Ga naar inhoud

[OPGELOST] Acer laptop 2 maanden oud nu al traag HJT log bijgeoegd.

BriaBlo
 Delen

Aanbevolen berichten

BriaBlo Groentje

BriaBlo

Geplaatst:
Geplaatst:

hallo, ik heb nu 2 maandjes mijn nieuwe acer aspire 6935G die toch redenlijk goede specs heeft met

duo core T9400 2.53 GHz

4GB DDR3

Geforce 6900m GT

en vista

maar hij word nu al traag te traag als ik hem op start en niks uit voer behalve windows media player dan loopt t cpu gebruik al op tot wel 80 en soms 100% waardoor hij begint te haperen etc, nu ben ik wel redenlijk op de hoogte hoe je dingen kan uitschakelen met taakbeheer en msconfig enzmaar bij taakbeheer is er niet een specifiek proces wat echt heel veel verbruikt er zijn wel 80 tot 90 proceccen aan de gang meteen al na het opstarten mischien dat jullie als experts wel een oplossing weten heb meteen maar een HJT log gemaakt en bijgevoegd hoop dat julli eme kunnen helpen MVG Brian Blom

Logfile of Advanced SystemCare 3 Security Analyzer

Scan saved at 23:14:03, on 3-7-2009

Platform: Windows Vista (WinNT 6.0)

MSIE: Internet Explorer v8.0 (8.0.6001.18783)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

C:\Windows\PLFSetI.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe

C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Users\Brian\Program Files\DNA\btdna.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Users\Brian\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe

C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll

O2 - BHO: scriptproxy - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll

O2 - BHO: scriptproxy - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: scriptproxy - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: scriptproxy - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Brian\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe

O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"

O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show

O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"

O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} -

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: iGroupTec Service (IGBASVC) - Unknown - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PnkBstrA - Unknown - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown - C:\Windows\system32\PnkBstrB.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

O23 - Service: Raw Socket Service (SamSs) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Ook je logje geeft geen aanduidingen van extra problemen met malware e.d. Er is één progje waar enige twijfel over bestaat : C:\Windows\PLFSetI.exe. Indien mogelijk zou je dat eens kunnen uitschakelen en ook fixen met HiJackThis ... en dan bekijken of dit enig verschil maakt. Maar dit is eerder een gokje - gezien de twijfel eromtrent - dan een zekerheid :s

Link naar reactie
Delen op andere sites
BriaBlo Groentje

BriaBlo

Geplaatst:
  • Auteur
Geplaatst:

dankje voor het nakijken van de log ik zal eens dat progamma uitzetten en kijken wat er gebeurt, weet iemand nog andere dingen waar het aan kan liggen?? want ik zit op uitzending in dubai en heb ook geen backup-cd's mee etc en dit is een van de weinige mediums waar ik nog een beetje contact met de buiten wereld mee kan hebben

alvast bedankt!! Brian

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

We kunnen nog wel even dieper kijken :

Download Combofix naar je Bureaublad.

Lees hier meer over correct gebruik van Combofix.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!


  • Dubbelklik op Combofix.exe om het te starten.
    Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
    Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
    Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
    Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
    Klik na afloop terug op Ja om het scannen op malware te starten.
    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

Link naar reactie
Delen op andere sites
BriaBlo Groentje

BriaBlo

Geplaatst:
  • Auteur
Geplaatst:

ik heb comba fix gedownload en opgeslagen op het bureaublad als ik het progamma dan probeer uit te voeren krijg ik de waarschuwig dat het geen geldige win-32 toepassing is en als ik hem dan opnieuw uitvoer maar dan als administrator dan krijg ik de waarschuwing dat ongeldige toegang tot geheugen locatie.

daarna het progamma opnieuw gedownload zonder enige anti-virus of dergelijke in werking en nogsteeds t zelfde probleem.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Verwijder de huidige download via Start -> Uitvoeren -> typ combofix /u (let op de spatie vóór de slash). Download dan Combofix opnieuw, maar als je het opslaat naar het bureaublad wijzig je de naam van combofix.exe naar bvb. scan.exe ... en probeer dan eens of je via de snelkoppeling het programma wel aan de praat krijgt ?

Link naar reactie
Delen op andere sites
BriaBlo Groentje

BriaBlo

Geplaatst:
  • Auteur
Geplaatst:

dat heeft geholpen, ik kreeg nu ook het juiste icoontje dus ik hoop dat je wel iets uit deze log kan halen:

ComboFix 09-07-04.04 - Brian 05-07-2009 11:09:15.1 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3068.2111 [GMT 4:00]

Gestart vanuit: C:\Users\Brian\Desktop\Scan.exe

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

* Aanwezig AV is actief

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Users\Brian\AppData\Roaming\.#

C:\WINDOWS\Installer\1850a6.msi

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-06-05 to 2009-07-05 ))))))))))))))))))))))))))))))

.

