[OPGELOST] hulp

[magske]

wat moet ik doen om exe files en dll files terug te laten werken:s

[stegisoft]

Wat bedoeld je met exe en dll bestanden?

Hebt je geen enkel exe bestanden?

[magske]

jawel maar ik kan veel dingen nie opstarten , kheb een error gekregen met

lxbkjswr.dll dat is in verband met mijn printer

en ik kan ook geen spelletjes laten spelen door ons jongens omdat hij de exe filles niet vindt grts magske

[stegisoft]

Download

http://www.trendsecure.com/portal/en...ols/hijackthis

Dubbelklik op HJTInstall.exe

Klik op "Do a systemscan and save a logfile".

Zet hier dat logje aan je volgende bericht.

Bij Vista moet je eerst met rechterknopmuis klikken op Hijackthis en run as administrator.

Als het niet lukt dan kan je op een andere computer downloaden en installeren op de usb stick.

[magske]

mercikes zal het onmiddelijk proberen grts magske

---------- Post toegevoegd om 18:35 ---------- Vorige post was om 18:29 ----------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:30:56, on 5/11/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18828)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\RtHDVCpl.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Users\magske\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Launch Manager\QtZgAcer.EXE

C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe

C:\Program Files\Acer\WR_PopUp\ProductReg.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Acer\WR_PopUp\AcerRegTool.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe

C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe

O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE Systemboot

O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"

O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O15 - Trusted Zone: Lexmark - United States

O16 - DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} (Lexmark eDiagnostics Class) - https://ediagnostics.lexmark.com/serval.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--

End of file - 11823 bytes

[kape]

Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

O15 - Trusted Zone: Lexmark - United States

Klik op 'Fix checked' om de items te verwijderen.

Download Combofix naar je Bureaublad.

Lees hier meer over correct gebruik van Combofix.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

• Dubbelklik op Combofix.exe om het te starten.
  Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
  Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
  Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
  Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
  Klik na afloop terug op Ja om het scannen op malware te starten.
  Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
  

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

[magske]

lukt niet xxx

[kape]

lukt niet xxx

Wat lukt niet ? Het fixen met HiJackThis of het downloaden van Combofix ?

[magske]

amaai wat een log zeg lol

Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.32.1043.18.2814.1963 [GMT 1:00]

Gestart vanuit: c:\users\magske\Desktop\ComboFix.exe

AV: Bitdefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

SP: BitDefender Antispyware *disabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\recycler\S-1-5-21-1611899855-3686127798-506424024-6419

c:\recycler\S-1-5-21-2307157709-2433290363-034000539-3946

c:\recycler\S-1-5-21-4623944692-4753563887-783394993-2464

c:\recycler\S-1-5-21-7128312629-7002452149-476830974-1088

c:\recycler\S-1-5-21-7596322488-7206408993-590904122-4040

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-10-05 to 2009-11-05 ))))))))))))))))))))))))))))))

.

2009-11-05 19:05 . 2009-11-05 19:05 -------- d-----w- c:\users\Default\AppData\Local\temp

2009-11-05 17:30 . 2009-11-05 17:30 -------- d-----w- c:\program files\Trend Micro

2009-11-05 16:23 . 2009-11-05 18:50 81984 ----a-w- c:\windows\system32\bdod.bin

2009-11-05 16:20 . 2009-11-05 16:20 -------- d-----w- c:\users\magske\AppData\Roaming\Bitdefender

2009-11-05 16:19 . 2009-11-05 16:20 -------- d-----w- c:\programdata\BitDefender

2009-11-05 16:19 . 2009-11-05 16:19 -------- d-----w- c:\program files\BitDefender

2009-11-05 16:18 . 2009-11-05 16:19 4096 d-----w- c:\program files\Common Files\BitDefender

2009-11-05 16:04 . 2009-11-05 16:04 -------- d-----w- c:\users\magske\pirate bay

2009-11-05 15:46 . 2009-11-05 15:46 -------- d-----w- c:\windows\system32\ErrorLogs

2009-11-05 15:36 . 2008-09-03 03:59 468992 ----a-w- c:\windows\system32\newdev.dll

2009-11-05 15:36 . 2008-09-03 03:58 74752 ----a-w- c:\windows\system32\newdev.exe

2009-11-05 15:28 . 2009-07-06 04:25 2838442 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\speedupmypc2009.exe

2009-11-05 14:39 . 2009-11-05 14:39 4096 d-----w- C:\Python26

2009-11-05 14:36 . 2009-11-05 14:36 -------- d-----w- c:\users\magske\AppData\Roaming\Blender Foundation

2009-11-05 14:36 . 2009-11-05 14:36 -------- d-----w- c:\program files\Blender Foundation

2009-11-05 14:30 . 2009-11-05 15:28 -------- d-----w- c:\users\magske\AppData\Roaming\Uniblue

