Ook problemen met ING, tan codes geblokkeerd

meril

13 sep 2011 19:10 1 door meril
PC Web Plus - Member

Goedenavond,

ook wij hebben, nu tot meerdere malen toe, het probleem dat de ING onze tan codes blokkeerd ivm een virus. Wij hebben op hun aanraden het besturingssysteem opnieuw geinstalleerd maar eind vorige week is de functie nu wederom geblokkeerd, het lijkt erop dat het virus moeilijk te vinden is (niet door AVG, MC Afee gevonden). Ook de ING Cleaner heeft niets gevonden.

Ik post hieronder de gevraagde log files, hopelijk kunnen jullie helpen!

Malware Bytes:

Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org" onclick="window.open(this.href);return false;

Databaseversie: 7709

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19088

13-9-2011 17:58:34
mbam-log-2011-09-13 (17-58-34).txt

Scantype: Snelle scan
Objecten gescand: 160607
Verstreken tijd: 13 minuut/minuten, 11 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 1

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
c:\END (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HIJAKE THIS

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:58:44, on 13-9-2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Users\Henrieke\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wuauclt.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hyves.nl" onclick="window.open(this.href);return false;
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" onclick="window.open(this.href);return false;
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... spire_5520" onclick="window.open(this.href);return false;
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll
O2 - BHO: TBSB00081 - {32B279E3-5023-4CD8-A295-70C79EDBB294} - C:\Program Files\HyvesToolbar\Hyves Toolbar\tbcore3.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110904132421.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: BullGuard Safe Browsing - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll
O3 - Toolbar: Hyves Toolbar - {AB8DC1E0-22BE-4181-B77E-02C495E031F8} - C:\Program Files\HyvesToolbar\Hyves Toolbar\tbcore3.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\\PLFSetL.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [AutoEJCD_0ACE20FF] C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE /VID=0ACE /PID=20FF
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C" onclick="window.open(this.href);return false;:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C" onclick="window.open(this.href);return false;:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bglsp.dll
O18 - Protocol: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL BgGamingMonitor.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: BgRaSvc - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe
O23 - Service: BullGuard behavioural detection service (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: Partner Service - Google Inc. - c:\programdata\partner\partner.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 14009 bytes