2009-07-05 07:18:55 . 2009-07-05 07:28:40 0 d-----w- C:\Users\Brian\AppData\Local\temp

2009-06-28 18:22:06 . 2009-06-28 18:22:06 0 d-----w- C:\divx

2009-06-28 18:13:59 . 2009-06-28 18:14:26 0 d-----w- C:\Users\Brian\AppData\Roaming\DivX

2009-06-28 18:13:49 . 2009-06-28 18:13:49 0 d-----w- C:\Program Files\Common Files\PX Storage Engine

2009-06-28 18:13:29 . 2009-06-28 18:13:56 0 d-----w- C:\Program Files\DivX

2009-06-28 18:13:29 . 2009-06-28 18:13:38 0 d-----w- C:\Program Files\Common Files\DivX Shared

2009-06-28 18:12:05 . 2009-06-28 18:12:07 0 d-----w- C:\Users\Brian\AppData\Local\Deployment

2009-06-28 18:12:05 . 2009-06-28 18:12:05 0 d-----w- C:\Users\Brian\AppData\Local\Apps

2009-06-28 18:12:03 . 2009-06-28 18:12:03 0 d-----w- C:\divxmuxwizz

2009-06-27 14:09:36 . 2009-06-27 14:09:31 22328 ----a-w- C:\Windows\system32\drivers\PnkBstrK.sys

2009-06-27 14:09:31 . 2009-06-27 14:09:31 22328 ----a-w- C:\Users\Brian\AppData\Roaming\PnkBstrK.sys

2009-06-27 14:09:11 . 2009-06-27 14:09:17 103736 ----a-w- C:\Windows\system32\PnkBstrB.exe

2009-06-27 14:09:04 . 2009-06-27 14:09:04 66872 ----a-w- C:\Windows\system32\PnkBstrA.exe

2009-06-27 13:37:04 . 2009-06-27 13:37:04 0 d-----w- C:\Program Files\Activision

2009-06-27 13:34:14 . 2009-06-27 13:34:14 0 d-sh--w- C:\Windows\ftpcache

2009-06-27 13:20:58 . 2009-06-27 13:20:58 0 d-----w- C:\Program Files\VS Revo Group

2009-06-27 13:13:43 . 2009-06-27 13:13:43 0 d-----w- C:\Users\Brian\AppData\Roaming\IObit

2009-06-27 13:13:42 . 2009-06-28 06:23:18 0 d-----w- C:\Program Files\IObit

2009-06-26 11:59:38 . 2009-06-26 12:32:52 0 d-----w- C:\Users\Brian\AppData\Local\SJphone

2009-06-26 11:59:38 . 2009-06-26 11:59:38 0 d-----w- C:\Program Files\SJLabs

2009-06-26 11:58:56 . 2009-06-26 11:58:56 0 d-----w- C:\Program Files\Common Files\Wise Installation Wizard

2009-06-20 10:50:04 . 2009-06-20 10:50:04 0 d-----w- C:\Garmin

2009-06-16 16:00:13 . 2009-05-09 05:34:34 71680 ----a-w- C:\Windows\system32\iesetup.dll

2009-06-16 16:00:10 . 2009-05-09 05:50:28 915456 ----a-w- C:\Windows\system32\wininet.dll

2009-06-16 15:55:35 . 2009-06-16 15:55:35 0 d-----w- C:\Users\Brian\AppData\Local\Microsoft Help

2009-06-15 19:17:45 . 2009-06-20 12:00:12 11904 ----a-w- C:\Windows\system32\drivers\hitmanpro35.sys

2009-06-15 19:17:24 . 2009-06-15 19:18:06 0 d-----w- C:\ProgramData\Hitman Pro

2009-06-15 17:56:06 . 2009-04-30 12:37:48 428544 ----a-w- C:\Windows\system32\EncDec.dll

2009-06-15 17:56:05 . 2009-04-30 12:37:57 293376 ----a-w- C:\Windows\system32\psisdecd.dll

2009-06-12 15:09:10 . 2009-04-23 12:43:04 784896 ----a-w- C:\Windows\system32\rpcrt4.dll

2009-06-12 14:17:12 . 2009-04-21 11:55:06 2033152 ----a-w- C:\Windows\system32\win32k.sys

2009-06-12 14:06:45 . 2009-04-23 12:42:53 636928 ----a-w- C:\Windows\system32\localspl.dll

2009-06-12 11:22:41 . 2009-06-12 11:22:41 0 d-----w- C:\Users\Brian\Program Files

