16:40:51 388096 ----a-r- c:\users\henrieke\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-09-13 16:31:19 -------- d-----w- c:\program files\Trend Micro
2011-09-13 15:42:01 -------- d-----w- c:\users\henrieke\appdata\roaming\Malwarebytes
2011-09-13 15:41:25 -------- d-----w- c:\programdata\Malwarebytes
2011-09-13 15:41:21 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-13 15:41:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-11 08:20:21 -------- d-----w- c:\users\henrieke\appdata\roaming\Software Inspection Library
2011-09-11 08:11:24 -------- d-----w- c:\users\henrieke\appdata\roaming\BullGuard
2011-09-11 08:04:34 -------- d-----w- c:\programdata\BullGuard
2011-09-11 08:03:43 -------- d-----w- c:\program files\BullGuard Ltd
2011-09-09 14:13:07 -------- d-----w- c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-09-09 13:47:31 -------- d-----w- c:\users\henrieke\appdata\local\Adobe
2011-09-09 11:28:27 -------- d-----w- c:\users\henrieke\appdata\roaming\Sammsoft
2011-09-09 11:11:56 -------- d-----w- c:\users\henrieke\appdata\local\PackageAware
2011-09-07 09:55:52 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-07 09:12:54 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-09-07 09:12:54 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-09-07 09:12:54 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-09-07 09:12:54 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-09-07 09:12:54 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-09-07 09:10:21 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-09-06 15:16:22 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-09-06 15:16:20 17920 ----a-w- c:\windows\system32\netevent.dll
2011-09-06 15:15:56 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-09-06 15:15:46 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-09-06 15:15:45 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-09-06 10:09:29 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-09-06 10:09:29 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-09-06 10:09:26 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-09-06 10:09:25 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-09-06 09:54:31 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2011-09-06 09:51:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-09-06 09:28:18 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-09-06 09:28:17 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-09-06 09:28:17 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-09-06 09:28:17 11264 ----a-w- c:\windows\system32\icardres.dll
2011-09-06 09:28:17 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-09-06 09:28:15 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-09-06 09:22:19 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-09-06 09:22:15 83968 ----a-w- c:\windows\system32\mscories.dll
2011-09-06 09:18:20 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-09-06 09:18:19 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-09-06 09:18:19 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-09-06 09:14:14 -------- d-----w- c:\program files\MSXML 4.0
2011-09-06 09:09:02 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-09-05 09:29:52 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2011-09-05 09:29:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2011-09-05 09:29:20 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2011-09-05 08:58:58 385024 ----a-w- c:\windows\system32\html.iec
2011-09-05 08:58:57 743424 ----a-w- c:\program files\internet explorer\iedvtool.dll
2011-09-05 08:58:54 638232 ----a-w- c:\program files\internet explorer\iexplore.exe
2011-09-05 08:58:11 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-09-05 08:58:04 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-09-05 08:55:59 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2011-09-05 08:54:59 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-09-05 08:54:20 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-09-05 08:54:16 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-09-05 08:54:16 323072 ----a-w- c:\windows\system32\sbe.dll
2011-09-05 08:54:15 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-09-05 08:54:15 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-09-05 08:54:07 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-09-05 08:54:01 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-09-05 08:54:00 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-09-05 08:53:59 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-09-05 08:53:59 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-09-05 08:53:58 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-09-05 08:53:52 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-09-05 08:53:47 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-09-05 08:53:39 81920 ----a-w- c:\windows\system32\consent.exe
2011-09-05 08:53:22 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-09-05 08:53:20 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2011-09-05 08:53:14 501760 ----a-w- c:\windows\system32\usp10.dll