DDS

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19088
Run by Henrieke at 18:59:14 on 2011-09-13
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3070.1739 [GMT 2:00]
.
AV: McAfee Antivirus en antispyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: BullGuard Antivirus *Enabled/Updated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}
SP: BullGuard Antispyware *Enabled/Updated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Antivirus en antispyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: BullGuard Firewall *Enabled* {68747E43-7A47-EA26-053F-CB84640E3E67}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\SvcHost.exe -k BullGuard_Main
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_LowPriv
C:\Windows\System32\SvcHost.exe -k BullGuard
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Users\Henrieke\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wuauclt.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conime.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.hotmail.com/" onclick="window.open(this.href);return false;
uDefault_Page_URL = hxxp://www.hyves.nl" onclick="window.open(this.href);return false;
uWindow Title = Windows Internet Explorer wordt aangeboden door Hyves
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0911&m=aspire_5520" onclick="window.open(this.href);return false;
mDefault_Page_URL = hxxp://nl.intl.acer.yahoo.com" onclick="window.open(this.href);return false;
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.35.10\bh\BabylonToolbar.dll
BHO: TBSB00081 Class: {32b279e3-5023-4cd8-a295-70c79edbb294} - c:\program files\hyvestoolbar\hyves toolbar\tbcore3.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110904132421.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
BHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - c:\programdata\partner\partner.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: BullGuard Safe Browsing: {fc872b94-35e3-4b94-b028-184a2a1c7cce} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIEBHO.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.35.10\BabylonToolbarTlbr.dll
TB: Hyves Toolbar: {ab8dc1e0-22be-4181-b77e-02c495e031f8} - c:\program files\hyvestoolbar\hyves toolbar\tbcore3.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\x86\eDSloader.exe
mRun: [eAudio] "c:\acer\empowering technology\eaudio\eAudio.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SetPanel] c:\acer\apanel\APanel.cmd
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [PlayMovie] "c:\program files\acer arcade deluxe\play movie\PMVService.exe"
mRun: [WarReg_PopUp] c:\program files\acer\wr_popup\WarReg_PopUp.exe
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [PLFSetL] c:\windows\\PLFSetL.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [eRecoveryService]
mRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe
mRun: [AutoEJCD_0ACE20FF] c:\program files\autoinstall\zd1211b_auto_install_cd_only_gen_0ace20ff\AutoEJCD.EXE /VID=0ACE /PID=20FF
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [BullGuard] "c:\program files\bullguard ltd\bullguard\BullGuard.exe" -boot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\windows\system32\BGLsp.dll
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{5D25DAFA-2500-47E1-B214-F34F802BAC99} : DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{EB5BBD8A-006B-42AE-A647-A150D71D5249} : DhcpNameServer = 62.179.104.196 213.46.228.196
Handler: bglink - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - c:\program files\bullguard ltd\bullguard\antiphishing\ie\BGAntiphishingIEBHO.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL BgGamingMonitor.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-5-22 459728]
R1 AFW;Agnitum Firewall Driver;c:\windows\system32\drivers\afw.sys [2011-8-31 34920]
R1 BdSpy;BdSpy;c:\windows\system32\drivers\BdSpy.sys [2011-8-31 61152]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-9-4 64584]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-9-4 165032]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver;c:\windows\system32\drivers\NSKernel.sys [2011-8-31 215624]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver;c:\windows\system32\drivers\NSNetmon.sys [2011-8-31 20040]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\play movie\000.fcl [2011-9-4 41456]
R2 BsBhvScan;BullGuard behavioural detection service;c:\program files\bullguard ltd\bullguard\BullGuardBhvScanner.exe [2011-7-27 338264]
R2 BsBrowser;BullGuard antiphishing service;c:\windows\system32\SvcHost.exe -k BullGuard_LowPriv [2008-1-21 21504]
R2 BsFileScan;BullGuard on-access service;c:\windows\system32\SvcHost.exe -k BullGuard [2008-1-21 21504]
R2 BsFire;BullGuard firewall service;c:\windows\system32\SvcHost.exe -k BullGuard [2008-1-21 21504]
R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\system32\SvcHost.exe -k BullGuard [2008-1-21 21504]
R2 BsMain;BullGuard main service;c:\windows\system32\SvcHost.exe -k BullGuard_Main [2008-1-21 21504]
R2 BsUpdate;BullGuard update service;c:\program files\bullguard ltd\bullguard\BullGuardUpdate.exe [2011-5-18 320344]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-13 366152]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-9-4 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-9-4 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-9-4 148520]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2011-8-31 328296]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\drivers\athrusb.sys [2011-9-4 894976]
R3 BsScanner;BullGuard scanning service;c:\program files\bullguard ltd\bullguard\BullGuardScanner.exe [2011-8-3 288088]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-9-4 56064]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-5-23 32256]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-13 22216]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-9-4 153280]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-9-4 52320]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-9-4 314088]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-9-5 135664]
S3 BgRaSvc;BgRaSvc;c:\program files\bullguard ltd\bullguard\support\BgRaSvc.exe [2011-5-18 125784]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-9-4 30192]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-9-5 135664]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-9-4 84488]
S3 Partner Service;Partner Service;c:\programdata\partner\partner.exe [2011-9-4 110576]
.
=============== Created Last 30 ================
.
2011-09-13 16:40:51 388096 ----a-r- c:\users\henrieke\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-09-13 16:31:19 -------- d-----w- c:\program files\Trend Micro
2011-09-13 15:42:01 -------- d-----w- c:\users\henrieke\appdata\roaming\Malwarebytes
2011-09-13 15:41:25 -------- d-----w- c:\programdata\Malwarebytes
2011-09-13 15:41:21 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-13 15:41:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-11 08:20:21 -------- d-----w- c:\users\henrieke\appdata\roaming\Software Inspection Library
2011-09-11 08:11:24 -------- d-----w- c:\users\henrieke\appdata\roaming\BullGuard
2011-09-11 08:04:34 -------- d-----w- c:\programdata\BullGuard
2011-09-11 08:03:43 -------- d-----w- c:\program files\BullGuard Ltd
2011-09-09 14:13:07 -------- d-----w- c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-09-09 13:47:31 -------- d-----w- c:\users\henrieke\appdata\local\Adobe
2011-09-09 11:28:27 -------- d-----w- c:\users\henrieke\appdata\roaming\Sammsoft
2011-09-09 11:11:56 -------- d-----w- c:\users\henrieke\appdata\local\PackageAware
2011-09-07 09:55:52 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-07 09:12:54 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-09-07 09:12:54 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-09-07 09:12:54 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-09-07 09:12:54 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-09-07 09:12:54 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-09-07 09:10:21 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-09-06 15:16:22 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-09-06 15:16:20 17920 ----a-w- c:\windows\system32\netevent.dll
2011-09-06 15:15:56 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-09-06 15:15:46 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-09-06 15:15:45 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-09-06 10:09:29 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-09-06 10:09:29 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-09-06 10:09:26 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-09-06 10:09:25 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-09-06 09:54:31 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2011-09-06 09:51:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-09-06 09:28:18 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-09-06 09:28:17 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-09-06 09:28:17 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-09-06 09:28:17 11264 ----a-w- c:\windows\system32\icardres.dll
2011-09-06 09:28:17 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-09-06 09:28:15 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-09-06 09:22:19 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-09-06 09:22:15 83968 ----a-w- c:\windows\system32\mscories.dll
2011-09-06 09:18:20 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-09-06 09:18:19 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-09-06 09:18:19 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-09-06 09:14:14 -------- d-----w- c:\program files\MSXML 4.0
2011-09-06 09:09:02 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-09-05 09:29:52 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2011-09-05 09:29:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2011-09-05 09:29:20 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2011-09-05 08:58:58 385024 ----a-w- c:\windows\system32\html.iec
2011-09-05 08:58:57 743424 ----a-w- c:\program files\internet explorer\iedvtool.dll
2011-09-05 08:58:54 638232 ----a-w- c:\program files\internet explorer\iexplore.exe
2011-09-05 08:58:11 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-09-05 08:58:04 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-09-05 08:55:59 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2011-09-05 08:54:59 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-09-05 08:54:20 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-09-05 08:54:16 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-09-05 08:54:16 323072 ----a-w- c:\windows\system32\sbe.dll
2011-09-05 08:54:15 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-09-05 08:54:15 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-09-05 08:54:07 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-09-05 08:54:01 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-09-05 08:54:00 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-09-05 08:53:59 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-09-05 08:53:59 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-09-05 08:53:58 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-09-05 08:53:52 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-09-05 08:53:47 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-09-05 08:53:39 81920 ----a-w- c:\windows\system32\consent.exe
2011-09-05 08:53:22 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-09-05 08:53:20 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2011-09-05 08:53:14 501760 ----a-w- c:\windows\system32\usp10.dll
2011-09-05 08:53:05 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-09-05 08:53:03 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-09-05 08:51:59 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-09-05 08:50:48 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-09-05 08:50:09 104960 ----a-w- c:\windows\system32\netiohlp.dll
2011-09-05 08:50:06 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-09-05 08:50:06 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-09-05 08:50:06 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-09-05 08:50:06 10240 ----a-w- c:\windows\system32\finger.exe
2011-09-05 08:50:05 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-09-05 08:50:05 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-09-05 08:50:05 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-09-05 08:48:49 636928 ----a-w- c:\windows\system32\localspl.dll
2011-09-05 08:48:46 126464 ----a-w- c:\windows\system32\spoolsv.exe
2011-09-05 08:48:42 296960 ----a-w- c:\windows\system32\gdi32.dll
2011-09-05 08:48:37 2927104 ----a-w- c:\windows\explorer.exe
2011-09-05 08:48:33 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-09-05 08:48:27 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-09-05 08:48:22 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-09-05 08:48:18 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-09-05 08:46:55 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-09-05 08:46:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-09-05 08:46:54 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2011-09-05 08:46:53 9728 ----a-w- c:\windows\system32\lsass.exe
2011-09-05 08:46:53 72704 ----a-w- c:\windows\system32\secur32.dll
2011-09-05 08:46:53 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-09-05 08:46:46 443392 ----a-w- c:\windows\system32\win32spl.dll
2011-09-05 08:46:38 24064 ----a-w- c:\windows\system32\amxread.dll
2011-09-05 08:46:38 13824 ----a-w- c:\windows\system32\apilogen.dll
2011-09-05 08:46:33 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-09-05 08:46:25 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-05 08:45:34 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-09-05 08:45:30 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-09-05 08:45:30 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-09-05 08:45:19 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-09-05 08:45:19 511488 ----a-w- c:\windows\system32\RMActivate.exe
2011-09-05 08:45:18 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-09-05 08:45:17 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2011-09-05 08:45:17 472064 ----a-w- c:\windows\system32\secproc.dll
2011-09-05 08:45:17 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-09-05 08:45:15 329216 ----a-w- c:\windows\system32\msdrm.dll
2011-09-05 08:45:15 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-09-05 08:45:15 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-09-05 08:43:59 281600 ----a-w- c:\windows\system32\raschap.dll
2011-09-05 08:43:59 244224 ----a-w- c:\windows\system32\rastls.dll
2011-09-05 08:43:16 351232 ----a-w- c:\windows\system32\WSDApi.dll
2011-09-05 08:43:05 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-09-05 08:21:12 -------- d-----w- c:\program files\HyvesToolbar
2011-09-05 08:19:28 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-09-05 08:19:25 98304 ----a-w- c:\windows\system32\cabview.dll
2011-09-04 19:44:22 -------- d-----w- c:\programdata\Sports Interactive
2011-09-04 19:01:34 49152 ----a-w- c:\windows\INTEROP.IWSHRUNTIMELIBRARY.DLL
2011-09-04 19:01:34 380928 ----a-w- c:\windows\ACERSTORE.EXE
2011-09-04 19:01:28 3 ----a-w- c:\windows\AFirst.cmd
2011-09-04 19:01:28 17730504 ----a-w- c:\windows\eRy.exe
2011-09-04 19:01:24 55808 ----a-w- c:\windows\devcon.exe
2011-09-04 19:01:24 397 ----a-w- c:\windows\MSSEC_RB.CMD
2011-09-04 19:01:24 387 ----a-w- c:\windows\MSSFT_RB.CMD
2011-09-04 19:01:24 336 ----a-w- c:\windows\ACERTOURREMINDERRUN.REG
2011-09-04 19:01:24 294 ----a-w- c:\windows\offline.reg
2011-09-04 19:01:24 2022 ----a-w- c:\windows\CLEANUP.CMD
2011-09-04 19:01:24 155 ----a-w- c:\windows\IR.reg
2011-09-04 15:02:07 -------- d-----w- c:\program files\common files\Steam
2011-09-04 15:02:04 -------- d-----w- c:\program files\Steam
2011-09-04 15:01:36 -------- d--h--w- c:\program files\Zero G Registry
2011-09-04 15:01:36 -------- d-----w- c:\program files\Sports Interactive
2011-09-04 15:01:11 -------- d--h--w- c:\users\henrieke\InstallAnywhere
2011-09-04 13:42:07 -------- d-----w- c:\programdata\Soulseek
2011-09-04 13:42:03 -------- d-----w- c:\program files\BabylonToolbar
2011-09-04 13:41:47 -------- d-----w- c:\users\henrieke\appdata\roaming\Babylon
2011-09-04 13:41:47 -------- d-----w- c:\users\henrieke\appdata\local\Babylon
2011-09-04 13:41:47 -------- d-----w- c:\programdata\Babylon
2011-09-04 13:41:36 -------- d-----w- c:\program files\SoulseekNS
2011-09-04 12:06:36 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-09-04 12:05:12 -------- d--h--w- c:\windows\msdownld.tmp
2011-09-04 11:43:48 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-09-04 11:43:39 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-09-04 11:43:33 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-09-04 11:43:33 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-09-04 11:24:21 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-09-04 11:24:02 84488 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-09-04 11:24:02 64584 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-09-04 11:24:02 56064 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-09-04 11:24:02 52320 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-09-04 11:24:02 314088 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-09-04 11:24:02 165032 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-09-04 11:24:02 153280 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-09-04 11:23:54 -------- d-----w- c:\program files\common files\Mcafee
2011-09-04 11:23:53 -------- d-----w- c:\program files\McAfee.com
2011-09-04 11:23:51 -------- d-----w- c:\program files\McAfee
2011-09-04 10:23:53 148520 ----a-w- c:\windows\system32\mfevtps.exe
2011-09-04 09:57:21 894976 ----a-w- c:\windows\system32\drivers\athrusb.sys
2011-09-04 09:57:21 -------- d-----w- c:\program files\WLAN_Software
2011-09-04 09:56:51 -------- d-----w- c:\program files\AutoInstall
2011-09-04 09:52:29 -------- d-----w- c:\users\henrieke\appdata\local\PlayMovie
2011-09-04 09:45:01 327680 ----a-w- c:\windows\system32\Remove_eRecovery.exe
2011-09-04 09:45:01 16384 ----a-w- c:\windows\system32\LauncheRyAgentUser.exe
2011-09-04 09:45:01 16384 ----a-w- c:\windows\system32\ClearEvent.exe
2011-09-04 09:45:00 368640 ----a-w- c:\windows\system32\CheckD2DSystem.exe
2011-09-04 09:43:29 -------- d-----w- c:\program files\Apoint2K
2011-09-04 09:41:08 73728 ----a-w- c:\windows\system32\ISUSPM.cpl
2011-09-04 09:41:08 626688 ----a-w- c:\windows\Image.dll
2011-09-04 09:41:08 466944 ----a-w- c:\windows\Acer Crystal Eye webcam.EXE
2011-09-04 09:41:08 213936 ----a-w- c:\program files\common files\installshield\updateservice\ISUSPM.exe
2011-09-04 09:41:08 200704 ----a-w- c:\windows\PLFSetI.exe
2011-09-04 09:41:04 86960 ----a-w- c:\program files\common files\installshield\updateservice\issch.exe
2011-09-04 09:41:04 865200 ----a-w- c:\program files\common files\installshield\updateservice\agent.exe
2011-09-04 09:41:04 393216 ----a-w- c:\program files\common files\installshield\updateservice\_isusres.dll
2011-09-04 09:41:04 368640 ----a-w- c:\program files\common files\installshield\updateservice\_ispmres.dll
2011-09-04 09:41:04 283568 ----a-w- c:\program files\common files\installshield\updateservice\ISDM.exe
2011-09-04 09:40:37 -------- d-----w- c:\program files\Acer
2011-09-04 09:38:34 1695744 ----a-w- c:\windows\system32\gameux.dll
2011-09-04 09:32:53 6656 ----a-w- c:\windows\system32\kbd106n.dll
2011-09-04 09:32:45 19000 ----a-w- c:\windows\system32\kd1394.dll
2011-09-04 09:32:42 40960 ----a-w- c:\windows\system32\srclient.dll
2011-09-04 09:32:42 14848 ----a-w- c:\windows\system32\srdelayed.exe
2011-09-04 09:32:40 615992 ----a-w- c:\windows\system32\ci.dll
2011-09-04 09:32:39 988216 ----a-w- c:\windows\system32\winload.exe
2011-09-04 09:32:39 927288 ----a-w- c:\windows\system32\winresume.exe
2011-09-04 09:32:39 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2011-09-04 09:32:38 378368 ----a-w- c:\windows\system32\srcore.dll
2011-09-04 09:32:38 318464 ----a-w- c:\windows\system32\rstrui.exe
2011-09-04 09:31:43 -------- d-----w- C:\Convesoft
2011-09-04 09:30:28 40960 ------w- C:\junction.exe
2011-09-04 09:29:11 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2011-09-04 09:27:22 -------- d-----w- c:\program files\Launch Manager
2011-09-04 09:26:30 -------- d--h--w- c:\users\henrieke\appdata\local\acer eNM
2011-09-04 09:26:13 -------- d-----w- c:\users\henrieke\appdata\local\Google
2011-09-04 09:26:07 -------- d-sh--w- C:\$RECYCLE.BIN
2011-09-04 09:22:43 -------- d-----w- c:\programdata\Partner
2011-09-04 09:22:04 40280138 ----a-w- c:\windows\system32\acer.exe
2011-09-04 09:22:02 83554304 ----a-w- c:\windows\system32\acer.scr
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Sjablonen
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Menu Start
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Favorieten
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Documenten
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Bureaublad
2011-08-31 11:15:22 215624 ----a-w- c:\windows\system32\drivers\NSKernel.sys
2011-08-31 11:15:22 20040 ----a-w- c:\windows\system32\drivers\NSNetmon.sys
2011-08-31 11:15:14 61152 ----a-w- c:\windows\system32\drivers\BdSpy.sys
2011-08-31 11:15:14 34920 ----a-w- c:\windows\system32\drivers\afw.sys
2011-08-31 11:15:14 328296 ----a-w- c:\windows\system32\drivers\afwcore.sys
2011-08-31 11:15:14 304712 ----a-w- c:\windows\system32\drivers\Trufos.sys
2011-08-17 09:01:46 155992 ----a-w- c:\windows\system32\BGLsp.dll
.
==================== Find3M ====================
.
2011-07-06 14:56:47 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
.
============= FINISH: 19:02:44,82 ===============