2009-06-09 16:18:04 . 2009-06-09 16:18:17 0 d-----w- C:\Users\Brian\torrents

2009-06-09 16:09:05 . 2009-06-13 23:39:02 0 d-----w- C:\Users\Brian\AppData\Roaming\BitTorrent

2009-06-09 16:07:34 . 2009-06-09 16:07:34 0 d-----w- C:\Users\Brian\AppData\Local\DNA

2009-06-09 16:07:31 . 2009-07-05 07:19:31 0 d-----w- C:\Users\Brian\AppData\Roaming\DNA

2009-06-09 16:07:31 . 2009-07-02 09:10:38 0 d-----w- C:\Program Files\DNA

2009-06-09 14:06:40 . 2009-06-20 15:13:11 0 d-----w- C:\Users\Brian\Incomplete

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-07-05 07:25:53 . 2008-01-21 06:47:04 667352 ----a-w- C:\Windows\system32\perfh013.dat

2009-07-05 07:25:53 . 2008-01-21 06:47:04 126854 ----a-w- C:\Windows\system32\perfc013.dat

2009-07-05 07:19:38 . 2009-05-06 11:22:50 12 ----a-w- C:\Windows\bthservsdp.dat

2009-07-04 17:26:53 . 2009-05-12 07:59:33 82171 ----a-w- C:\ProgramData\nvModes.dat

2009-06-30 10:37:24 . 2008-07-15 08:36:23 0 d-----w- C:\Program Files\McAfee

2009-06-28 17:24:01 . 2008-07-15 08:26:41 0 d--h--w- C:\Program Files\InstallShield Installation Information

2009-06-20 15:51:47 . 2009-05-13 09:48:04 0 d-----w- C:\Users\Brian\AppData\Roaming\LimeWire

2009-06-16 16:11:49 . 2009-05-05 16:38:27 71280 ----a-w- C:\Users\Brian\AppData\Local\GDIPFONTCACHEV1.DAT

2009-06-16 15:56:22 . 2008-07-15 09:02:28 0 d-----w- C:\ProgramData\Microsoft Help

2009-06-16 15:54:20 . 2008-07-15 09:03:48 0 d-----w- C:\Program Files\Microsoft Works

2009-06-12 11:22:57 . 2009-06-03 18:49:29 680 ----a-w- C:\Users\Brian\AppData\Local\d3d9caps.dat

2009-06-03 19:51:11 . 2008-07-15 08:32:07 0 d-----w- C:\Program Files\Common Files\InstallShield

2009-05-21 11:29:11 . 2009-05-21 11:29:11 0 d-----w- C:\ProgramData\Macrovision

2009-05-21 11:29:09 . 2009-05-21 11:29:09 0 d-----w- C:\Program Files\Common Files\Adobe Systems Shared

2009-05-21 11:28:55 . 2008-07-15 09:01:22 0 d-----w- C:\Program Files\Common Files\Adobe

2009-05-19 14:57:45 . 2009-05-19 14:57:45 0 d-----w- C:\Users\Brian\AppData\Roaming\vlc

2009-05-17 21:16:37 . 2009-05-17 20:09:07 0 d-----w- C:\Users\Brian\AppData\Roaming\Skype

2009-05-17 20:11:03 . 2009-05-17 20:11:03 56 ---ha-w- C:\ProgramData\ezsidmv.dat

2009-05-17 20:11:02 . 2009-05-17 20:11:02 0 d-----w- C:\Users\Brian\AppData\Roaming\skypePM

2009-05-17 20:08:54 . 2009-05-17 20:08:52 0 d-----r- C:\Program Files\Skype

2009-05-17 20:08:54 . 2009-05-17 20:08:49 0 d-----w- C:\ProgramData\Skype

2009-05-17 20:08:53 . 2009-05-17 20:08:53 0 d-----w- C:\Program Files\Common Files\Skype

2009-05-15 16:10:02 . 2009-05-15 16:10:02 721904 ----a-w- C:\Windows\system32\drivers\sptd.sys

2009-05-15 13:03:24 . 2009-05-05 17:28:54 0 d-----w- C:\Users\Brian\AppData\Roaming\Acer

2009-05-13 09:36:45 . 2009-05-12 21:17:42 0 d-----w- C:\Program Files\Java

2009-05-12 21:30:48 . 2006-11-02 11:18:33 0 d-----w- C:\Program Files\Windows Mail

2009-05-12 11:04:21 . 2009-05-12 11:04:21 0 d-----w- C:\Users\Brian\AppData\Roaming\The Creative Assembly