2011-09-05 08:53:05 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-09-05 08:53:03 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-09-05 08:51:59 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-09-05 08:50:48 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-09-05 08:50:09 104960 ----a-w- c:\windows\system32\netiohlp.dll
2011-09-05 08:50:06 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-09-05 08:50:06 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-09-05 08:50:06 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-09-05 08:50:06 10240 ----a-w- c:\windows\system32\finger.exe
2011-09-05 08:50:05 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-09-05 08:50:05 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-09-05 08:50:05 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-09-05 08:48:49 636928 ----a-w- c:\windows\system32\localspl.dll
2011-09-05 08:48:46 126464 ----a-w- c:\windows\system32\spoolsv.exe
2011-09-05 08:48:42 296960 ----a-w- c:\windows\system32\gdi32.dll
2011-09-05 08:48:37 2927104 ----a-w- c:\windows\explorer.exe
2011-09-05 08:48:33 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-09-05 08:48:27 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-09-05 08:48:22 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-09-05 08:48:18 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-09-05 08:46:55 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-09-05 08:46:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-09-05 08:46:54 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2011-09-05 08:46:53 9728 ----a-w- c:\windows\system32\lsass.exe
2011-09-05 08:46:53 72704 ----a-w- c:\windows\system32\secur32.dll
2011-09-05 08:46:53 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-09-05 08:46:46 443392 ----a-w- c:\windows\system32\win32spl.dll
2011-09-05 08:46:38 24064 ----a-w- c:\windows\system32\amxread.dll
2011-09-05 08:46:38 13824 ----a-w- c:\windows\system32\apilogen.dll
2011-09-05 08:46:33 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-09-05 08:46:25 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-05 08:45:34 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-09-05 08:45:30 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-09-05 08:45:30 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-09-05 08:45:19 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-09-05 08:45:19 511488 ----a-w- c:\windows\system32\RMActivate.exe
2011-09-05 08:45:18 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-09-05 08:45:17 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2011-09-05 08:45:17 472064 ----a-w- c:\windows\system32\secproc.dll
2011-09-05 08:45:17 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-09-05 08:45:15 329216 ----a-w- c:\windows\system32\msdrm.dll
2011-09-05 08:45:15 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-09-05 08:45:15 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-09-05 08:43:59 281600 ----a-w- c:\windows\system32\raschap.dll
2011-09-05 08:43:59 244224 ----a-w- c:\windows\system32\rastls.dll
2011-09-05 08:43:16 351232 ----a-w- c:\windows\system32\WSDApi.dll
2011-09-05 08:43:05 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-09-05 08:21:12 -------- d-----w- c:\program files\HyvesToolbar
2011-09-05 08:19:28 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-09-05 08:19:25 98304 ----a-w- c:\windows\system32\cabview.dll
2011-09-04 19:44:22 -------- d-----w- c:\programdata\Sports Interactive
2011-09-04 19:01:34 49152 ----a-w- c:\windows\INTEROP.IWSHRUNTIMELIBRARY.DLL
2011-09-04 19:01:34 380928 ----a-w- c:\windows\ACERSTORE.EXE
2011-09-04 19:01:28 3 ----a-w- c:\windows\AFirst.cmd
2011-09-04 19:01:28 17730504 ----a-w- c:\windows\eRy.exe
2011-09-04 19:01:24 55808 ----a-w- c:\windows\devcon.exe
2011-09-04 19:01:24 397 ----a-w- c:\windows\MSSEC_RB.CMD
2011-09-04 19:01:24 387 ----a-w- c:\windows\MSSFT_RB.CMD
2011-09-04 19:01:24 336 ----a-w- c:\windows\ACERTOURREMINDERRUN.REG
2011-09-04 19:01:24 294 ----a-w- c:\windows\offline.reg
2011-09-04 19:01:24 2022 ----a-w- c:\windows\CLEANUP.CMD
2011-09-04 19:01:24 155 ----a-w- c:\windows\IR.reg
2011-09-04 15:02:07 -------- d-----w- c:\program files\common files\Steam
2011-09-04 15:02:04 -------- d-----w- c:\program files\Steam
2011-09-04 15:01:36 -------- d--h--w- c:\program files\Zero G Registry
2011-09-04 15:01:36 -------- d-----w- c:\program files\Sports Interactive
2011-09-04 15:01:11 -------- d--h--w- c:\users\henrieke\InstallAnywhere
2011-09-04 13:42:07 -------- d-----w- c:\programdata\Soulseek
2011-09-04 13:42:03 -------- d-----w- c:\program files\BabylonToolbar
2011-09-04 13:41:47 -------- d-----w- c:\users\henrieke\appdata\roaming\Babylon
2011-09-04 13:41:47 -------- d-----w- c:\users\henrieke\appdata\local\Babylon
2011-09-04 13:41:47 -------- d-----w- c:\programdata\Babylon
2011-09-04 13:41:36 -------- d-----w- c:\program files\SoulseekNS
2011-09-04 12:06:36 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-09-04 12:05:12 -------- d--h--w- c:\windows\msdownld.tmp
