ComboFix 10-08-14.06 - Brian 15-08-2010 16:36:23.9.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1790.847 [GMT 2:00] Gestart vanuit: c:\users\Brian\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Brian\Desktop\CFScript.txt..txt SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ASWFSBLK -------\Legacy_ASWSP -------\Service_aswFsBlk -------\Service_aswSP (((((((((((((((((((( Bestanden Gemaakt van 2010-07-15 to 2010-08-15 )))))))))))))))))))))))))))))) . 2010-08-15 14:43 . 2010-08-15 14:46 -------- d-----w- c:\users\Brian\AppData\Local\temp 2010-08-15 14:43 . 2010-08-15 14:43 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-08-15 14:43 . 2010-08-15 14:43 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-08-13 17:03 . 2010-02-03 17:36 97784 ----a-w- c:\windows\system32\drivers\ssoftnt4.sys 2010-08-13 17:03 . 2009-12-04 09:15 927984 ----a-w- c:\windows\system32\cryptainersrv.exe 2010-08-13 17:03 . 2010-08-13 17:03 -------- d-----w- c:\program files\Cryptainer 2010-08-13 11:39 . 2010-08-13 11:39 -------- d-----w- c:\programdata\Malwarebytes 2010-08-07 11:36 . 2010-08-07 11:36 -------- d-----w- c:\users\Brian\AppData\Roaming\eSobi 2010-08-06 22:39 . 2010-04-09 11:16 535624 ----a-w- c:\windows\system32\pwNative.exe 2010-08-06 22:39 . 2010-04-09 11:16 16472 ------w- c:\windows\system32\pwdrvio.sys 2010-08-06 22:39 . 2010-04-09 11:16 11104 ------w- c:\windows\system32\pwdspio.sys 2010-08-04 00:20 . 2010-08-04 20:13 -------- d-----w- c:\users\Brian\AppData\Roaming\vlc 2010-08-04 00:16 . 2010-08-14 14:29 -------- d-----w- c:\users\Brian\AppData\Roaming\dvdcss 2010-07-20 00:09 . 2010-07-20 00:18 -------- d-----w- c:\users\Brian\AppData\Local\temp(98) 2010-07-18 16:53 . 2010-07-18 16:53 -------- d-----w- c:\program files\Microsoft.NET 2010-07-18 16:51 . 2010-07-18 16:51 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2010-07-18 16:51 . 2010-07-18 16:51 -------- d-----w- c:\users\Brian\AppData\Local\Microsoft Help 2010-07-18 16:50 . 2010-07-18 16:50 -------- d-----r- C:\MSOCache 2010-07-18 00:31 . 2010-07-18 00:36 -------- d-----w- c:\users\Brian\AppData\Roaming\PhotoFiltre 2010-07-17 13:55 . 2010-07-17 13:56 -------- d-----w- c:\program files\NVIDIA Corporation . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-15 14:46 . 2010-07-17 14:00 93921 ----a-w- c:\programdata\nvModes.dat 2010-08-15 14:32 . 2010-07-09 16:57 -------- d-----w- c:\users\Brian\AppData\Roaming\uTorrent 2010-08-15 14:11 . 2008-01-21 06:47 667114 ----a-w- c:\windows\system32\perfh013.dat 2010-08-15 14:11 . 2008-01-21 06:47 126648 ----a-w- c:\windows\system32\perfc013.dat 2010-08-14 14:31 . 2008-05-08 18:14 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-08-13 17:13 . 2010-07-10 18:02 -------- d-----w- c:\program files\Windows Live 2010-08-12 00:29 . 2008-05-08 19:03 -------- d-----w- c:\programdata\Microsoft Help 2010-08-12 00:24 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-08-09 22:23 . 2010-07-09 18:56 -------- d-----w- c:\programdata\CanonIJPLM 2010-08-02 16:31 . 2010-08-02 16:28 -------- d-----w- c:\programdata\Messenger Plus! 2010-08-02 16:01 . 2010-08-02 16:01 -------- d-----w- c:\program files\Windows Live(27) 2010-07-31 21:33 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2010-07-31 21:32 . 2010-07-10 21:50 -------- d-----w- c:\program files\QS 2010-07-31 21:32 . 2010-07-10 18:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-07-31 21:32 . 2010-07-10 16:32 -------- d-----w- c:\program files\VGA USB Camera 2010-07-31 21:32 . 2010-07-09 20:30 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-07-31 21:01 . 2010-07-31 21:01 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition(21) 2010-07-31 21:00 . 2010-07-31 20:59 -------- dc----w- c:\program files\Common Files\WindowsLiveInstaller 2010-07-31 20:59 . 2010-07-31 20:59 -------- d-----w- c:\programdata\WLInstaller 2010-07-19 00:25 . 2008-05-08 19:05 -------- d-----w- c:\program files\Microsoft Works 2010-07-18 17:33 . 2010-07-09 15:34 102424 ----a-w- c:\users\Brian\AppData\Local\GDIPFONTCACHEV1.DAT 2010-07-18 16:54 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild 2010-07-17 22:08 . 2008-05-08 18:23 -------- d-----w- c:\programdata\NVIDIA 2010-07-13 22:26 . 2008-05-08 18:45 -------- d-----w- c:\programdata\CyberLink 2010-07-13 22:26 . 2010-07-13 22:26 -------- d-----w- c:\users\Brian\AppData\Roaming\CyberLink 2010-07-13 21:40 . 2010-07-13 21:40 -------- d-----w- c:\program files\AM-DeadLink 2010-07-13 21:35 . 