2009-05-11 15:11:29 . 2009-05-11 15:11:29 0 ---ha-w- C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2009-05-08 10:01:03 . 2008-07-15 08:37:55 0 d-----w- C:\Program Files\SiteAdvisor

2009-05-08 09:23:55 . 2008-07-15 08:36:21 0 d-----w- C:\ProgramData\McAfee

2009-05-08 08:10:03 . 2008-07-15 08:37:55 0 d-----w- C:\ProgramData\SiteAdvisor

2009-05-07 16:07:25 . 2009-05-07 16:07:25 0 d-----w- C:\ProgramData\Media Center Programs

2009-05-07 15:52:19 . 2009-05-07 11:34:34 0 d-----w- C:\Program Files\Common Files\Steam

2009-05-07 15:48:16 . 2009-05-05 16:36:08 0 d-----w- C:\Program Files\Google

2009-05-07 11:25:22 . 2009-05-05 17:17:01 0 d-----w- C:\ProgramData\CyberLink

2009-05-06 20:42:53 . 2009-05-06 20:42:43 0 d-----w- C:\Users\Brian\AppData\Roaming\CyberLink

2009-05-06 20:42:51 . 2009-05-06 20:42:51 0 d-----w- C:\ProgramData\PlayMovie

2009-05-06 18:41:42 . 2008-07-15 09:17:46 0 d-----w- C:\Program Files\eSobi

2009-05-06 08:24:25 . 2009-05-06 08:24:25 0 d-----w- C:\Program Files\MSXML 4.0

2009-05-05 22:22:25 . 2008-07-15 08:34:48 125 ----a-w- C:\Windows\xUninstall.bat

2009-05-05 17:17:10 . 2009-05-05 17:17:12 36864 ----a-w- C:\ProgramData\Temp\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\PostBuild.exe

2009-05-05 17:16:46 . 2009-05-05 17:17:01 53319 ----a-w- C:\ProgramData\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe

2009-05-05 16:53:03 . 2009-05-05 16:53:03 118784 ----a-w- C:\Windows\system32\VMC3KAPI.dll

2009-05-05 16:53:03 . 2009-05-05 16:53:03 114688 ----a-w- C:\Windows\system32\VCryptAPI.dll

2009-05-05 16:52:51 . 2009-05-05 16:52:51 23040 ----a-w- C:\Windows\system32\ShlCmd.exe

2009-05-05 16:52:49 . 2009-05-05 16:52:49 5632 ----a-w- C:\Windows\system32\biologon.dll

2009-05-05 16:52:36 . 2009-05-05 16:52:36 43184 ----a-w- C:\Windows\system32\drivers\AlfaFF.sys

2009-05-05 16:52:36 . 2009-05-05 16:52:36 331776 ----a-w- C:\Windows\system32\DrvCrypt.dll

2009-05-05 16:52:36 . 2009-05-05 16:52:36 16384 ----a-w- C:\Windows\system32\AlfaFF.dll

2009-05-05 16:52:30 . 2009-05-05 16:52:30 192512 ----a-w- C:\Windows\system32\BioOne.dll

2009-05-05 16:52:29 . 2009-05-05 16:52:29 189952 ----a-w- C:\Windows\system32\PBAGUI.dll

2009-04-15 20:24:40 . 2009-04-15 20:24:40 90112 ----a-w- C:\Windows\system32\dpl100.dll

2009-04-15 20:24:38 . 2009-04-15 20:24:38 823296 ----a-w- C:\Windows\system32\divx_xx0c.dll

2009-04-15 20:24:38 . 2009-04-15 20:24:38 823296 ----a-w- C:\Windows\system32\divx_xx07.dll

2009-04-15 20:24:38 . 2009-04-15 20:24:38 815104 ----a-w- C:\Windows\system32\divx_xx0a.dll

2009-04-15 20:24:38 . 2009-04-15 20:24:38 802816 ----a-w- C:\Windows\system32\divx_xx11.dll

2009-04-15 20:24:38 . 2009-04-15 20:24:38 684032 ----a-w- C:\Windows\system32\DivX.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2008-07-29 15:52:34 121392 ----a-w- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 16:52:40 3885408]

"BitTorrent DNA"="C:\Users\Brian\Program Files\DNA\btdna.exe" [2009-06-12 11:22:42 321344]

"AlcoholAutomount"="D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-08-01 18:17:21 222592]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 02:23:29 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 15:45:06 182808]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-04 09:26:54 1037608]

"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2009-03-25 15:25:20 645328]

"eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 15:52:50 526896]

"BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 19:36:20 28672]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 02:38:54 40048]

"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-08-01 13:11:00 13548064]

"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-08-01 13:11:00 92704]

"ProductReg"="C:\Program Files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 03:53:32 6144]