2011-09-04 11:43:48 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-09-04 11:43:39 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-09-04 11:43:33 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-09-04 11:43:33 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-09-04 11:24:21 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-09-04 11:24:02 84488 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-09-04 11:24:02 64584 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-09-04 11:24:02 56064 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-09-04 11:24:02 52320 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-09-04 11:24:02 314088 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-09-04 11:24:02 165032 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-09-04 11:24:02 153280 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-09-04 11:23:54 -------- d-----w- c:\program files\common files\Mcafee
2011-09-04 11:23:53 -------- d-----w- c:\program files\McAfee.com
2011-09-04 11:23:51 -------- d-----w- c:\program files\McAfee
2011-09-04 10:23:53 148520 ----a-w- c:\windows\system32\mfevtps.exe
2011-09-04 09:57:21 894976 ----a-w- c:\windows\system32\drivers\athrusb.sys
2011-09-04 09:57:21 -------- d-----w- c:\program files\WLAN_Software
2011-09-04 09:56:51 -------- d-----w- c:\program files\AutoInstall
2011-09-04 09:52:29 -------- d-----w- c:\users\henrieke\appdata\local\PlayMovie
2011-09-04 09:45:01 327680 ----a-w- c:\windows\system32\Remove_eRecovery.exe
2011-09-04 09:45:01 16384 ----a-w- c:\windows\system32\LauncheRyAgentUser.exe
2011-09-04 09:45:01 16384 ----a-w- c:\windows\system32\ClearEvent.exe
2011-09-04 09:45:00 368640 ----a-w- c:\windows\system32\CheckD2DSystem.exe
2011-09-04 09:43:29 -------- d-----w- c:\program files\Apoint2K
2011-09-04 09:41:08 73728 ----a-w- c:\windows\system32\ISUSPM.cpl
2011-09-04 09:41:08 626688 ----a-w- c:\windows\Image.dll
2011-09-04 09:41:08 466944 ----a-w- c:\windows\Acer Crystal Eye webcam.EXE
2011-09-04 09:41:08 213936 ----a-w- c:\program files\common files\installshield\updateservice\ISUSPM.exe
2011-09-04 09:41:08 200704 ----a-w- c:\windows\PLFSetI.exe
2011-09-04 09:41:04 86960 ----a-w- c:\program files\common files\installshield\updateservice\issch.exe
2011-09-04 09:41:04 865200 ----a-w- c:\program files\common files\installshield\updateservice\agent.exe
2011-09-04 09:41:04 393216 ----a-w- c:\program files\common files\installshield\updateservice\_isusres.dll
2011-09-04 09:41:04 368640 ----a-w- c:\program files\common files\installshield\updateservice\_ispmres.dll
2011-09-04 09:41:04 283568 ----a-w- c:\program files\common files\installshield\updateservice\ISDM.exe
2011-09-04 09:40:37 -------- d-----w- c:\program files\Acer
2011-09-04 09:38:34 1695744 ----a-w- c:\windows\system32\gameux.dll
2011-09-04 09:32:53 6656 ----a-w- c:\windows\system32\kbd106n.dll
2011-09-04 09:32:45 19000 ----a-w- c:\windows\system32\kd1394.dll
2011-09-04 09:32:42 40960 ----a-w- c:\windows\system32\srclient.dll
2011-09-04 09:32:42 14848 ----a-w- c:\windows\system32\srdelayed.exe
2011-09-04 09:32:40 615992 ----a-w- c:\windows\system32\ci.dll
2011-09-04 09:32:39 988216 ----a-w- c:\windows\system32\winload.exe
2011-09-04 09:32:39 927288 ----a-w- c:\windows\system32\winresume.exe
2011-09-04 09:32:39 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2011-09-04 09:32:38 378368 ----a-w- c:\windows\system32\srcore.dll
2011-09-04 09:32:38 318464 ----a-w- c:\windows\system32\rstrui.exe
2011-09-04 09:31:43 -------- d-----w- C:\Convesoft
2011-09-04 09:30:28 40960 ------w- C:\junction.exe
2011-09-04 09:29:11 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2011-09-04 09:27:22 -------- d-----w- c:\program files\Launch Manager
2011-09-04 09:26:30 -------- d--h--w- c:\users\henrieke\appdata\local\acer eNM
2011-09-04 09:26:13 -------- d-----w- c:\users\henrieke\appdata\local\Google
2011-09-04 09:26:07 -------- d-sh--w- C:\$RECYCLE.BIN
2011-09-04 09:22:43 -------- d-----w- c:\programdata\Partner
2011-09-04 09:22:04 40280138 ----a-w- c:\windows\system32\acer.exe
2011-09-04 09:22:02 83554304 ----a-w- c:\windows\system32\acer.scr
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Sjablonen
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Menu Start
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Favorieten
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Documenten
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Bureaublad
2011-08-31 11:15:22 215624 ----a-w- c:\windows\system32\drivers\NSKernel.sys
2011-08-31 11:15:22 20040 ----a-w- c:\windows\system32\drivers\NSNetmon.sys
2011-08-31 11:15:14 61152 ----a-w- c:\windows\system32\drivers\BdSpy.sys
2011-08-31 11:15:14 34920 ----a-w- c:\windows\system32\drivers\afw.sys
2011-08-31 11:15:14 328296 ----a-w- c:\windows\system32\drivers\afwcore.sys
2011-08-31 11:15:14 304712 ----a-w- c:\windows\system32\drivers\Trufos.sys
2011-08-17 09:01:46 155992 ----a-w- c:\windows\system32\BGLsp.dll
.