Alvast bedankt!!!!

14 sep 2011 09:49 2 door Maxstar
Administrator

Hoi en welkom op het forum,

1. Je gebruikt twee virusscanners, verwijder hier één van omdat deze elkaar in de weg kunnen zitten, verwijder ook gelijk het volgende indien aanwezig want deze hebben een dubieuze reputatie.
Babylon toolbar
Hyves Toolbar

2. Download aswMBR.exe naar het bureaublad.

Dubbelklik op "aswMBR.exe" om de tool te starten.
Klik bij het volgende venster op "Nee"
Klik op de knop "scan"
Als de scan gereed is klikt u op de knop "save log"
Plaats dit log bestand in het volgende bericht.

3. Download TDSSKiller en plaats het op je bureaublad.

Pak de bestanden in tdsskiller.zip uit.
Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
Let op!!! Windows Vista & 7 gebruikers dienen TDSSkiller als administrator uit te voeren "Rechtermuisknop uitvoeren als",
Klik op de knop "Start Scan" en volg de instructies.
Wanneer de scan klaar is klik je op de knop "Report".
Er opent een kladblokbestand. Post de inhoud van dit bestand.

Plaats het logje van aswMBR en TDSSkiller in het volgende bericht.

Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

meril

14 sep 2011 13:14 3 door meril
PC Web Plus - Member

Bedankt voor uw hulp, ik heb Bullguard en de twee toolbars gedelete, hieronder de log files:

aswMBR

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-09-14 13:08:10
-----------------------------
13:08:10.064 OS Version: Windows 6.0.6001 Service Pack 1
13:08:10.064 Number of processors: 2 586 0x6802
13:08:10.064 ComputerName: PC_VAN_HENRIEKE UserName: Henrieke
13:08:33.979 Initialize success
13:08:44.296 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
13:08:44.296 Disk 0 Vendor: WDC_WD2500BEVT-22ZCT0 11.01A11 Size: 238475MB BusType: 3
13:08:46.324 Disk 0 MBR read successfully
13:08:46.324 Disk 0 MBR scan
13:08:46.324 Disk 0 unknown MBR code
13:08:46.340 Disk 0 scanning sectors +488394752
13:08:46.434 Disk 0 scanning C:\Windows\system32\drivers
13:08:55.778 Service scanning
13:08:59.132 Modules scanning
13:09:03.469 Disk 0 trace - called modules:
13:09:03.500 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
13:09:03.500 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85e27968]
13:09:03.500 3 CLASSPNP.SYS[8a9ab745] -> nt!IofCallDriver -> [0x84d8c8d0]
13:09:03.516 5 acpi.sys[8a4096a0] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x8497d5b0]
13:09:03.531 Scan finished successfully
13:09:18.460 Disk 0 MBR has been saved successfully to "C:\Users\Henrieke\Documents\MBR.dat"
13:09:18.476 The log file has been saved successfully to "C:\Users\Henrieke\Documents\aswMBR.txt"