"ZPdtWzdVitaKey MC3000"="C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-05-05 16:52:32 3719680]

"PLFSetI"="C:\Windows\PLFSetI.exe" [2008-06-30 15:56:32 200704]

"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2008-06-16 09:58:38 809480]

"eAudio"="C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-09-11 20:46:38 544768]

"ePower_DMC"="C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 07:51:42 405504]

"ArcadeDeluxeAgent"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-07-24 13:54:10 147456]

"CLMLServer"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-07-24 13:54:18 167936]

"PlayMovie"="C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-07-18 14:04:36 167936]

"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-03-09 03:19:17 148888]

"RtHDVCpl"="RtHDVCpl.exe" - C:\Windows\RtHDVCpl.exe [2008-05-07 08:19:26 6139904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-5-21 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]

2009-05-05 16:52:53 3162624 ----a-w- C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{56DACD60-1C76-48B4-B349-5588497504C2}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent

"{C25AB198-14E1-4D19-B3E0-9CAF668E3422}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe

"{D9765EFB-B68F-49D4-83D5-26AD13855B95}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe

"{FE8EA7E6-CABD-4B4A-A763-39FB5A83E867}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe

"{6BEACB18-C7D6-4EF3-A719-2D19CC426712}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe

"{CFDD83ED-A217-40AF-A64A-96F88CF70351}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe

"{F1FEDDBD-EAFB-45B2-BC42-AE5FF0008DCD}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe

"{A70962F8-D497-41AC-AF33-C52193C85D8D}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{28664E5F-1A2E-48A1-A60C-316F23BB4E26}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{4D05C54E-32AD-4CAA-9CFB-4ACFD383577E}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe

"{C99AB8BB-3EA7-4AAD-8360-6829E72B26DF}"= C:\Program Files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie

"{C0194FC8-0C50-48AE-8D9A-35E36D94593D}"= C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program

"{C788411D-14FC-4B16-8825-A367FB184650}"= C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia

"{0392ADC5-D9A4-48F0-A572-951CAB40423B}"= C:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector

"{AE6029F3-2B69-49F7-B852-CB3D388E49C7}"= C:\Program Files\Acer\Acer VCM\VC.exe:Acer VCM

"{BE94EB98-499E-4043-B6A0-7DCDFEBFB2D6}"= UDP:D:\Program Files\Steam\steamapps\common\company of heroes sp demo\RelicCOH.exe:Company of Heroes Singleplayer Demo

"{C94E4D26-FEE3-4C74-A5E1-6ACC291B8B67}"= TCP:D:\Program Files\Steam\steamapps\common\company of heroes sp demo\RelicCOH.exe:Company of Heroes Singleplayer Demo

"{2BC1B18E-AA96-43A0-80B1-36FD748F3DFE}"= UDP:D:\Program Files\Steam\steamapps\common\empire total war demo\Empire.exe:Empire: Total War Demo

"{A8320325-7DBE-42A2-8F32-E84FBF11A698}"= TCP:D:\Program Files\Steam\steamapps\common\empire total war demo\Empire.exe:Empire: Total War Demo

"{8280703C-D0E2-4967-ACA1-2D93CB1FC9B7}"= C:\Program Files\Skype\Phone\Skype.exe:Skype

"{72794AF3-A7FC-477B-BDD7-A894178B4DF9}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA

"{6CAE8D06-1327-42EC-9470-8AE9DF2A188A}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA

"{D6F2683D-1701-4A2A-810D-97AA272CCD8E}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

"{ACD216F4-965D-46B0-BF22-9195B605A495}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

"{FF7D38A6-4BA9-418E-82C6-D73194A02C32}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare

"{341DE183-1A9C-471B-A412-6BF36194B869}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare

"{7922580C-A622-4A80-AC67-7227D381EBA3}"= UDP:C:\Program Files\DNA\btdna.exe:DNA (TCP-In)

"{CFC59CFA-BD12-46BB-BC59-2674A0FEEE53}"= TCP:C:\Program Files\DNA\btdna.exe:DNA (UDP-In)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

"d:\\Program Files\\BitTorrent\\bittorrent.exe"= d:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 AlfaFF;AlfaFF File System mini-filter;C:\Windows\System32\drivers\AlfaFF.sys [5-5-2009 20:52:36 43184]

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [5-5-2009 21:19:07 61424]

R2 CLHNService;CLHNService;C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [5-5-2009 21:20:43 81504]

R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [15-7-2008 12:35:22 24576]

R2 IGBASVC;iGroupTec Service;C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [5-5-2009 20:52:41 3520512]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [7-5-2009 22:25:26 210216]