==================== Find3M ====================
.
2011-07-06 14:56:47 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
.
============= FINISH: 19:02:44,82 ===============
Alvast bedankt!!!!
ook wij hebben, nu tot meerdere malen toe, het probleem dat de ING onze tan codes blokkeerd ivm een virus. Wij hebben op hun aanraden het besturingssysteem opnieuw geinstalleerd maar eind vorige week is de functie nu wederom geblokkeerd, het lijkt erop dat het virus moeilijk te vinden is (niet door AVG, MC Afee gevonden). Ook de ING Cleaner heeft niets gevonden.
Ik post hieronder de gevraagde log files, hopelijk kunnen jullie helpen!
Malware Bytes:
Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org" onclick="window.open(this.href);return false;
Databaseversie: 7709
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19088
13-9-2011 17:58:34
mbam-log-2011-09-13 (17-58-34).txt
Scantype: Snelle scan
Objecten gescand: 160607
Verstreken tijd: 13 minuut/minuten, 11 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 1
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
c:\END (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HIJAKE THIS
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:58:44, on 13-9-2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Users\Henrieke\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wuauclt.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hyves.nl" onclick="window.open(this.href);return false;
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... spire_5520" onclick="window.open(this.href);return false;
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll
O2 - BHO: TBSB00081 - {32B279E3-5023-4CD8-A295-70C79EDBB294} - C:\Program Files\HyvesToolbar\Hyves Toolbar\tbcore3.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110904132421.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: BullGuard Safe Browsing - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll
O3 - Toolbar: Hyves Toolbar - {AB8DC1E0-22BE-4181-B77E-02C495E031F8} - C:\Program Files\HyvesToolbar\Hyves Toolbar\tbcore3.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\\PLFSetL.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [AutoEJCD_0ACE20FF] C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE /VID=0ACE /PID=20FF
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C" onclick="window.open(this.href);return false;:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C" onclick="window.open(this.href);return false;:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O18 - Protocol: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL BgGamingMonitor.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: Partner Service - Google Inc. - c:\programdata\partner\partner.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 14009 bytes
DDS
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19088
Run by Henrieke at 18:59:14 on 2011-09-13
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3070.1739 [GMT 2:00]
.
AV: McAfee Antivirus en antispyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: BullGuard Antivirus *Enabled/Updated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}
SP: BullGuard Antispyware *Enabled/Updated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Antivirus en antispyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: BullGuard Firewall *Enabled* {68747E43-7A47-EA26-053F-CB84640E3E67}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\SvcHost.exe -k BullGuard_Main
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_LowPriv
C:\Windows\System32\SvcHost.exe -k BullGuard
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Users\Henrieke\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wuauclt.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conime.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.hotmail.com/" onclick="window.open(this.href);return false;
uDefault_Page_URL = hxxp://www.hyves.nl" onclick="window.open(this.href);return false;
uWindow Title = Windows Internet Explorer wordt aangeboden door Hyves
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0911&m=aspire_5520" onclick="window.open(this.href);return false;
mDefault_Page_URL = hxxp://nl.intl.acer.yahoo.com" onclick="window.open(this.href);return false;
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.35.10\bh\BabylonToolbar.dll
BHO: TBSB00081 Class: {32b279e3-5023-4cd8-a295-70c79edbb294} - c:\program files\hyvestoolbar\hyves toolbar\tbcore3.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110904132421.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
BHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - c:\programdata\partner\partner.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: BullGuard Safe Browsing: {fc872b94-35e3-4b94-b028-184a2a1c7cce} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIEBHO.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.35.10\BabylonToolbarTlbr.dll
TB: Hyves Toolbar: {ab8dc1e0-22be-4181-b77e-02c495e031f8} - c:\program files\hyvestoolbar\hyves toolbar\tbcore3.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\x86\eDSloader.exe
mRun: [eAudio] "c:\acer\empowering technology\eaudio\eAudio.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SetPanel] c:\acer\apanel\APanel.cmd
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [PlayMovie] "c:\program files\acer arcade deluxe\play movie\PMVService.exe"
mRun: [WarReg_PopUp] c:\program files\acer\wr_popup\WarReg_PopUp.exe
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [PLFSetL] c:\windows\\PLFSetL.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [eRecoveryService]
mRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe
mRun: [AutoEJCD_0ACE20FF] c:\program files\autoinstall\zd1211b_auto_install_cd_only_gen_0ace20ff\AutoEJCD.EXE /VID=0ACE /PID=20FF
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [BullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\windows\system32\BGLsp.dll
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{5D25DAFA-2500-47E1-B214-F34F802BAC99} : DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{EB5BBD8A-006B-42AE-A647-A150D71D5249} : DhcpNameServer = 62.179.104.196 213.46.228.196
Handler: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIEBHO.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL BgGamingMonitor.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-5-22 459728]
R1 AFW;Agnitum Firewall Driver;c:\windows\system32\drivers\afw.sys [2011-8-31 34920]
R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [2011-8-31 61152]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-9-4 64584]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-9-4 165032]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [2011-8-31 215624]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [2011-8-31 20040]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\play movie\000.fcl [2011-9-4 41456]
R2 BsBhvScan;BullGuard behavioural detection service;c:\program files\bullguard ltd\bullguard\BullGuardBhvScanner.exe [2011-7-27 338264]
R2 BsBrowser;BullGuard antiphishing service;c:\windows\system32\SvcHost.exe -k BullGuard_LowPriv [2008-1-21 21504]
R2 BsFileScan;BullGuard on-access service;c:\windows\system32\SvcHost.exe -k BullGuard [2008-1-21 21504]
R2 BsFire;BullGuard firewall service;c:\windows\system32\SvcHost.exe -k BullGuard [2008-1-21 21504]
R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\system32\SvcHost.exe -k BullGuard [2008-1-21 21504]
R2 BsMain;BullGuard main service;c:\windows\system32\SvcHost.exe -k BullGuard_Main [2008-1-21 21504]
R2 BsUpdate;BullGuard update service;c:\program files\bullguard ltd\bullguard\BullGuardUpdate.exe [2011-5-18 320344]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-13 366152]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-9-4 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-9-4 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-9-4 148520]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2011-8-31 328296]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\drivers\athrusb.sys [2011-9-4 894976]
R3 BsScanner;BullGuard scanning service;c:\program files\bullguard ltd\bullguard\BullGuardScanner.exe [2011-8-3 288088]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-9-4 56064]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-5-23 32256]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-13 22216]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-9-4 153280]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-9-4 52320]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-9-4 314088]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-9-5 135664]
S3 BgRaSvc;BgRaSvc;c:\program files\bullguard ltd\bullguard\support\BgRaSvc.exe [2011-5-18 125784]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-9-4 30192]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-9-5 135664]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-9-4 84488]
S3 Partner Service;Partner Service;c:\programdata\partner\partner.exe [2011-9-4 110576]
.
=============== Created Last 30 ================
.