TDSS
Processed 258 objects
Infection: Not found

2011/09/14 13:11:49.0863 3592 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/14 13:11:50.0596 3592 ================================================================================
2011/09/14 13:11:50.0596 3592 SystemInfo:
2011/09/14 13:11:50.0596 3592
2011/09/14 13:11:50.0596 3592 OS Version: 6.0.6001 ServicePack: 1.0
2011/09/14 13:11:50.0596 3592 Product type: Workstation
2011/09/14 13:11:50.0596 3592 ComputerName: PC_VAN_HENRIEKE
2011/09/14 13:11:50.0596 3592 UserName: Henrieke
2011/09/14 13:11:50.0596 3592 Windows directory: C:\Windows
2011/09/14 13:11:50.0596 3592 System windows directory: C:\Windows
2011/09/14 13:11:50.0596 3592 Processor architecture: Intel x86
2011/09/14 13:11:50.0596 3592 Number of processors: 2
2011/09/14 13:11:50.0596 3592 Page size: 0x1000
2011/09/14 13:11:50.0596 3592 Boot type: Normal boot
2011/09/14 13:11:50.0596 3592 ================================================================================
2011/09/14 13:11:51.0657 3592 Initialize success
2011/09/14 13:11:57.0507 4952 ================================================================================
2011/09/14 13:11:57.0507 4952 Scan started
2011/09/14 13:11:57.0507 4952 Mode: Manual;
2011/09/14 13:11:57.0507 4952 ================================================================================
2011/09/14 13:11:58.0505 4952 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/09/14 13:11:58.0599 4952 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/09/14 13:11:58.0630 4952 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/09/14 13:11:58.0661 4952 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/09/14 13:11:58.0677 4952 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/09/14 13:11:58.0755 4952 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
2011/09/14 13:11:58.0801 4952 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/09/14 13:11:58.0848 4952 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/14 13:11:58.0879 4952 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/09/14 13:11:58.0911 4952 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/09/14 13:11:58.0926 4952 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/09/14 13:11:58.0957 4952 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/09/14 13:11:58.0989 4952 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2011/09/14 13:11:59.0051 4952 ApfiltrService (0a0fbc30de483233124cdaef8e5cbcdd) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/09/14 13:11:59.0098 4952 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/09/14 13:11:59.0129 4952 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/09/14 13:11:59.0160 4952 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/14 13:11:59.0191 4952 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/09/14 13:11:59.0254 4952 athr (d5abeb24a3a3138b35f88931fb04e100) C:\Windows\system32\DRIVERS\athr.sys
2011/09/14 13:11:59.0332 4952 athrusb (e7df2e07410f2e10ad53759d5beeb9ed) C:\Windows\system32\DRIVERS\athrusb.sys
2011/09/14 13:11:59.0488 4952 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/14 13:11:59.0535 4952 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/09/14 13:11:59.0597 4952 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/14 13:11:59.0628 4952 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/14 13:11:59.0659 4952 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/14 13:11:59.0691 4952 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/14 13:11:59.0722 4952 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/14 13:11:59.0753 4952 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/14 13:11:59.0784 4952 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/14 13:11:59.0800 4952 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/09/14 13:11:59.0862 4952 Cam5607 (bb04cb2f027d8de7d3bdaea147a706cb) C:\Windows\system32\Drivers\BisonC07.sys
2011/09/14 13:11:59.0925 4952 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/14 13:11:59.0956 4952 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/14 13:12:00.0003 4952 cfwids (7fd604cd7a7a0ff8975af61bdf64c577) C:\Windows\system32\drivers\cfwids.sys
2011/09/14 13:12:00.0034 4952 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/14 13:12:00.0096 4952 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/09/14 13:12:00.0127 4952 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/14 13:12:00.0174 4952 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/09/14 13:12:00.0205 4952 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/14 13:12:00.0221 4952 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/09/14 13:12:00.0252 4952 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/09/14 13:12:00.0330 4952 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
2011/09/14 13:12:00.0377 4952 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/09/14 13:12:00.0424 4952 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
2011/09/14 13:12:00.0517 4952 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
2011/09/14 13:12:00.0642 4952 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/14 13:12:00.0720 4952 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/14 13:12:00.0767 4952 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/14 13:12:00.0798 4952 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/09/14 13:12:00.0892 4952 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/09/14 13:12:00.0985 4952 enecir (29dcaeb81dde6f154aa4d36b18ecbb1f) C:\Windows\system32\DRIVERS\enecir.sys
2011/09/14 13:12:01.0079 4952 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/09/14 13:12:01.0141 4952 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/09/14 13:12:01.0173 4952 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/09/14 13:12:01.0219 4952 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/14 13:12:01.0282 4952 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/14 13:12:01.0297 4952 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/14 13:12:01.0329 4952 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/14 13:12:01.0391 4952 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/09/14 13:12:01.0422 4952 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/14 13:12:01.0453 4952 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/14 13:12:01.0594 4952 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/14 13:12:01.0625 4952 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/14 13:12:01.0656 4952 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/09/14 13:12:01.0672 4952 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
2011/09/14 13:12:01.0703 4952 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/09/14 13:12:01.0734 4952 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/09/14 13:12:01.0781 4952 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/09/14 13:12:01.0828 4952 HSF_DPV (3f53b4af98f8fd83b7f0b8b65d2d90a7) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/09/14 13:12:01.0875 4952 HSXHWAZL (194bc52fc0f53e540faf9de8a9c05255) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/09/14 13:12:01.0937 4952 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/09/14 13:12:01.0984 4952 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/09/14 13:12:02.0031 4952 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/14 13:12:02.0062 4952 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/09/14 13:12:02.0109 4952 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/14 13:12:02.0202 4952 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Acer\Empowering Technology\eRecovery\int15.sys
2011/09/14 13:12:02.0296 4952 IntcAzAudAddService (f6548a004e94996877d43b33ffcf20e3) C:\Windows\system32\drivers\RTKVHDA.sys
2011/09/14 13:12:02.0374 4952 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/09/14 13:12:02.0405 4952 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/14 13:12:02.0452 4952 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/14 13:12:02.0514 4952 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/14 13:12:02.0545 4952 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/14 13:12:02.0561 4952 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/14 13:12:02.0592 4952 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/09/14 13:12:02.0639 4952 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/14 13:12:02.0655 4952 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/14 13:12:02.0670 4952 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/14 13:12:02.0717 4952 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/14 13:12:02.0733 4952 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/14 13:12:02.0795 4952 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/14 13:12:02.0904 4952 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/14 13:12:02.0967 4952 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/14 13:12:02.0982 4952 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/14 13:12:03.0013 4952 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/14 13:12:03.0045 4952 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/14 13:12:03.0107 4952 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
2011/09/14 13:12:03.0247 4952 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/09/14 13:12:03.0263 4952 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/09/14 13:12:03.0310 4952 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/09/14 13:12:03.0372 4952 mfeapfk (688b626fca708ee9eb161cad1f7363a9) C:\Windows\system32\drivers\mfeapfk.sys
2011/09/14 13:12:03.0435 4952 mfeavfk (dbf6e1b388d5c070d438c61adb990c30) C:\Windows\system32\drivers\mfeavfk.sys
2011/09/14 13:12:03.0497 4952 mfebopk (a528b15e330edb83ea649be318d841d5) C:\Windows\system32\drivers\mfebopk.sys
2011/09/14 13:12:03.0528 4952 mfefirek (c7da1b8003c89acedaa13768f7a1c622) C:\Windows\system32\drivers\mfefirek.sys
2011/09/14 13:12:03.0591 4952 mfehidk (44184f32392fa2e94d08d056ce750d56) C:\Windows\system32\drivers\mfehidk.sys
2011/09/14 13:12:03.0622 4952 mfenlfk (3a1aa28066785449da570462e0532d0c) C:\Windows\system32\DRIVERS\mfenlfk.sys
2011/09/14 13:12:03.0653 4952 mferkdet (ce1711f7c3f72f6762abd241dcfd5ee1) C:\Windows\system32\drivers\mferkdet.sys
2011/09/14 13:12:03.0700 4952 mfewfpk (b2baac6bbedda3e26e82db13fa0e5bee) C:\Windows\system32\drivers\mfewfpk.sys
2011/09/14 13:12:03.0747 4952 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/14 13:12:03.0793 4952 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/14 13:12:03.0825 4952 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/14 13:12:03.0840 4952 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/14 13:12:03.0887 4952 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/14 13:12:03.0949 4952 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/09/14 13:12:03.0981 4952 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/14 13:12:04.0012 4952 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/14 13:12:04.0043 4952 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/09/14 13:12:04.0090 4952 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/14 13:12:04.0121 4952 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/14 13:12:04.0152 4952 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/14 13:12:04.0183 4952 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/09/14 13:12:04.0215 4952 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/09/14 13:12:04.0277 4952 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/14 13:12:04.0308 4952 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/14 13:12:04.0355 4952 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/14 13:12:04.0371 4952 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/14 13:12:04.0402 4952 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/14 13:12:04.0449 4952 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/09/14 13:12:04.0480 4952 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/14 13:12:04.0495 4952 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/14 13:12:04.0527 4952 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/09/14 13:12:04.0589 4952 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/14 13:12:04.0636 4952 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/09/14 13:12:04.0683 4952 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/14 13:12:04.0714 4952 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/14 13:12:04.0745 4952 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/14 13:12:04.0776 4952 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/14 13:12:04.0807 4952 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/14 13:12:04.0839 4952 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/14 13:12:04.0885 4952 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/14 13:12:04.0917 4952 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/09/14 13:12:04.0948 4952 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/14 13:12:05.0010 4952 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/09/14 13:12:05.0041 4952 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/09/14 13:12:05.0088 4952 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/14 13:12:05.0104 4952 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/14 13:12:05.0166 4952 NVENETFD (d668632606d1cebf0b6ec64c1df7ed6f) C:\Windows\system32\DRIVERS\nvmfdx32.sys
2011/09/14 13:12:05.0416 4952 nvlddmkm (02a96700623af401a4f6632af04c0464) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/09/14 13:12:05.0634 4952 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/09/14 13:12:05.0681 4952 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys
2011/09/14 13:12:05.0697 4952 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/09/14 13:12:05.0743 4952 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/09/14 13:12:05.0837 4952 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/14 13:12:05.0884 4952 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/09/14 13:12:05.0915 4952 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/09/14 13:12:05.0962 4952 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/09/14 13:12:05.0993 4952 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/09/14 13:12:06.0024 4952 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/09/14 13:12:06.0040 4952 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/09/14 13:12:06.0258 4952 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/14 13:12:06.0367 4952 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/14 13:12:06.0399 4952 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/09/14 13:12:06.0477 4952 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/14 13:12:06.0492 4952 PSDFilter (18de162f9b83079c24cd96f59292f5ed) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/09/14 13:12:06.0539 4952 PSDNServ (bc1457a28e76ab3106d43802ac22a627) C:\Windows\system32\DRIVERS\PSDNServ.sys
2011/09/14 13:12:06.0570 4952 psdvdisk (ac151e5b0943304e368c98ec78b5fc4f) C:\Windows\system32\DRIVERS\PSDVdisk.sys
2011/09/14 13:12:06.0633 4952 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/09/14 13:12:06.0695 4952 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/14 13:12:06.0742 4952 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/14 13:12:06.0773 4952 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/14 13:12:06.0804 4952 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/14 13:12:06.0835 4952 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/14 13:12:06.0851 4952 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/14 13:12:06.0882 4952 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/14 13:12:06.0913 4952 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/14 13:12:06.0960 4952 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/09/14 13:12:06.0991 4952 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/14 13:12:07.0023 4952 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/09/14 13:12:07.0069 4952 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/09/14 13:12:07.0101 4952 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/09/14 13:12:07.0132 4952 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2011/09/14 13:12:07.0163 4952 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/14 13:12:07.0210 4952 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/14 13:12:07.0272 4952 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/09/14 13:12:07.0303 4952 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/14 13:12:07.0335 4952 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/09/14 13:12:07.0366 4952 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/09/14 13:12:07.0381 4952 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/14 13:12:07.0428 4952 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/09/14 13:12:07.0459 4952 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/14 13:12:07.0475 4952 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/14 13:12:07.0506 4952 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/09/14 13:12:07.0537 4952 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/09/14 13:12:07.0584 4952 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/09/14 13:12:07.0600 4952 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/09/14 13:12:07.0647 4952 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/09/14 13:12:07.0693 4952 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/14 13:12:07.0756 4952 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/09/14 13:12:07.0803 4952 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/14 13:12:07.0818 4952 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/14 13:12:07.0881 4952 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/14 13:12:07.0927 4952 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/14 13:12:07.0943 4952 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/14 13:12:07.0974 4952 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/14 13:12:08.0068 4952 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/09/14 13:12:08.0130 4952 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/14 13:12:08.0161 4952 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/14 13:12:08.0193 4952 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/14 13:12:08.0208 4952 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/14 13:12:08.0239 4952 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/14 13:12:08.0271 4952 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/14 13:12:08.0333 4952 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/14 13:12:08.0364 4952 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/14 13:12:08.0395 4952 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/14 13:12:08.0411 4952 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/09/14 13:12:08.0442 4952 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/14 13:12:08.0489 4952 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/14 13:12:08.0520 4952 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/09/14 13:12:08.0536 4952 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/14 13:12:08.0567 4952 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/14 13:12:08.0598 4952 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/14 13:12:08.0645 4952 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/14 13:12:08.0692 4952 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/14 13:12:08.0707 4952 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/14 13:12:08.0739 4952 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/14 13:12:08.0770 4952 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
2011/09/14 13:12:08.0785 4952 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/09/14 13:12:08.0832 4952 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/14 13:12:08.0863 4952 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/14 13:12:08.0895 4952 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/09/14 13:12:08.0926 4952 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/14 13:12:08.0957 4952 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/14 13:12:08.0973 4952 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/09/14 13:12:09.0004 4952 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/09/14 13:12:09.0019 4952 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/09/14 13:12:09.0066 4952 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/14 13:12:09.0097 4952 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/09/14 13:12:09.0129 4952 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/09/14 13:12:09.0175 4952 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/09/14 13:12:09.0238 4952 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/14 13:12:09.0269 4952 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/14 13:12:09.0285 4952 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/14 13:12:09.0331 4952 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/09/14 13:12:09.0363 4952 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/14 13:12:09.0441 4952 winachsf (c9c63410d8cf98f621b9cc62243fb877) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/09/14 13:12:09.0519 4952 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/09/14 13:12:09.0612 4952 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/09/14 13:12:09.0659 4952 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/14 13:12:09.0706 4952 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/14 13:12:09.0753 4952 XAudio (2e579520e114a9ca309f13bf40ad8292) C:\Windows\system32\DRIVERS\xaudio.sys
2011/09/14 13:12:09.0862 4952 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (5867ce254625645345c833510d24f124) C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
2011/09/14 13:12:09.0924 4952 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
2011/09/14 13:12:10.0954 4952 Boot (0x1200) (90b7c7936e3da2d05c74959b72eef072) \Device\Harddisk0\DR0\Partition0
2011/09/14 13:12:10.0985 4952 Boot (0x1200) (6e000c46ab302f9728e418d7f480a6b2) \Device\Harddisk0\DR0\Partition1
2011/09/14 13:12:11.0001 4952 ================================================================================
2011/09/14 13:12:11.0001 4952 Scan finished
2011/09/14 13:12:11.0001 4952 ================================================================================
2011/09/14 13:12:11.0016 4740 Detected object count: 0
2011/09/14 13:12:11.0016 4740 Actual detected object count: 0

Bedankt weer!