R2 NTIPPKernel;NTIPPKernel;C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [5-5-2009 21:20:46 122368]

R2 RS_Service;Raw Socket Service;C:\Program Files\Acer\Acer VCM\RS_Service.exe [5-5-2009 21:28:49 233472]

R2 vfsFPService;Validity Fingerprint Service;C:\Windows\System32\vfsFPService.exe [26-5-2008 7:43:58 599344]

R3 AVerAF15;AVerMedia BDA Digital Tuner;C:\Windows\System32\drivers\AVerAF15.sys [6-5-2009 2:23:21 280192]

R3 itecir;ITECIR Infrared Receiver;C:\Windows\System32\drivers\itecir.sys [5-5-2009 21:02:10 54784]

R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1E60x86.sys [15-7-2008 21:48:39 47104]

R3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit;C:\Windows\System32\drivers\NETw5v32.sys [15-7-2008 21:48:49 3658752]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda32v.sys [18-8-2008 11:00:39 44064]

R3 vfs101x;vfs101x;C:\Windows\System32\drivers\vfs101x.sys [26-5-2008 7:44:14 40752]

S4 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3-3-2008 15:11:14 16384]

S4 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25-4-2008 23:36:20 45056]

S4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25-4-2008 23:36:02 131072]

S4 Pcapvc0ywce;Pcapvc0ywce; [x]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Inhoud van de 'Gedeelde Taken' map

2009-07-05 C:\Windows\Tasks\AWC Startup.job

- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-06-27 13:13:44 . 2009-04-30 17:22:40]

2008-07-15 C:\Windows\Tasks\McDefragTask.job

- c:\PROGRA~1\mcafee\mqc\QcConsol.exe [2009-05-08 09:20:51 . 2009-01-09 08:53:12]

2008-07-15 C:\Windows\Tasks\McQcTask.job

- c:\PROGRA~1\mcafee\mqc\QcConsol.exe [2009-05-08 09:20:51 . 2009-01-09 08:53:12]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.flabber.nl/

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0509&m=aspire_6935

IE: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-07-05 11:28:38

Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

nogmaals alvast bedankt!!

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Alweer geen echt zware problemen in dit logje. Maar toch nog even wat uittesten :

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

C:\Windows\system32\drivers\hitmanpro35.sys

Folder::

C:\ProgramData\Hitman Pro

Driver::

Pcapvc0ywce

hitmanpro35

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

En dan nog een gokje, omdat Alcohol Soft - als free- of sharewareversie - wel eens meer voor verrassingen durft zorgen, zou ik dat wel eens durven uitschakelen. Indien je dit (tijdelijk) wil verwijderen, moet je de volgende bewerkingen doen :

Ga naar Start - Uitvoeren en tik in: sc stop StarWindServiceAE

Druk op Enter.

Ga naar Start - Uitvoeren en tik in: sc delete StarWindServiceAE

Druk op Enter.

Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:

O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

Klik op 'Fix checked' om de items te verwijderen.

En verwijder volgende vetgedrukte map met Windows Verkenner

D:\Program Files\Alcohol Soft

Heeft dit geen invloed dan kan je die Alcohol 120 daarna terug downloaden.

Link naar reactie
Delen op andere sites
BriaBlo Groentje

BriaBlo

Geplaatst:
  • Auteur
Geplaatst:

zo, alles uitgevoert alcohol geprobeert te verweideren maar hij reageert toaal niet op dat sc stop StarWindServiceAE en die andere dus ook niet verder alcohol zo ver mogenlijk verwijdert en dat maakt geen verschil dus nu maar dat script gemaakt en uitgevoert alhier het nieuwe logje:

ComboFix 09-07-04.04 - Brian 05-07-2009 15:31:28.2 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3068.1822 [GMT 4:00]

Gestart vanuit: C:\Users\Brian\Desktop\Scan.exe

gebruikte Opdracht switches :: C:\Users\Brian\Desktop\CFScript.txt

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

* Aanwezig AV is actief

FILE ::

"C:\Windows\system32\drivers\hitmanpro35.sys"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\ProgramData\Hitman Pro

C:\ProgramData\Hitman Pro\Banner.bin

C:\Windows\system32\drivers\hitmanpro35.sys

.

---- Voorgaande Run -------

.

C:\WINDOWS\Installer\1850a6.msi

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_Pcapvc0ywce

(((((((((((((((((((( Bestanden Gemaakt van 2009-06-05 to 2009-07-05 ))))))))))))))))))))))))))))))

.