2011-09-13 16:40:51 388096 ----a-r- c:\users\henrieke\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-09-13 16:31:19 -------- d-----w- c:\program files\Trend Micro
2011-09-13 15:42:01 -------- d-----w- c:\users\henrieke\appdata\roaming\Malwarebytes
2011-09-13 15:41:25 -------- d-----w- c:\programdata\Malwarebytes
2011-09-13 15:41:21 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-13 15:41:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-11 08:20:21 -------- d-----w- c:\users\henrieke\appdata\roaming\Software Inspection Library
2011-09-11 08:11:24 -------- d-----w- c:\users\henrieke\appdata\roaming\BullGuard
2011-09-11 08:04:34 -------- d-----w- c:\programdata\BullGuard
2011-09-11 08:03:43 -------- d-----w- c:\program files\BullGuard Ltd
2011-09-09 14:13:07 -------- d-----w- c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-09-09 13:47:31 -------- d-----w- c:\users\henrieke\appdata\local\Adobe
2011-09-09 11:28:27 -------- d-----w- c:\users\henrieke\appdata\roaming\Sammsoft
2011-09-09 11:11:56 -------- d-----w- c:\users\henrieke\appdata\local\PackageAware
2011-09-07 09:55:52 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-07 09:12:54 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-09-07 09:12:54 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-09-07 09:12:54 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-09-07 09:12:54 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-09-07 09:12:54 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-09-07 09:10:21 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-09-06 15:16:22 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-09-06 15:16:20 17920 ----a-w- c:\windows\system32\netevent.dll
2011-09-06 15:15:56 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-09-06 15:15:46 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-09-06 15:15:45 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-09-06 10:09:29 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-09-06 10:09:29 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-09-06 10:09:26 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-09-06 10:09:25 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-09-06 09:54:31 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2011-09-06 09:51:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-09-06 09:28:18 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-09-06 09:28:17 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-09-06 09:28:17 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-09-06 09:28:17 11264 ----a-w- c:\windows\system32\icardres.dll
2011-09-06 09:28:17 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-09-06 09:28:15 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-09-06 09:22:19 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-09-06 09:22:15 83968 ----a-w- c:\windows\system32\mscories.dll
2011-09-06 09:18:20 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-09-06 09:18:19 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-09-06 09:18:19 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-09-06 09:14:14 -------- d-----w- c:\program files\MSXML 4.0
2011-09-06 09:09:02 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-09-05 09:29:52 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2011-09-05 09:29:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2011-09-05 09:29:20 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2011-09-05 08:58:58 385024 ----a-w- c:\windows\system32\html.iec
2011-09-05 08:58:57 743424 ----a-w- c:\program files\internet explorer\iedvtool.dll
2011-09-05 08:58:54 638232 ----a-w- c:\program files\internet explorer\iexplore.exe
2011-09-05 08:58:11 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-09-05 08:58:04 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-09-05 08:55:59 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2011-09-05 08:54:59 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-09-05 08:54:20 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-09-05 08:54:16 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-09-05 08:54:16 323072 ----a-w- c:\windows\system32\sbe.dll
2011-09-05 08:54:15 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-09-05 08:54:15 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-09-05 08:54:07 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-09-05 08:54:01 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-09-05 08:54:00 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-09-05 08:53:59 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-09-05 08:53:59 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-09-05 08:53:58 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-09-05 08:53:52 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-09-05 08:53:47 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-09-05 08:53:39 81920 ----a-w- c:\windows\system32\consent.exe
2011-09-05 08:53:22 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-09-05 08:53:20 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2011-09-05 08:53:14 501760 ----a-w- c:\windows\system32\usp10.dll