14 sep 2011 14:39 4 door Maxstar
Administrator

Hoi,

Start aswMBR.exe opnieuw.

Klik bij het volgende venster op "Nee"
Klik op de knop "scan"
Klik nu op de knop "Fix" of "FixMBR"
Herstart hierna de computer en laat aswMBR nogmaals scannen en plaats hiervan het nieuwe logje.

Plaats dit logje samen met een nieuw logje van DDS in het volgende bericht.

Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

meril

14 sep 2011 15:07 5 door meril
PC Web Plus - Member

Hi,
aswMBR:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-09-14 14:58:45
-----------------------------
14:58:45.029 OS Version: Windows 6.0.6001 Service Pack 1
14:58:45.029 Number of processors: 2 586 0x6802
14:58:45.060 ComputerName: PC_VAN_HENRIEKE UserName: Henrieke
14:58:45.965 Initialize success
14:58:52.727 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
14:58:52.789 Disk 0 Vendor: WDC_WD2500BEVT-22ZCT0 11.01A11 Size: 238475MB BusType: 3
14:58:54.833 Disk 0 MBR read successfully
14:58:54.833 Disk 0 MBR scan
14:58:54.849 Disk 0 Windows VISTA default MBR code
14:58:54.849 Disk 0 scanning sectors +488394752
14:58:54.958 Disk 0 scanning C:\Windows\system32\drivers
14:59:03.101 Service scanning
14:59:05.893 Modules scanning
14:59:23.100 Disk 0 trace - called modules:
14:59:23.147 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys
14:59:23.163 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85f5b730]
14:59:23.163 3 CLASSPNP.SYS[8a99f745] -> nt!IofCallDriver -> [0x85774c10]
14:59:23.163 5 acpi.sys[8a4116a0] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x849edba0]
14:59:23.677 Scan finished successfully
14:59:46.353 Disk 0 MBR has been saved successfully to "C:\Users\Henrieke\Desktop\MBR.dat"
14:59:46.368 The log file has been saved successfully to "C:\Users\Henrieke\Desktop\aswMBR.txt"