2009-11-04 15:43 . 2009-03-08 11:33 420352 ----a-w- c:\windows\system32\vbscript.dll

2009-11-04 15:43 . 2009-03-08 11:33 109568 ----a-w- c:\windows\system32\PDMSetup.exe

2009-11-04 15:43 . 2009-03-08 11:33 107520 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2009-11-04 15:43 . 2009-03-08 11:33 107008 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2009-11-04 15:43 . 2009-03-08 11:33 103936 ----a-w- c:\windows\system32\SetDepNx.exe

2009-11-04 15:43 . 2009-03-08 11:32 169472 ----a-w- c:\windows\system32\iexpress.exe

2009-11-04 15:43 . 2009-03-08 11:31 45568 ----a-w- c:\windows\system32\mshta.exe

2009-11-04 15:39 . 2008-12-17 09:30 313888 ----a-w- c:\windows\system32\nvexpbar.dll

2009-11-04 12:53 . 2009-11-04 12:53 -------- d-----w- c:\programdata\McAfee Security Scan

2009-11-04 11:35 . 2009-11-04 11:35 -------- d-----w- C:\EGIS_Drive

2009-11-04 08:57 . 1997-01-22 19:26 565760 ----a-w- c:\windows\system32\MSVCP50.DLL

2009-11-04 08:57 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe

2009-11-04 00:56 . 2009-11-04 00:56 -------- d-----w- c:\programdata\PC Drivers HeadQuarters

2009-11-04 00:56 . 2009-11-04 00:56 -------- d-----w- c:\program files\PC Drivers HeadQuarters

2009-11-04 00:56 . 2009-11-04 00:56 -------- d-----w- c:\users\magske\AppData\Local\Downloaded Installations

2009-11-04 00:55 . 2009-11-04 00:56 4096 d-----w- c:\users\magske\AppData\Roaming\GetRightToGo

2009-11-03 17:08 . 2009-11-03 23:52 -------- d-----w- C:\drivers

2009-11-02 13:28 . 2009-11-03 09:36 4096 d-----w- c:\program files\Microsoft Silverlight

2009-11-02 13:27 . 2009-11-02 13:27 -------- d-----w- c:\program files\Microsoft Sync Framework

2009-11-02 13:26 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll

2009-11-02 13:24 . 2009-11-02 13:28 -------- d-----w- c:\program files\Microsoft

2009-11-02 12:42 . 2009-11-04 12:56 -------- d-----w- c:\users\magske\AppData\Local\Adobe

2009-11-02 11:41 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll

2009-11-02 11:21 . 2009-11-02 11:21 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2009-11-02 11:09 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll

2009-11-02 11:09 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2009-11-02 11:09 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2009-11-02 11:09 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll

2009-11-02 11:09 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe

2009-11-02 11:09 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2009-11-02 11:09 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe

2009-11-02 11:03 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll

2009-11-02 11:02 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll

2009-11-02 11:02 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll

2009-11-02 11:02 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll

2009-11-02 11:02 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll

2009-11-01 23:20 . 2009-11-05 18:19 8192 d-----w- c:\users\magske\AppData\Roaming\LimeWire

2009-11-01 23:20 . 2009-11-01 23:20 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-11-01 23:20 . 2009-11-01 23:20 -------- d-----w- c:\program files\Java

2009-11-01 23:19 . 2009-11-01 23:20 4096 d-----w- c:\program files\LimeWire

2009-11-01 23:16 . 2009-11-04 11:44 -------- d-----w- c:\users\magske\AppData\Local\Deployment

2009-11-01 23:16 . 2009-11-01 23:16 -------- d-----w- c:\users\magske\AppData\Local\Apps

2009-11-01 23:13 . 2009-11-05 18:56 -------- d-----w- c:\users\magske\Tracing

2009-11-01 23:01 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll

2009-11-01 23:01 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll

2009-11-01 23:01 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll

2009-11-01 23:01 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll

2009-11-01 23:01 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2009-11-01 23:01 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll

2009-11-01 23:01 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll

2009-11-01 23:01 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe

2009-11-01 22:52 . 2009-08-28 12:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2009-11-01 22:52 . 2009-08-28 10:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2009-11-01 22:52 . 2009-09-14 09:44 144896 ----a-w- c:\windows\system32\drivers\srv2.sys

2009-11-01 22:52 . 2009-08-05 17:15 3599960 ----a-w- c:\windows\system32\ntkrnlpa.exe

2009-11-01 22:52 . 2009-08-05 17:15 3547736 ----a-w- c:\windows\system32\ntoskrnl.exe