2010-07-13 21:35 -------- d-----w- c:\users\Brian\AppData\Roaming\Convivea 2010-07-12 19:44 . 2010-07-12 19:44 -------- d-----w- c:\program files\AGEIA Technologies 2010-07-12 19:43 . 2010-07-12 19:43 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-07-12 19:26 . 2010-07-12 15:03 1356 ----a-w- c:\users\Brian\AppData\Local\d3d9caps.dat 2010-07-12 17:32 . 2010-07-12 17:32 -------- d-----w- c:\programdata\NVIDIA Corporation 2010-07-12 14:49 . 2010-07-12 14:49 -------- d-----w- c:\program files\SystemRequirementsLab 2010-07-11 20:23 . 2008-05-08 18:14 -------- d-----w- c:\program files\profile 2010-07-11 10:43 . 2010-07-10 18:02 -------- d-----w- c:\program files\Microsoft 2010-07-10 21:50 . 2010-07-10 21:50 -------- d-----w- c:\users\Brian\AppData\Roaming\TeamViewer 2010-07-10 19:51 . 2010-07-10 19:50 -------- d-----w- c:\program files\Common Files\Adobe 2010-07-10 15:08 . 2010-07-10 15:08 -------- d-----w- c:\program files\Common Files\Java 2010-07-10 15:07 . 2010-07-10 15:08 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-07-10 15:07 . 2010-07-10 15:07 -------- d-----w- c:\program files\Java 2010-07-10 09:29 . 2010-07-10 09:29 -------- d-----w- c:\users\Brian\AppData\Roaming\Malwarebytes 2010-07-10 00:16 . 2010-07-10 00:16 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf 2010-07-10 00:16 . 2010-07-10 00:16 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf 2010-07-10 00:03 . 2010-07-10 00:03 -------- d-----w- c:\users\Brian\AppData\Roaming\Logitech 2010-07-10 00:00 . 2010-07-10 00:00 53248 ----a-r- c:\users\Brian\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2010-07-10 00:00 . 2010-07-10 00:00 -------- d-----w- c:\users\Brian\AppData\Roaming\Leadertech 2010-07-10 00:00 . 2010-07-09 23:58 -------- d-----w- c:\program files\Common Files\LogiShrd 2010-07-09 23:57 . 2010-07-09 23:57 -------- d-----w- c:\programdata\Logitech 2010-07-09 23:57 . 2010-07-09 23:57 -------- d-----w- c:\programdata\LogiShrd 2010-07-09 23:48 . 2010-07-09 23:48 -------- d-----w- c:\users\Brian\AppData\Roaming\aignes 2010-07-09 23:11 . 2010-07-09 20:32 -------- d-----w- c:\program files\Microsoft Silverlight 2010-07-09 23:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2010-07-09 23:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2010-07-09 23:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2010-07-09 23:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2010-07-09 23:09 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2010-07-09 23:09 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2010-07-09 22:18 . 2010-07-09 22:18 -------- d-----w- c:\programdata\Office Genuine Advantage 2010-07-09 20:27 . 2010-07-09 20:27 -------- d-----w- c:\program files\Common Files\Windows Live 2010-07-09 18:59 . 2010-07-09 18:59 -------- d-----w- c:\users\Brian\AppData\Roaming\Canon 2010-07-09 18:56 . 2010-07-09 18:47 -------- d-----w- c:\program files\Canon 2010-07-09 18:53 . 2010-07-09 18:52 -------- d-----w- c:\programdata\ScanSoft 2010-07-09 18:53 . 2008-05-08 18:20 -------- d-----w- c:\program files\Common Files\InstallShield 2010-07-09 18:50 . 2010-07-09 18:50 -------- d-----w- c:\program files\Common Files\CANON 2010-07-09 18:49 . 2010-07-09 18:49 -------- d--h--w- c:\programdata\CanonBJ 2010-07-09 18:48 . 2010-07-09 18:48 -------- d--h--w- c:\program files\CanonBJ 2010-07-09 18:23 . 2010-07-09 18:23 -------- d-----w- c:\program files\MSXML 4.0 2010-07-09 17:01 . 2010-07-09 17:01 -------- d-----w- c:\users\Brian\AppData\Roaming\Stardock 2010-06-26 06:05 . 2010-08-12 00:22 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-26 06:02 . 2010-08-12 00:22 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-06-26 06:02 . 2010-08-12 00:21 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-06-26 04:25 . 2010-08-12 00:21 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-06-21 13:37 . 2010-08-12 00:21 2037760 ----a-w- c:\windows\system32\win32k.sys 2010-06-18 17:31 . 2010-08-12 00:21 36864 ----a-w- c:\windows\system32\rtutils.dll 2010-06-18 15:04 . 2010-08-12 00:21 302080 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-18 15:04 . 2010-08-12 00:21 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-06-16 16:04 . 2010-08-12 00:21 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys 2010-06-11 16:16 . 2010-08-12 00:21 274944 ----a-w- c:\windows\system32\schannel.dll 2010-06-11 16:15 . 