2011-09-05 08:53:05 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-09-05 08:53:03 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-09-05 08:51:59 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-09-05 08:50:48 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-09-05 08:50:09 104960 ----a-w- c:\windows\system32\netiohlp.dll
2011-09-05 08:50:06 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-09-05 08:50:06 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-09-05 08:50:06 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-09-05 08:50:06 10240 ----a-w- c:\windows\system32\finger.exe
2011-09-05 08:50:05 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-09-05 08:50:05 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-09-05 08:50:05 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-09-05 08:48:49 636928 ----a-w- c:\windows\system32\localspl.dll
2011-09-05 08:48:46 126464 ----a-w- c:\windows\system32\spoolsv.exe
2011-09-05 08:48:42 296960 ----a-w- c:\windows\system32\gdi32.dll
2011-09-05 08:48:37 2927104 ----a-w- c:\windows\explorer.exe
2011-09-05 08:48:33 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-09-05 08:48:27 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-09-05 08:48:22 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-09-05 08:48:18 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-09-05 08:46:55 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-09-05 08:46:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-09-05 08:46:54 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2011-09-05 08:46:53 9728 ----a-w- c:\windows\system32\lsass.exe
2011-09-05 08:46:53 72704 ----a-w- c:\windows\system32\secur32.dll
2011-09-05 08:46:53 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-09-05 08:46:46 443392 ----a-w- c:\windows\system32\win32spl.dll
2011-09-05 08:46:38 24064 ----a-w- c:\windows\system32\amxread.dll
2011-09-05 08:46:38 13824 ----a-w- c:\windows\system32\apilogen.dll
2011-09-05 08:46:33 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-09-05 08:46:25 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-05 08:45:34 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-09-05 08:45:30 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-09-05 08:45:30 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-09-05 08:45:19 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-09-05 08:45:19 511488 ----a-w- c:\windows\system32\RMActivate.exe
2011-09-05 08:45:18 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-09-05 08:45:17 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2011-09-05 08:45:17 472064 ----a-w- c:\windows\system32\secproc.dll
2011-09-05 08:45:17 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-09-05 08:45:15 329216 ----a-w- c:\windows\system32\msdrm.dll
2011-09-05 08:45:15 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-09-05 08:45:15 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-09-05 08:43:59 281600 ----a-w- c:\windows\system32\raschap.dll
2011-09-05 08:43:59 244224 ----a-w- c:\windows\system32\rastls.dll
2011-09-05 08:43:16 351232 ----a-w- c:\windows\system32\WSDApi.dll
2011-09-05 08:43:05 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-09-05 08:21:12 -------- d-----w- c:\program files\HyvesToolbar
2011-09-05 08:19:28 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-09-05 08:19:25 98304 ----a-w- c:\windows\system32\cabview.dll
2011-09-04 19:44:22 -------- d-----w- c:\programdata\Sports Interactive
2011-09-04 19:01:34 49152 ----a-w- c:\windows\INTEROP.IWSHRUNTIMELIBRARY.DLL
2011-09-04 19:01:34 380928 ----a-w- c:\windows\ACERSTORE.EXE
2011-09-04 19:01:28 3 ----a-w- c:\windows\AFirst.cmd
2011-09-04 19:01:28 17730504 ----a-w- c:\windows\eRy.exe
2011-09-04 19:01:24 55808 ----a-w- c:\windows\devcon.exe
2011-09-04 19:01:24 397 ----a-w- c:\windows\MSSEC_RB.CMD
2011-09-04 19:01:24 387 ----a-w- c:\windows\MSSFT_RB.CMD
2011-09-04 19:01:24 336 ----a-w- c:\windows\ACERTOURREMINDERRUN.REG
2011-09-04 19:01:24 294 ----a-w- c:\windows\offline.reg
2011-09-04 19:01:24 2022 ----a-w- c:\windows\CLEANUP.CMD
2011-09-04 19:01:24 155 ----a-w- c:\windows\IR.reg
2011-09-04 15:02:07 -------- d-----w- c:\program files\common files\Steam
2011-09-04 15:02:04 -------- d-----w- c:\program files\Steam
2011-09-04 15:01:36 -------- d--h--w- c:\program files\Zero G Registry
2011-09-04 15:01:36 -------- d-----w- c:\program files\Sports Interactive
2011-09-04 15:01:11 -------- d--h--w- c:\users\henrieke\InstallAnywhere
2011-09-04 13:42:07 -------- d-----w- c:\programdata\Soulseek
2011-09-04 13:42:03 -------- d-----w- c:\program files\BabylonToolbar
2011-09-04 13:41:47 -------- d-----w- c:\users\henrieke\appdata\roaming\Babylon
2011-09-04 13:41:47 -------- d-----w- c:\users\henrieke\appdata\local\Babylon
2011-09-04 13:41:47 -------- d-----w- c:\programdata\Babylon
2011-09-04 13:41:36 -------- d-----w- c:\program files\SoulseekNS
2011-09-04 12:06:36 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-09-04 12:05:12 -------- d--h--w- c:\windows\msdownld.tmp