2009-11-01 22:52 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll

2009-11-01 22:50 . 2009-11-04 15:39 -------- d-----w- c:\programdata\NVIDIA

2009-11-01 22:46 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys

2009-11-01 22:46 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll

2009-11-01 22:46 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE

2009-11-01 22:46 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE

2009-11-01 22:46 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE

2009-11-01 22:46 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE

2009-11-01 22:46 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe

2009-11-01 22:46 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE

2009-11-01 22:46 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE

2009-11-01 22:46 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll

2009-11-01 22:44 . 2009-09-10 17:30 213504 ----a-w- c:\windows\system32\msv1_0.dll

2009-11-01 22:43 . 2008-01-16 17:35 44544 ----a-w- c:\windows\system32\msxml4a.dll

2009-11-01 22:42 . 2009-11-01 22:42 -------- d-----w- c:\users\magske\AppData\Local\PlayMovie

2009-11-01 22:41 . 2009-11-01 22:41 -------- d-----w- c:\users\magske\AppData\Local\PowerCinema

2009-11-01 22:41 . 2009-11-01 22:42 -------- d-----w- c:\programdata\CyberLink

2009-11-01 22:38 . 2009-11-01 22:44 4096 d-----w- c:\program files\Acer Arcade Deluxe

2009-11-01 22:35 . 2008-05-09 13:06 204800 ----a-w- c:\windows\system32\SysHook.dll

2009-11-01 22:34 . 2009-11-01 22:34 -------- d-----w- c:\program files\Acer Inc

2009-11-01 22:33 . 2009-09-10 15:21 310784 ----a-w- c:\windows\system32\unregmp2.exe

2009-11-01 22:33 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll

2009-11-01 22:33 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll

2009-11-01 22:33 . 2009-09-10 15:21 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2009-11-01 22:32 . 2009-11-01 22:32 4096 d-----w- c:\program files\Launch Manager

2009-11-01 22:31 . 2009-04-02 12:37 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL

2009-11-01 22:31 . 2009-11-01 22:31 -------- d-----w- c:\windows\BUVC_AP

2009-11-01 22:31 . 2009-11-01 22:31 -------- d-----w- c:\users\magske\AppData\Roaming\InstallShield

2009-11-01 22:29 . 2008-12-28 23:34 797216 ----a-w- c:\windows\system32\nvcplui.exe

2009-11-01 22:29 . 2008-12-28 23:34 1108512 ----a-w- c:\windows\system32\nvcpluir.dll

2009-11-01 22:28 . 2009-11-05 16:26 4096 d-----w- c:\users\magske\AppData\Local\Google

2009-11-01 22:27 . 2009-11-05 17:32 -------- d-----w- c:\users\magske\AppData\Local\VirtualStore

2009-11-01 22:27 . 2009-11-02 12:27 71280 ----a-w- c:\users\magske\AppData\Local\GDIPFONTCACHEV1.DAT

2009-11-01 22:23 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll

2009-11-01 22:23 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe

2009-11-01 22:23 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll

2009-11-01 22:23 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll

2009-11-01 22:23 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll

2009-11-01 22:23 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll

2009-11-01 22:23 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll

2009-11-01 22:23 . 2008-10-16 13:08 162064 ----a-w- c:\windows\system32\wuwebv.dll

2009-11-01 22:23 . 2008-10-16 12:56 31232 ----a-w- c:\windows\system32\wuapp.exe

2009-11-01 22:22 . 2009-11-01 22:22 -------- d-sh--we c:\users\Default\Sjablonen

2009-11-01 22:22 . 2009-11-01 22:22 -------- d-sh--we c:\users\Default\Netwerkprinteromgeving

2009-11-01 22:22 . 2009-11-01 22:22 -------- d-sh--we c:\users\Default\Mijn documenten

2009-11-01 22:22 . 2009-11-01 22:22 -------- d-sh--we c:\users\Default\Menu Start

2009-11-01 22:22 . 2009-11-01 22:22 -------- d-sh--we c:\users\Default\AppData\Local\Geschiedenis

2009-11-01 22:22 . 2009-11-01 22:22 -------- d-sh--we c:\programdata\Sjablonen

2009-11-01 22:22 . 2009-11-01 22:22 -------- d-sh--we c:\programdata\Menu Start

2009-11-01 22:22 . 2009-11-01 22:22 -------- d-sh--we c:\programdata\Favorieten

2009-11-01 22:22 . 2009-11-01 22:22 -------- d-sh--we c:\programdata\Documenten

2009-11-01 22:22 . 2009-11-01 22:22 -------- d-sh--we c:\programdata\Bureaublad

2009-11-01 22:17 . 2009-11-01 22:17 -------- d-----w- c:\program files\Synaptics

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-11-05 18:19 . 2009-11-02 17:43 27934 ----a-w- c:\programdata\nvModes.dat