2009-07-05 11:40:56 . 2009-07-05 11:43:40 0 d-----w- C:\Users\Brian\AppData\Local\temp

2009-06-28 18:22:06 . 2009-06-28 18:22:06 0 d-----w- C:\divx

2009-06-28 18:13:59 . 2009-06-28 18:14:26 0 d-----w- C:\Users\Brian\AppData\Roaming\DivX

2009-06-28 18:13:49 . 2009-06-28 18:13:49 0 d-----w- C:\Program Files\Common Files\PX Storage Engine

2009-06-28 18:13:29 . 2009-06-28 18:13:56 0 d-----w- C:\Program Files\DivX

2009-06-28 18:13:29 . 2009-06-28 18:13:38 0 d-----w- C:\Program Files\Common Files\DivX Shared

2009-06-28 18:12:05 . 2009-06-28 18:12:07 0 d-----w- C:\Users\Brian\AppData\Local\Deployment

2009-06-28 18:12:05 . 2009-06-28 18:12:05 0 d-----w- C:\Users\Brian\AppData\Local\Apps

2009-06-28 18:12:03 . 2009-06-28 18:12:03 0 d-----w- C:\divxmuxwizz

2009-06-27 14:09:36 . 2009-06-27 14:09:31 22328 ----a-w- C:\Windows\system32\drivers\PnkBstrK.sys

2009-06-27 14:09:31 . 2009-06-27 14:09:31 22328 ----a-w- C:\Users\Brian\AppData\Roaming\PnkBstrK.sys

2009-06-27 14:09:11 . 2009-06-27 14:09:17 103736 ----a-w- C:\Windows\system32\PnkBstrB.exe

2009-06-27 14:09:04 . 2009-06-27 14:09:04 66872 ----a-w- C:\Windows\system32\PnkBstrA.exe

2009-06-27 13:37:04 . 2009-06-27 13:37:04 0 d-----w- C:\Program Files\Activision

2009-06-27 13:34:14 . 2009-06-27 13:34:14 0 d-sh--w- C:\Windows\ftpcache

2009-06-27 13:20:58 . 2009-06-27 13:20:58 0 d-----w- C:\Program Files\VS Revo Group

2009-06-27 13:13:43 . 2009-06-27 13:13:43 0 d-----w- C:\Users\Brian\AppData\Roaming\IObit

2009-06-27 13:13:42 . 2009-06-28 06:23:18 0 d-----w- C:\Program Files\IObit

2009-06-26 11:59:38 . 2009-06-26 12:32:52 0 d-----w- C:\Users\Brian\AppData\Local\SJphone

2009-06-26 11:59:38 . 2009-06-26 11:59:38 0 d-----w- C:\Program Files\SJLabs

2009-06-26 11:58:56 . 2009-06-26 11:58:56 0 d-----w- C:\Program Files\Common Files\Wise Installation Wizard

2009-06-20 10:50:04 . 2009-06-20 10:50:04 0 d-----w- C:\Garmin

2009-06-16 16:00:13 . 2009-05-09 05:34:34 71680 ----a-w- C:\Windows\system32\iesetup.dll

2009-06-16 16:00:10 . 2009-05-09 05:50:28 915456 ----a-w- C:\Windows\system32\wininet.dll

2009-06-16 15:55:35 . 2009-06-16 15:55:35 0 d-----w- C:\Users\Brian\AppData\Local\Microsoft Help

2009-06-15 17:56:06 . 2009-04-30 12:37:48 428544 ----a-w- C:\Windows\system32\EncDec.dll

2009-06-15 17:56:05 . 2009-04-30 12:37:57 293376 ----a-w- C:\Windows\system32\psisdecd.dll

2009-06-12 15:09:10 . 2009-04-23 12:43:04 784896 ----a-w- C:\Windows\system32\rpcrt4.dll

2009-06-12 14:17:12 . 2009-04-21 11:55:06 2033152 ----a-w- C:\Windows\system32\win32k.sys

2009-06-12 14:06:45 . 2009-04-23 12:42:53 636928 ----a-w- C:\Windows\system32\localspl.dll

2009-06-12 11:22:41 . 2009-06-12 11:22:41 0 d-----w- C:\Users\Brian\Program Files

2009-06-09 16:18:04 . 2009-06-09 16:18:17 0 d-----w- C:\Users\Brian\torrents

2009-06-09 16:09:05 . 2009-06-13 23:39:02 0 d-----w- C:\Users\Brian\AppData\Roaming\BitTorrent

2009-06-09 16:07:34 . 2009-06-09 16:07:34 0 d-----w- C:\Users\Brian\AppData\Local\DNA

2009-06-09 16:07:31 . 2009-07-05 11:41:23 0 d-----w- C:\Users\Brian\AppData\Roaming\DNA