DDS:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19088
Run by Henrieke at 15:03:28 on 2011-09-14
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3070.1853 [GMT 2:00]
.
AV: McAfee Antivirus en antispyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Antivirus en antispyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Users\Henrieke\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\wuauclt.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conime.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.hotmail.com/" onclick="window.open(this.href);return false;
uSearch Page =
uDefault_Page_URL = hxxp://www.hyves.nl" onclick="window.open(this.href);return false;
uWindow Title = Windows Internet Explorer wordt aangeboden door Hyves
uSearch Bar =
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0911&m=aspire_5520" onclick="window.open(this.href);return false;
mDefault_Page_URL = hxxp://nl.intl.acer.yahoo.com" onclick="window.open(this.href);return false;
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110904132421.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
BHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - c:\programdata\partner\partner.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\x86\eDSloader.exe
mRun: [eAudio] "c:\acer\empowering technology\eaudio\eAudio.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SetPanel] c:\acer\apanel\APanel.cmd
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [PlayMovie] "c:\program files\acer arcade deluxe\play movie\PMVService.exe"
mRun: [WarReg_PopUp] c:\program files\acer\wr_popup\WarReg_PopUp.exe
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [PLFSetL] c:\windows\\PLFSetL.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [eRecoveryService]
mRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe
mRun: [AutoEJCD_0ACE20FF] c:\program files\autoinstall\zd1211b_auto_install_cd_only_gen_0ace20ff\AutoEJCD.EXE /VID=0ACE /PID=20FF
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{5D25DAFA-2500-47E1-B214-F34F802BAC99} : DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{EB5BBD8A-006B-42AE-A647-A150D71D5249} : DhcpNameServer = 62.179.104.196 213.46.228.196
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-5-22 459728]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-9-4 64584]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-9-4 165032]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\play movie\000.fcl [2011-9-4 41456]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-13 366152]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-9-4 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-9-4 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-9-4 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-9-4 148520]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\drivers\athrusb.sys [2011-9-4 894976]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-9-4 56064]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-5-23 32256]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-13 22216]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-9-4 153280]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-9-4 52320]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-9-4 314088]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-9-5 135664]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-9-4 30192]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-9-5 135664]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-9-4 84488]
S3 Partner Service;Partner Service;c:\programdata\partner\partner.exe [2011-9-4 110576]
.
=============== Created Last 30 ================
.
2011-09-13 16:40:51 388096 ----a-r- c:\users\henrieke\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-09-13 16:31:19 -------- d-----w- c:\program files\Trend Micro
2011-09-13 15:42:01 -------- d-----w- c:\users\henrieke\appdata\roaming\Malwarebytes
2011-09-13 15:41:25 -------- d-----w- c:\programdata\Malwarebytes
2011-09-13 15:41:21 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-13 15:41:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-11 08:20:21 -------- d-----w- c:\users\henrieke\appdata\roaming\Software Inspection Library
2011-09-11 08:11:24 -------- d-----w- c:\users\henrieke\appdata\roaming\BullGuard
2011-09-11 08:04:34 -------- d-----w- c:\programdata\BullGuard
2011-09-09 14:13:07 -------- d-----w- c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-09-09 13:47:31 -------- d-----w- c:\users\henrieke\appdata\local\Adobe
2011-09-09 11:28:27 -------- d-----w- c:\users\henrieke\appdata\roaming\Sammsoft
2011-09-09 11:11:56 -------- d-----w- c:\users\henrieke\appdata\local\PackageAware
2011-09-07 09:55:52 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-07 09:12:54 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-09-07 09:12:54 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-09-07 09:12:54 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-09-07 09:12:54 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-09-07 09:12:54 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-09-07 09:10:21 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-09-06 15:16:22 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-09-06 15:16:20 17920 ----a-w- c:\windows\system32\netevent.dll
2011-09-06 15:15:56 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-09-06 15:15:46 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-09-06 15:15:45 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-09-06 10:09:29 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-09-06 10:09:29 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-09-06 10:09:26 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-09-06 10:09:25 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-09-06 09:54:31 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2011-09-06 09:51:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-09-06 09:28:18 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-09-06 09:28:17 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-09-06 09:28:17 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-09-06 09:28:17 11264 ----a-w- c:\windows\system32\icardres.dll
2011-09-06 09:28:17 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-09-06 09:28:15 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-09-06 09:22:19 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-09-06 09:22:15 83968 ----a-w- c:\windows\system32\mscories.dll
2011-09-06 09:18:20 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-09-06 09:18:19 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-09-06 09:18:19 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-09-06 09:14:14 -------- d-----w- c:\program files\MSXML 4.0
2011-09-06 09:09:02 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-09-05 09:29:52 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2011-09-05 09:29:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2011-09-05 09:29:20 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2011-09-05 08:58:58 385024 ----a-w- c:\windows\system32\html.iec
2011-09-05 08:58:57 743424 ----a-w- c:\program files\internet explorer\iedvtool.dll
2011-09-05 08:58:54 638232 ----a-w- c:\program files\internet explorer\iexplore.exe
2011-09-05 08:58:11 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-09-05 08:58:04 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-09-05 08:55:59 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2011-09-05 08:54:59 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-09-05 08:54:20 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-09-05 08:54:16 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-09-05 08:54:16 323072 ----a-w- c:\windows\system32\sbe.dll
2011-09-05 08:54:15 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-09-05 08:54:15 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-09-05 08:54:07 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-09-05 08:54:01 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-09-05 08:54:00 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-09-05 08:53:59 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-09-05 08:53:59 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-09-05 08:53:58 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-09-05 08:53:52 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-09-05 08:53:47 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-09-05 08:53:39 81920 ----a-w- c:\windows\system32\consent.exe
2011-09-05 08:53:22 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-09-05 08:53:20 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2011-09-05 08:53:14 501760 ----a-w- c:\windows\system32\usp10.dll
2011-09-05 08:53:05 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-09-05 08:53:03 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-09-05 08:51:59 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-09-05 08:50:48 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-09-05 08:50:09 104960 ----a-w- c:\windows\system32\netiohlp.dll
2011-09-05 08:50:06 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-09-05 08:50:06 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-09-05 08:50:06 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-09-05 08:50:06 10240 ----a-w- c:\windows\system32\finger.exe
2011-09-05 08:50:05 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-09-05 08:50:05 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-09-05 08:50:05 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-09-05 08:48:49 636928 ----a-w- c:\windows\system32\localspl.dll
2011-09-05 08:48:46 126464 ----a-w- c:\windows\system32\spoolsv.exe
2011-09-05 08:48:42 296960 ----a-w- c:\windows\system32\gdi32.dll
2011-09-05 08:48:37 2927104 ----a-w- c:\windows\explorer.exe
2011-09-05 08:48:33 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-09-05 08:48:27 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-09-05 08:48:22 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-09-05 08:48:18 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-09-05 08:46:55 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-09-05 08:46:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-09-05 08:46:54 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2011-09-05 08:46:53 9728 ----a-w- c:\windows\system32\lsass.exe
2011-09-05 08:46:53 72704 ----a-w- c:\windows\system32\secur32.dll
2011-09-05 08:46:53 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-09-05 08:46:46 443392 ----a-w- c:\windows\system32\win32spl.dll
2011-09-05 08:46:38 24064 ----a-w- c:\windows\system32\amxread.dll
2011-09-05 08:46:38 13824 ----a-w- c:\windows\system32\apilogen.dll
2011-09-05 08:46:33 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-09-05 08:46:25 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-05 08:45:34 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-09-05 08:45:30 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-09-05 08:45:30 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-09-05 08:45:19 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-09-05 08:45:19 511488 ----a-w- c:\windows\system32\RMActivate.exe
2011-09-05 08:45:18 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-09-05 08:45:17 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2011-09-05 08:45:17 472064 ----a-w- c:\windows\system32\secproc.dll
2011-09-05 08:45:17 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-09-05 08:45:15 329216 ----a-w- c:\windows\system32\msdrm.dll
2011-09-05 08:45:15 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-09-05 08:45:15 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-09-05 08:43:59 281600 ----a-w- c:\windows\system32\raschap.dll
2011-09-05 08:43:59 244224 ----a-w- c:\windows\system32\rastls.dll
2011-09-05 08:43:16 351232 ----a-w- c:\windows\system32\WSDApi.dll
2011-09-05 08:43:05 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-09-05 08:21:12 -------- d-----w- c:\program files\HyvesToolbar
2011-09-05 08:19:28 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-09-05 08:19:25 98304 ----a-w- c:\windows\system32\cabview.dll
2011-09-04 19:44:22 -------- d-----w- c:\programdata\Sports Interactive
2011-09-04 19:01:34 49152 ----a-w- c:\windows\INTEROP.IWSHRUNTIMELIBRARY.DLL
2011-09-04 19:01:34 380928 ----a-w- c:\windows\ACERSTORE.EXE
2011-09-04 19:01:28 3 ----a-w- c:\windows\AFirst.cmd
2011-09-04 19:01:28 17730504 ----a-w- c:\windows\eRy.exe
2011-09-04 19:01:24 55808 ----a-w- c:\windows\devcon.exe
2011-09-04 19:01:24 397 ----a-w- c:\windows\MSSEC_RB.CMD
2011-09-04 19:01:24 387 ----a-w- c:\windows\MSSFT_RB.CMD
2011-09-04 19:01:24 336 ----a-w- c:\windows\ACERTOURREMINDERRUN.REG
2011-09-04 19:01:24 294 ----a-w- c:\windows\offline.reg
2011-09-04 19:01:24 2022 ----a-w- c:\windows\CLEANUP.CMD
2011-09-04 19:01:24 155 ----a-w- c:\windows\IR.reg
2011-09-04 15:02:07 -------- d-----w- c:\program files\common files\Steam
2011-09-04 15:02:04 -------- d-----w- c:\program files\Steam
2011-09-04 15:01:36 -------- d--h--w- c:\program files\Zero G Registry
2011-09-04 15:01:36 -------- d-----w- c:\program files\Sports Interactive
2011-09-04 15:01:11 -------- d--h--w- c:\users\henrieke\InstallAnywhere
2011-09-04 13:42:07 -------- d-----w- c:\programdata\Soulseek
2011-09-04 13:41:47 -------- d-----w- c:\users\henrieke\appdata\roaming\Babylon
2011-09-04 13:41:47 -------- d-----w- c:\users\henrieke\appdata\local\Babylon
2011-09-04 13:41:47 -------- d-----w- c:\programdata\Babylon
2011-09-04 13:41:36 -------- d-----w- c:\program files\SoulseekNS
2011-09-04 12:06:36 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-09-04 12:05:12 -------- d--h--w- c:\windows\msdownld.tmp
2011-09-04 11:43:48 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-09-04 11:43:39 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-09-04 11:43:33 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-09-04 11:43:33 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-09-04 11:24:21 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-09-04 11:24:02 84488 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-09-04 11:24:02 64584 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-09-04 11:24:02 56064 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-09-04 11:24:02 52320 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-09-04 11:24:02 314088 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-09-04 11:24:02 165032 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-09-04 11:24:02 153280 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-09-04 11:23:54 -------- d-----w- c:\program files\common files\Mcafee
2011-09-04 11:23:53 -------- d-----w- c:\program files\McAfee.com
2011-09-04 11:23:51 -------- d-----w- c:\program files\McAfee
2011-09-04 10:23:53 148520 ----a-w- c:\windows\system32\mfevtps.exe
2011-09-04 09:57:21 894976 ----a-w- c:\windows\system32\drivers\athrusb.sys
2011-09-04 09:57:21 -------- d-----w- c:\program files\WLAN_Software
2011-09-04 09:56:51 -------- d-----w- c:\program files\AutoInstall
2011-09-04 09:52:29 -------- d-----w- c:\users\henrieke\appdata\local\PlayMovie
2011-09-04 09:45:01 327680 ----a-w- c:\windows\system32\Remove_eRecovery.exe
2011-09-04 09:45:01 16384 ----a-w- c:\windows\system32\LauncheRyAgentUser.exe
2011-09-04 09:45:01 16384 ----a-w- c:\windows\system32\ClearEvent.exe
2011-09-04 09:45:00 368640 ----a-w- c:\windows\system32\CheckD2DSystem.exe
2011-09-04 09:43:29 -------- d-----w- c:\program files\Apoint2K
2011-09-04 09:41:08 73728 ----a-w- c:\windows\system32\ISUSPM.cpl
2011-09-04 09:41:08 626688 ----a-w- c:\windows\Image.dll
2011-09-04 09:41:08 466944 ----a-w- c:\windows\Acer Crystal Eye webcam.EXE
2011-09-04 09:41:08 213936 ----a-w- c:\program files\common files\installshield\updateservice\ISUSPM.exe
2011-09-04 09:41:08 200704 ----a-w- c:\windows\PLFSetI.exe
2011-09-04 09:41:04 86960 ----a-w- c:\program files\common files\installshield\updateservice\issch.exe
2011-09-04 09:41:04 865200 ----a-w- c:\program files\common files\installshield\updateservice\agent.exe
2011-09-04 09:41:04 393216 ----a-w- c:\program files\common files\installshield\updateservice\_isusres.dll
2011-09-04 09:41:04 368640 ----a-w- c:\program files\common files\installshield\updateservice\_ispmres.dll
2011-09-04 09:41:04 283568 ----a-w- c:\program files\common files\installshield\updateservice\ISDM.exe
2011-09-04 09:40:37 -------- d-----w- c:\program files\Acer
2011-09-04 09:38:34 1695744 ----a-w- c:\windows\system32\gameux.dll
2011-09-04 09:32:53 6656 ----a-w- c:\windows\system32\kbd106n.dll
2011-09-04 09:32:45 19000 ----a-w- c:\windows\system32\kd1394.dll
2011-09-04 09:32:42 40960 ----a-w- c:\windows\system32\srclient.dll
2011-09-04 09:32:42 14848 ----a-w- c:\windows\system32\srdelayed.exe
2011-09-04 09:32:40 615992 ----a-w- c:\windows\system32\ci.dll
2011-09-04 09:32:39 988216 ----a-w- c:\windows\system32\winload.exe
2011-09-04 09:32:39 927288 ----a-w- c:\windows\system32\winresume.exe
2011-09-04 09:32:39 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2011-09-04 09:32:38 378368 ----a-w- c:\windows\system32\srcore.dll
2011-09-04 09:32:38 318464 ----a-w- c:\windows\system32\rstrui.exe
2011-09-04 09:31:43 -------- d-----w- C:\Convesoft
2011-09-04 09:30:28 40960 ------w- C:\junction.exe
2011-09-04 09:29:11 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2011-09-04 09:27:22 -------- d-----w- c:\program files\Launch Manager
2011-09-04 09:26:30 -------- d--h--w- c:\users\henrieke\appdata\local\acer eNM
2011-09-04 09:26:13 -------- d-----w- c:\users\henrieke\appdata\local\Google
2011-09-04 09:26:07 -------- d-sh--w- C:\$RECYCLE.BIN
2011-09-04 09:22:43 -------- d-----w- c:\programdata\Partner
2011-09-04 09:22:04 40280138 ----a-w- c:\windows\system32\acer.exe
2011-09-04 09:22:02 83554304 ----a-w- c:\windows\system32\acer.scr
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Sjablonen
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Menu Start
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Favorieten
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Documenten
2011-09-04 09:17:51 -------- d-sh--we c:\programdata\Bureaublad
.
==================== Find3M ====================
.
2011-07-06 14:56:47 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
.
============= FINISH: 15:05:05,22 ===============

meril

14 sep 2011 15:26 6 door meril
PC Web Plus - Member

Hi,

kreeg trouwens wel zojuist de melding dat ie niet meer werkte, daarna deed hij het wel gewoon weer. Deze melding kreeg ik ook veel toen we nog niet wisten dat de pc geinfecteerd was....meld het maar even just in case!