2009-11-05 15:45 . 2009-05-26 01:00 4096 d-----w- c:\programdata\McAfee

2009-11-05 15:28 . 2009-11-05 15:27 4096 dc-h--w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}

2009-11-05 15:28 . 2009-11-05 15:28 -------- d-----w- c:\program files\Uniblue

2009-11-05 14:33 . 2009-05-26 00:24 8192 d--h--w- c:\program files\InstallShield Installation Information

2009-11-04 17:16 . 2008-01-21 05:45 667352 ----a-w- c:\windows\system32\perfh013.dat

2009-11-04 17:16 . 2008-01-21 05:45 126854 ----a-w- c:\windows\system32\perfc013.dat

2009-11-04 15:10 . 2009-05-26 00:49 8192 d-----w- c:\program files\Acer GameZone

2009-11-04 12:56 . 2009-05-26 01:21 4096 d-----w- c:\program files\Common Files\Adobe

2009-11-02 13:28 . 2009-05-26 00:57 4096 d-----w- c:\program files\Windows Live

2009-11-02 11:44 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail

2009-11-02 11:31 . 2009-05-26 00:37 8192 d-----w- c:\programdata\Microsoft Help

2009-11-02 11:20 . 2009-05-26 00:39 28672 d-----w- c:\program files\Microsoft Works

2009-11-01 23:54 . 2009-05-26 01:06 -------- d-----w- c:\programdata\SiteAdvisor

2009-11-01 23:53 . 2009-05-26 00:51 4096 d-----w- c:\program files\Google

2009-11-01 22:42 . 2009-11-01 22:25 680 ----a-w- c:\users\magske\AppData\Local\d3d9caps.dat

2009-11-01 22:26 . 2009-05-26 00:48 -------- d-----w- c:\program files\Acer

2009-11-01 22:17 . 2009-11-01 22:17 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf

2009-09-30 05:53 . 2009-09-30 05:53 1184768 ----a-w- c:\windows\system32\drivers\athr.sys

2009-09-04 12:24 . 2009-11-01 22:44 61440 ----a-w- c:\windows\system32\msasn1.dll

2009-08-27 05:22 . 2009-11-04 15:46 916480 ----a-w- c:\windows\system32\wininet.dll

2009-08-27 05:17 . 2009-11-04 15:46 71680 ----a-w- c:\windows\system32\iesetup.dll

2009-08-27 05:17 . 2009-11-04 15:46 109056 ----a-w- c:\windows\system32\iesysprep.dll

2009-08-27 03:42 . 2009-11-04 15:46 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-08-17 22:33 . 2009-08-17 22:33 1193832 ----a-w- c:\windows\system32\FM20.DLL

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2008-05-14 15:05 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-01 68856]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-05-26 24064]

"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-05-30 544768]

"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896]

"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-13 1033512]

"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-07-16 821768]

"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-05-09 397312]

"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-12 147456]

"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-12 167936]

"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-01 149280]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-17 13552160]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-17 92704]

"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 61440]

"BDAgent"="c:\program files\BitDefender\BitDefender 2008\bdagent.exe" [2008-09-04 368640]

"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-05-20 6144000]

c:\users\magske\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-9-30 503808]

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [1/11/2009 23:41 61424]

R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3/03/2008 12:11 16384]

R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [1/11/2009 23:43 81504]

R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [26/05/2009 1:48 24576]

R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25/04/2008 20:36 45056]

R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [1/11/2009 23:44 122368]

R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30/03/2009 16:28 1533808]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [26/05/2009 8:22 210432]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [26/05/2009 8:22 45600]

R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [28/03/2007 6:51 43008]

S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25/04/2008 20:36 131072]

S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [26/05/2009 1:51 24064]

S3 Ltn_stk7070P;PCTV LITEON based TV tuner device;c:\windows\System32\drivers\Ltn_stk7070P.sys [26/05/2009 8:22 542976]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - MBR

*Deregistered* - mbr

*Deregistered* - PROCEXP113

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

bdx REG_MULTI_SZ scan

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vb32&d=1109&m=aspire_7530

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vb32&d=1109&m=aspire_7530

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

.

- - - - ORPHANS VERWIJDERD - - - -

HKLM-Run-eRecoveryService - (no file)

SafeBoot-mcmscsvc

SafeBoot-MCODS

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-11-05 20:06

Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'Explorer.exe'(7416)

c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll

c:\windows\System32\SysHook.dll

.

Voltooingstijd: 2009-11-05 20:09

ComboFix-quarantined-files.txt 2009-11-05 19:09

Pre-Run: 73.072.615.424 bytes beschikbaar

Post-Run: 73.093.267.456 bytes beschikbaar

- - End Of File - - 0E38F821670E5F35F29E5CD7E3FFB393

[magske]

kape ik wil je bedanken ik denk dat alles gemaakt is grts maggy en heel hard bedankt