2011-09-04 11:43:48 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-09-04 11:43:39 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-09-04 11:43:33 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-09-04 11:43:33 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-09-04 11:24:21 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-09-04 11:24:02 84488 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-09-04 11:24:02 64584 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-09-04 11:24:02 56064 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-09-04 11:24:02 52320 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-09-04 11:24:02 314088 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-09-04 11:24:02 165032 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-09-04 11:24:02 153280 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-09-04 11:23:54 -------- d-----w- c:\program files\common files\Mcafee
2011-09-04 11:23:53 -------- d-----w- c:\program files\McAfee.com
2011-09-04 11:23:51 -------- d-----w- c:\program files\McAfee
2011-09-04 10:23:53 148520 ----a-w- c:\windows\system32\mfevtps.exe
2011-09-04 09:57:21 894976 ----a-w- c:\windows\system32\drivers\athrusb.sys
2011-09-04 09:57:21 -------- d-----w- c:\program files\WLAN_Software
2011-09-04 09:56:51 -------- d-----w- c:\program files\AutoInstall
2011-09-04 09:52:29 -------- d-----w- c:\users\henrieke\appdata\local\PlayMovie
2011-09-04 09:45:01 327680 ----a-w- c:\windows\system32\Remove_eRecovery.exe
2011-09-04 09:45:01 16384 ----a-w- c:\windows\system32\LauncheRyAgentUser.exe
2011-09-04 09:45:01 16384 ----a-w- c:\windows\system32\ClearEvent.exe
2011-09-04 09:45:00 368640 ----a-w- c:\windows\system32\CheckD2DSystem.exe
2011-09-04 09:43:29 -------- d-----w- c:\program files\Apoint2K
2011-09-04 09:41:08 73728 ----a-w- c:\windows\system32\ISUSPM.cpl
2011-09-04 09:41:08 626688 ----a-w- c:\windows\Image.dll
2011-09-04 09:41:08 466944 ----a-w- c:\windows\Acer Crystal Eye webcam.EXE
2011-09-04 09:41:08 213936 ----a-w- c:\program files\common files\installshield\updateservice\ISUSPM.exe
2011-09-04 09:41:08 200704 ----a-w- c:\windows\PLFSetI.exe
2011-09-04 09:41:04 86960 ----a-w- c:\program files\common files\installshield\updateservice\issch.exe
2011-09-04 09:41:04 865200 ----a-w- c:\program files\common files\installshield\updateservice\agent.exe
2011-09-04 09:41:04 393216 ----a-w- c:\program files\common files\installshield\updateservice\_isusres.dll
2011-09-04 09:41:04 368640 ----a-w- c:\program files\common files\installshield\updateservice\_ispmres.dll
2011-09-04 09:41:04 283568 ----a-w- c:\program files\common files\installshield\updateservice\ISDM.exe
2011-09-04 09:40:37 -------- d-----w- c:\program files\Acer
2011-09-04 09:38:34 1695744 ----a-w- c:\windows\system32\gameux.dll
2011-09-04 09:32:53 6656 ----a-w- c:\windows\system32\kbd106n.dll
2011-09-04 09:32:45 19000 ----a-w- c:\windows\system32\kd1394.dll
2011-09-04 09:32:42 40960 ----a-w- c:\windows\system32\srclient.dll
2011-09-04 09:32:42 14848 ----a-w- c:\windows\system32\srdelayed.exe
2011-09-04 09:32:40 615992 ----a-w- c:\windows\system32\ci.dll
2011-09-04 09:32:39 988216 ----a-w- c:\windows\system32\winload.exe
2011-09-04 09:32:39 927288 ----a-w- c:\windows\system32\winresume.exe
2011-09-04 09:32:39 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2011-09-04 09:32:38 378368 ----a-w- c:\windows\system32\srcore.dll
2011-09-04 09:32:38 318464 ----a-w- c:\windows\system32\rstrui.exe
2011-09-04 09:31:43 -------- d-----w- C:\Convesoft
2011-09-04 09:30:28 40960 ------w- C:\junction.exe
2011-09-04 09:29:11 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2011-09-04 09:27:22 -------- d-----w- c:\program files\Launch Manager
2011-09-04 09:26:30 -------- d--h--w- c:\users\henrieke\appdata\local\acer eNM
2011-09-04 09:26:13 -------- d-----w- c:\users\henrieke\appdata\local\Google
2011-09-04 09:26:07 -------- d-sh--w- C:\$RECYCLE.BIN
2011-09-04 09:22:43 -------- d-----w- c:\programdata\Partner
2011-09-04 09:22:04 40280138 ----a-w- c:\windows\system32\acer.exe
2011-09-04 09:22:02 83554304 ----a-w- c:\windows\system32\acer.scr
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Sjablonen
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Menu Start
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Favorieten
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Documenten
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Bureaublad
2011-08-31 11:15:22 215624 ----a-w- c:\windows\system32\drivers\NSKernel.sys
2011-08-31 11:15:22 20040 ----a-w- c:\windows\system32\drivers\NSNetmon.sys
2011-08-31 11:15:14 61152 ----a-w- c:\windows\system32\drivers\BdSpy.sys
2011-08-31 11:15:14 34920 ----a-w- c:\windows\system32\drivers\afw.sys
2011-08-31 11:15:14 328296 ----a-w- c:\windows\system32\drivers\afwcore.sys
2011-08-31 11:15:14 304712 ----a-w- c:\windows\system32\drivers\Trufos.sys
2011-08-17 09:01:46 155992 ----a-w- c:\windows\system32\BGLsp.dll
.
==================== Find3M ====================
.
2011-07-06 14:56:47 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
.
============= FINISH: 19:02:44,82 ===============
Alvast bedankt!!!!