Grtz!

14 sep 2011 16:26 7 door Maxstar
Administrator

Hoi,

Welke melding kreeg je precies en waarvan?

Download ComboFix van één van deze locaties:

Link 1
Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.

Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

* (hier of hier staat een handleiding over hoe je deze kan uitschakelen:)

Dubbelklik op "ComboFix.exe en ga "Akkoord" met de 'Disclaimer'
Als er een melding komt dat er "Een nieuwere versie van ComboFix" beschikbaar is klik dan op "Ja" om te updaten.

Klik na het update nogmaals op "Akkoord" en ComboFix zal nu starten.
Als de "Recovery Console" nog niet aanwezig is zal ComboFix deze installeren indien er een actieve internet verbinding nodig.

Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok"
Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bij bijvoorbeeld een aanwezige rootkit, dit is normaal.

* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

meril

14 sep 2011 16:59 8 door meril
PC Web Plus - Member

Hi,
de melding IE werkt niet meer kwam bij het openen van een nieuw venster.

Hieronder de log file Combofix, toen ik daarna IE wilde openen gaf hij melding 'er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering. Daarna opnieuw opgestart en werkt nu wel, is alleen zeer traag. Heb de netwerklocatie opnieuw ingesteld als Thuis.

ComboFix 11-09-14.01 - Henrieke 14-09-2011 16:36:42.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3070.1951 [GMT 2:00]
Gestart vanuit: c:\users\Henrieke\Desktop\ComboFix.exe
AV: McAfee Antivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Antivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-08-14 to 2011-09-14 ))))))))))))))))))))))))))))))
.
.
2011-09-14 14:45 . 2011-09-14 14:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-13 16:31 . 2011-09-13 16:31 -------- d-----w- c:\program files\Trend Micro
2011-09-13 15:41 . 2011-09-13 15:41 -------- d-----w- c:\programdata\Malwarebytes
2011-09-13 15:41 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-13 15:41 . 2011-09-13 15:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-11 08:04 . 2011-09-14 10:09 -------- d-----w- c:\programdata\BullGuard
2011-09-09 14:13 . 2011-09-09 14:13 -------- d-----w- c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-09-07 09:55 . 2011-09-07 09:55 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-07 09:12 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-09-07 09:12 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-09-07 09:12 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-09-07 09:12 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-09-07 09:12 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-09-07 09:10 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-09-06 15:16 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-09-06 15:16 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll
2011-09-06 15:15 . 2009-08-24 12:16 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-09-06 15:15 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-09-06 15:15 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-09-06 10:09 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-09-06 10:09 . 2008-04-23 04:41 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-09-06 10:09 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-09-06 10:09 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-09-06 09:54 . 2008-04-30 05:36 454656 ----a-w- c:\program files\Common Files\System\msadc\msadce.dll
2011-09-06 09:51 . 2010-02-12 10:48 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-09-06 09:47 . 2011-09-06 09:47 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-09-06 09:28 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-09-06 09:28 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-09-06 09:28 . 2008-06-20 01:14 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-09-06 09:28 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2011-09-06 09:28 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-09-06 09:28 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-09-06 09:22 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-09-06 09:22 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2011-09-06 09:18 . 2010-02-20 23:39 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-09-06 09:18 . 2010-02-20 23:37 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-09-06 09:18 . 2010-02-20 21:18 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-09-06 09:14 . 2011-09-06 09:14 -------- d-----w- c:\program files\MSXML 4.0
2011-09-06 09:09 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-09-05 19:31 . 2011-09-05 19:31 -------- d-----w- c:\program files\Microsoft Silverlight
2011-09-05 09:29 . 2008-06-26 01:45 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2011-09-05 09:29 . 2008-06-26 01:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2011-09-05 09:29 . 2008-06-26 03:29 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2011-09-05 08:58 . 2011-05-28 05:10 385024 ----a-w- c:\windows\system32\html.iec
2011-09-05 08:58 . 2011-05-28 06:03 743424 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2011-09-05 08:58 . 2011-05-28 06:09 638232 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2011-09-05 08:58 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2011-09-05 08:58 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-09-05 08:55 . 2011-02-18 13:31 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2011-09-05 08:54 . 2008-06-26 03:29 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-09-05 08:54 . 2010-08-20 15:21 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-09-05 08:54 . 2010-12-29 17:41 323072 ----a-w- c:\windows\system32\sbe.dll
2011-09-05 08:54 . 2010-12-29 17:41 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-09-05 08:54 . 2010-12-29 17:41 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-09-05 08:54 . 2010-12-29 17:39 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-09-05 08:54 . 2010-04-16 16:10 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-09-05 08:54 . 2010-11-06 11:09 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-09-05 08:54 . 2010-11-06 11:10 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-09-05 08:53 . 2010-11-06 11:10 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-09-05 08:53 . 2010-11-05 00:53 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-09-05 08:53 . 2010-11-06 11:10 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-09-05 08:53 . 2010-05-27 19:16 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-09-05 08:53 . 2010-06-11 15:30 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-09-05 08:53 . 2010-10-18 14:01 81920 ----a-w- c:\windows\system32\consent.exe
2011-09-05 08:53 . 2010-06-17 17:15 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll
2011-09-05 08:53 . 2010-06-17 15:49 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe
2011-09-05 08:53 . 2010-04-16 16:10 501760 ----a-w- c:\windows\system32\usp10.dll
2011-09-05 08:53 . 2008-06-06 03:27 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-09-05 08:53 . 2008-06-06 03:27 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-09-05 08:51 . 2009-03-03 04:36 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-09-05 08:50 . 2008-10-22 03:57 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-09-05 08:50 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2011-09-05 08:50 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-09-05 08:50 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-09-05 08:50 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-09-05 08:50 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2011-09-05 08:50 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-09-05 08:50 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-09-05 08:50 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-09-05 08:48 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll
2011-09-05 08:48 . 2010-08-17 13:32 126464 ----a-w- c:\windows\system32\spoolsv.exe
2011-09-05 08:48 . 2008-10-21 05:25 296960 ----a-w- c:\windows\system32\gdi32.dll
2011-09-05 08:48 . 2008-10-29 06:29 2927104 ----a-w- c:\windows\explorer.exe
2011-09-05 08:48 . 2009-08-10 11:01 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-09-05 08:48 . 2010-12-20 15:39 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-09-05 08:48 . 2010-04-05 16:08 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-09-05 08:48 . 2009-09-10 17:30 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-09-05 08:46 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-09-05 08:46 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-09-05 08:46 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2011-09-05 08:46 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-09-05 08:46 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2011-09-05 08:46 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
2011-09-05 08:46 . 2008-08-12 03:39 443392 ----a-w- c:\windows\system32\win32spl.dll
2011-09-05 08:46 . 2009-03-17 03:38 13824 ----a-w- c:\windows\system32\apilogen.dll
2011-09-05 08:46 . 2009-03-17 03:38 24064 ----a-w- c:\windows\system32\amxread.dll
2011-09-05 08:46 . 2008-05-10 01:33 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-09-05 08:46 . 2010-10-28 12:56 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-05 08:45 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-09-05 08:45 . 2009-07-14 08:30 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-09-05 08:45 . 2009-07-14 08:30 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-09-05 08:45 . 2010-01-25 08:35 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-09-05 08:45 . 2010-01-25 08:34 511488 ----a-w- c:\windows\system32\RMActivate.exe
2011-09-05 08:45 . 2010-01-25 08:34 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-09-05 08:45 . 2010-01-25 12:48 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2011-09-05 08:45 . 2010-01-25 12:48 472064 ----a-w- c:\windows\system32\secproc.dll
2011-09-05 08:45 . 2010-01-25 08:35 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-09-05 08:45 . 2010-01-25 12:48 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-09-05 08:45 . 2010-01-25 12:48 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-09-05 08:45 . 2010-01-25 12:45 329216 ----a-w- c:\windows\system32\msdrm.dll
2011-09-05 08:43 . 2009-10-07 12:41 244224 ----a-w- c:\windows\system32\rastls.dll
2011-09-05 08:43 . 2009-10-07 12:41 281600 ----a-w- c:\windows\system32\raschap.dll
2011-09-05 08:43 . 2009-08-10 13:05 351232 ----a-w- c:\windows\system32\WSDApi.dll
2011-09-05 08:43 . 2010-08-31 15:40 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-09-05 08:21 . 2011-09-14 10:12 -------- d-----w- c:\program files\HyvesToolbar
2011-09-05 08:19 . 2009-12-23 12:43 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-09-05 08:19 . 2010-01-15 00:04 98304 ----a-w- c:\windows\system32\cabview.dll
2011-09-04 19:44 . 2011-09-04 19:44 -------- d-----w- c:\programdata\Sports Interactive
2011-09-04 19:01 . 2008-05-08 21:58 49152 ----a-w- c:\windows\INTEROP.IWSHRUNTIMELIBRARY.DLL
2011-09-04 19:01 . 2011-09-04 19:01 3 ----a-w- c:\windows\AFirst.cmd
2011-09-04 19:01 . 2008-02-10 11:53 17730504 ----a-w- c:\windows\eRy.exe
2011-09-04 19:01 . 2011-09-04 09:21 2022 ----a-w- c:\windows\CLEANUP.CMD
2011-09-04 19:01 . 2007-08-10 08:37 397 ----a-w- c:\windows\MSSEC_RB.CMD
2011-09-04 19:01 . 2007-06-26 04:48 387 ----a-w- c:\windows\MSSFT_RB.CMD
2011-09-04 19:01 . 2007-04-26 15:02 294 ----a-w- c:\windows\offline.reg
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2011-09-04 09:22 157168 ----a-w- c:\programdata\Partner\partner.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-01-03 00:00 39472 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-09-04 68856]
"Steam"="c:\program files\Steam\Steam.exe" [2011-09-04 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-12-05 4710400]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-05 525360]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-10-10 1286144]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-05 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8534560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-09-04 30192]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-10-17 768520]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2008-01-22 200704]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"PLFSetL"="c:\windows\\PLFSetL.exe" [2007-07-05 94208]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-21 159744]
"AutoEJCD_0ACE20FF"="c:\program files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE" [2011-09-04 40960]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-06-28 1195408]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-05-27 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-5-22 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-09-05 135664]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-09-04 30192]
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-09-05 135664]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-04-14 84488]
R3 Partner Service;Partner Service;c:\programdata\partner\partner.exe [2011-09-04 110576]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2011-04-14 64584]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-04-14 165032]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-01-04 41456]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 188136]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-03-13 148520]
S3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2008-04-19 894976]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-04-14 56064]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-05-16 32256]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-04-14 314088]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*Deregistered* - aswMBR
*Deregistered* - mfeavfk01
.
Inhoud van de 'Gedeelde Taken' map
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-05 14:56]
.
2011-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-05 14:56]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.hotmail.com/" onclick="window.open(this.href);return false;
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0911&m=aspire_5520" onclick="window.open(this.href);return false;
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKLM-Run-SetPanel - c:\acer\APanel\APanel.cmd
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-Acer Tour Reminder - c:\acer\AcerTour\Reminder.exe
SafeBoot-BsScanner
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net" onclick="window.open(this.href);return false;
Rootkit scan 2011-09-14 16:45
Windows 6.0.6001 Service Pack 1 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'Explorer.exe'(3124)
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\acer\Empowering Technology\EPOWER\SysHook.dll
.
Voltooingstijd: 2011-09-14 16:48:15
ComboFix-quarantined-files.txt 2011-09-14 14:48
.
Pre-Run: 71.151.386.624 bytes beschikbaar
Post-Run: 71.291.170.816 bytes beschikbaar
.
- - End Of File - - 9E2F9169AA915D634291C615967B56BA