2010-08-12 00:21 1248768 ----a-w- c:\windows\system32\msxml3.dll 2010-06-08 17:35 . 2010-08-12 00:21 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-06-08 17:35 . 2010-08-12 00:21 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-05-28 10:58 . 2010-07-12 15:34 600680 ----a-w- c:\windows\system32\NVUNINST.EXE 2010-05-27 20:08 . 2010-08-12 00:21 81920 ----a-w- c:\windows\system32\iccvid.dll 2010-05-26 17:06 . 2010-07-09 16:29 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-26 14:47 . 2010-07-09 16:29 289792 ----a-w- c:\windows\system32\atmfd.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 21:38 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856] "Acer Empowering Technology Monitor"="c:\program files\Acer\Empowering Technology\SysMonitor.exe" [2008-04-25 319488] "EmpoweringTechnology"="c:\program files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-04-25 319488] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040] "WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304] "snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776] "Skytel"="Skytel.exe" [2007-11-20 1826816] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - d:\program files\SetPoint\SetPoint\SetPoint.exe [2010-7-10 805392] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "d:\program files\Fences\Stardock\Fences\FencesMenu.dll" [2009-10-02 128360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux7"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-06-17 06:24 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-07-09 19:18 136176 ----atw- c:\users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HyvesDesktop.exe] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMMediaSharing] 2008-01-25 16:49 204908 ----a-w- c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] 2010-03-09 02:52 15872 ----a-w- d:\program files\unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):4e,f2,1c,91,bc,1f,cb,01 R3 netr73;Linksys Compact Wireless-G USB Adapter Driver for Vista;c:\windows\system32\DRIVERS\WUSB54GCx86.sys [x] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [x] R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2010-04-09 16472] R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2010-04-09 11104] S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [2008-06-05 43792] S1 ssoftnt4;ssoftnt4;c:\windows\system32\Drivers\ssoftnt4.sys [2010-02-03 97784] S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256] S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384] S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-04-25 24576] S2 fsproflt;FSPro Filter Service;c:\windows\system32\fsproflt.exe [2010-01-06 142648] S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072] . Inhoud van de 'Gedeelde Taken' map 2010-08-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-262068592-1290992578-934002659-1000Core.job - c:\users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-09 19:18] 2010-08-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-262068592-1290992578-934002659-1000UA.job - c:\users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-09 19:18] 2010-08-15 c:\windows\Tasks\User_Feed_Synchronization-{98F2EA63-86F5-4D14-BE95-F5544EDFCB2F}.job - c:\windows\system32\msfeedssync.exe [2010-08-12 04:24] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ mStart Page = hxxp://nl.intl.acer.yahoo.com IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: %SYSTEMROOT%\system32\nvLsp.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-08-15 16:46 Windows 6.0.6002 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'Explorer.exe'(3476) c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll d:\program files\Fences\Stardock\Fences\FencesMenu.dll d:\program files\fences\stardock\fences\DesktopDock.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\nvvsvc.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe c:\program files\Canon\IJPLM\IJPLMSVC.EXE c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\windows\system32\cryptainersrv.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\conime.exe c:\windows\system32\wbem\unsecapp.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Voltooingstijd: 2010-08-15 16:51:25 - machine werd herstart ComboFix-quarantined-files.txt 2010-08-15 14:51 ComboFix2.txt 2010-08-14 16:42 Pre-Run: 125.241.749.504 bytes beschikbaar Post-Run: 124.788.629.504 bytes beschikbaar - - End Of File - - 2E4D2DC6EE54A5A434A07336B8D9BD55