14 sep 2011 17:10 9 door Maxstar
Administrator

Hoi,

meril schreef:Hieronder de log file Combofix, toen ik daarna IE wilde openen gaf hij melding 'er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering. Daarna opnieuw opgestart en werkt nu wel, is alleen zeer traag.

Die melding van een ongeldige bewerking klopt en na een reboot is dit verholpen, die traagheid zal vooral komen door McAfee want dit is een gekend probleem.
Verwijder tijdelijk eens McAfee en kijk of dit probleem dan ook verholpen is.

Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

meril

14 sep 2011 17:13 10 door meril
PC Web Plus - Member

Hi,

traagheid is al wel iets minder nu...maar zal McAfee tijdelijk eens verwijderen...
Moet ik nog meer doen of ziet alles er nu goed uit?
Ben wel benieuwd wat er 'in normale mensentaal' allemaal gebeurd is...
Thx weer!!

14 sep 2011 17:27 11 door Maxstar
Administrator

Hoi,

meril schreef:Ben wel benieuwd wat er 'in normale mensentaal' allemaal gebeurd is...

Met deze logjes kan je zien of er infecties aanwezig zijn die een Antivirus 'malware' programma niet kunnen detecteren en of verwijderen zoals b.v. de Sinowal / Mebroot "Rootkits".
Heel simpel uitgelegd ziet het menselijk oog namelijk wel deze infecties door de aanwezige sporen, maar een Antivirus 'malware' programma b.v. niet omdat de malware gebruik maakt van b.v Stealth technieken die het Antivirus 'malware' programma simpelweg voor de gek houden bij het scannen van geïnfecteerde bestanden door een schoon exemplaar te tonen.
Maar dit is maar een heel beknopte omschrijving, meer gedetailleerde info over rootkits staat b.v. hier

meril schreef:Moet ik nog meer doen of ziet alles er nu goed uit?

De logje zien er goed uit, maar straks gaan we nog wel even opruimen.
Laat maar even weten hoe het gaat met de snelheid na het verwijderen van McAfee...

Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

meril

14 sep 2011 17:33 12 door meril
PC Web Plus - Member

Super! Echt heel erg fijn dat je kon helpen en bedankt voor de uitleg!
(Er was dus wel echt een virus aanwezig begrijp ik?)

Ik ben heel erg blij dat dit forum bestaat, en mensen zoals jij!

Voldoet McAfee wel als virusprogramma of kunnen we beter iets anders gebruiken? Hebben deze net aangeschaft maar als iets anders beter werkt staan we daar natuurlijk voor open...en moeten we dan nog een apart Spyware programma hebben lopen?

14 sep 2011 18:44 13 door Maxstar
Administrator

Hoi,

meril schreef:(Er was dus wel echt een virus aanwezig begrijp ik?)
Ik ben heel erg blij dat dit forum bestaat, en mensen zoals jij!

Het systeem was inderdaad nog deels geïnfecteerd, en natuurlijk bedankt voor het compliment. Daar is het forum immers voor bedoeld.

meril schreef:Voldoet McAfee wel als virusprogramma of kunnen we beter iets anders gebruiken? Hebben deze net aangeschaft maar als iets anders beter werkt staan we daar natuurlijk voor open...en moeten we dan nog een apart Spyware programma hebben lopen?

In principe is McAfee een redelijke virusscanner maar qua detectie laat deze toch vaak te wensen over, en de vertraging van McAfee is en blijft een bekend probleem die heel veel mensen aangeven.
Aangezien je McAfee net hebt gekocht zou ik dit gewoon blijven gebruiken totdat de licentie is verlopen want anders is het ook zonde.

Naast McAfee zou ik wel een gratis aanvullende 'malware' scanner zoals MalwareBytes' Anti-Malware (MBAM) of Emsisoft AntiMalware gebruiken om periodiek de computer mee te scannen.
De betaalde versies van MBAM en Emsisoft hebben een 'real-time' protectie die heel goed naast een bestaande virusscanner zijn te gebruiken.

Als er nu verder geen problemen meer merkbaar zijn kunnen we gaan opruimen.

Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

meril

14 sep 2011 19:46 14 door meril
PC Web Plus - Member

Okidoki!

15 sep 2011 10:51 15 door Maxstar
Administrator

Hoi,

De volgende programma's en bijbehorende log bestanden mag je verwijderen.

HijackThis
TDSSKiller
DDS
aswMBR
F Cleaner
ComboFix via de onderstaande instructies.

Verwijderen ComboFix, kopiëer het onderstaande commando met (Ctrl + C):
Combofix /Uninstall (let op!!! de spatie voor /Uninstall)

Klik Start -> Uitvoeren, en plak (Ctrl + V) het commando, toets vervolgens Ctrl + Shift + Enter. Afbeelding

Aangezien de problemen zijn verholpen adviseer ik u nog wel even het onderstaande uit te voeren.

1.) Systeemherstelpunten verwijderen
Als de computer geïnfecteerd is geweest met een malware infectie is het raadzaam om alle aanwezige systeemherstelpunten te verwijderen, want hier kunnen namelijk besmette herstelpunten tussen zitten.

Hoe u de herstelpunten verwijderd leest u hier
Hoe u zelf snel een nieuw systeemherstelpunt aan kunt maken leest u hier

2.) Installeren van essentiële updates.
Hoe u uw besturingssysteem en overige software up to date houdt kunt u hier lezen.
Door middel van het programma Secunia PSI wordt u automatisch gewaarschuwd indien er updates voor de geïnstalleerde software beschikbaar is, meer informatie leest u hier

3.) Pas op voor 'Phishing' berichten.
Phishing is een vorm van internet oplichting (fraude), met valse e-mailberichten en websites die er vertrouwd uitzien wordt er getracht 'logingegevens' en andere persoonlijke informatie te achterhalen.
Dit gebeurt vaak op hele slinkse manieren, zoals bijvoorbeeld e-mailberichten waarin u gevraagd wordt uw inloggegevens te verifiëren, in deze gevallen wordt u vaak naar een valse (clone) website gestuurd, zodra u uw gegevens hier hebt ingevoerd zijn deze in de handen van de kwaadwillende met alle gevolgen van dien.
Meer informatie leest u hier

4.) Gebruikersaccounts
Met dit account heeft u dus het volledige beheer van de computer in handen, het is dan ook niet aan te raden om dit account als primair account voor het dagelijkse gebruik in te stellen.
Meer informatie hierover leest u hier

5.) Risico's bij het downloaden
Peer to Peer (P2P) netwerken en ook Usenet (nieuwsgroepen) zijn een grote bron op het internet wat betreft het verspreiden van malware, het aanbieden van 'gevaarlijke' software (malware) gebeurt vrijwel anoniem waardoor dit een veel gebruikte methode is voor het verspreiden van malware.
Meer informatie hierover leest u hier

6.) Preventie informatie & het gebruik van beveiligings software.
Hier en hier staat informatie hoe u een infectie kunt voorkomen, lees dit eens op uw gemak door.

7.) Ik adviseer wel om de gebruikte inloggegevens van de ING te wijzigen, zoals ook alle andere wachtwoorden.

Ga naar Mijn ING
Ga naar ‘Service en Instellingen’ en vervolgens naar ‘Mijn instellingen wijzigen’
Kies hier voor ‘Wachtwoord’ en wijzig deze.
Zie ook deze link met uitleg van de ING

Meer informatie over het gebruik van "beveiligings software" en "valse (nep) software" (rogueware) leest u hier

Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie

Member of UNITE Unified Network of Instructors and Trained Eliminators (Unite Against Malware)

Ook problemen met ING, tan codes geblokkeerd

Toon berichten van afgelopen

Sorteer op

Beste bezoeker, welkom op PC Web Plus!