2009-06-09 16:07:31 . 2009-07-02 09:10:38 0 d-----w- C:\Program Files\DNA

2009-06-09 14:06:40 . 2009-06-20 15:13:11 0 d-----w- C:\Users\Brian\Incomplete

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-07-05 11:41:30 . 2009-05-06 11:22:50 12 ----a-w- C:\Windows\bthservsdp.dat

2009-07-05 10:20:09 . 2008-01-21 06:47:04 667352 ----a-w- C:\Windows\system32\perfh013.dat

2009-07-05 10:20:09 . 2008-01-21 06:47:04 126854 ----a-w- C:\Windows\system32\perfc013.dat

2009-07-04 17:26:53 . 2009-05-12 07:59:33 82171 ----a-w- C:\ProgramData\nvModes.dat

2009-06-30 10:37:24 . 2008-07-15 08:36:23 0 d-----w- C:\Program Files\McAfee

2009-06-28 17:24:01 . 2008-07-15 08:26:41 0 d--h--w- C:\Program Files\InstallShield Installation Information

2009-06-20 15:51:47 . 2009-05-13 09:48:04 0 d-----w- C:\Users\Brian\AppData\Roaming\LimeWire

2009-06-16 16:11:49 . 2009-05-05 16:38:27 71280 ----a-w- C:\Users\Brian\AppData\Local\GDIPFONTCACHEV1.DAT

2009-06-16 15:56:22 . 2008-07-15 09:02:28 0 d-----w- C:\ProgramData\Microsoft Help

2009-06-16 15:54:20 . 2008-07-15 09:03:48 0 d-----w- C:\Program Files\Microsoft Works

2009-06-12 11:22:57 . 2009-06-03 18:49:29 680 ----a-w- C:\Users\Brian\AppData\Local\d3d9caps.dat

2009-06-03 19:51:11 . 2008-07-15 08:32:07 0 d-----w- C:\Program Files\Common Files\InstallShield

2009-05-21 11:29:11 . 2009-05-21 11:29:11 0 d-----w- C:\ProgramData\Macrovision

2009-05-21 11:29:09 . 2009-05-21 11:29:09 0 d-----w- C:\Program Files\Common Files\Adobe Systems Shared

2009-05-21 11:28:55 . 2008-07-15 09:01:22 0 d-----w- C:\Program Files\Common Files\Adobe

2009-05-19 14:57:45 . 2009-05-19 14:57:45 0 d-----w- C:\Users\Brian\AppData\Roaming\vlc

2009-05-17 21:16:37 . 2009-05-17 20:09:07 0 d-----w- C:\Users\Brian\AppData\Roaming\Skype

2009-05-17 20:11:03 . 2009-05-17 20:11:03 56 ---ha-w- C:\ProgramData\ezsidmv.dat

2009-05-17 20:11:02 . 2009-05-17 20:11:02 0 d-----w- C:\Users\Brian\AppData\Roaming\skypePM

2009-05-17 20:08:54 . 2009-05-17 20:08:52 0 d-----r- C:\Program Files\Skype

2009-05-17 20:08:54 . 2009-05-17 20:08:49 0 d-----w- C:\ProgramData\Skype

2009-05-17 20:08:53 . 2009-05-17 20:08:53 0 d-----w- C:\Program Files\Common Files\Skype

2009-05-15 16:10:02 . 2009-05-15 16:10:02 721904 ----a-w- C:\Windows\system32\drivers\sptd.sys

2009-05-15 13:03:24 . 2009-05-05 17:28:54 0 d-----w- C:\Users\Brian\AppData\Roaming\Acer

2009-05-13 09:36:45 . 2009-05-12 21:17:42 0 d-----w- C:\Program Files\Java

2009-05-12 21:30:48 . 2006-11-02 11:18:33 0 d-----w- C:\Program Files\Windows Mail

2009-05-12 11:04:21 . 2009-05-12 11:04:21 0 d-----w- C:\Users\Brian\AppData\Roaming\The Creative Assembly

2009-05-11 15:11:29 . 2009-05-11 15:11:29 0 ---ha-w- C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2009-05-08 10:01:03 . 2008-07-15 08:37:55 0 d-----w- C:\Program Files\SiteAdvisor

2009-05-08 09:23:55 . 2008-07-15 08:36:21 0 d-----w- C:\ProgramData\McAfee

2009-05-08 08:10:03 . 2008-07-15 08:37:55 0 d-----w- C:\ProgramData\SiteAdvisor

2009-05-07 16:07:25 . 2009-05-07 16:07:25 0 d-----w- C:\ProgramData\Media Center Programs

2009-05-07 15:52:19 . 2009-05-07 11:34:34 0 d-----w- C:\Program Files\Common Files\Steam

2009-05-07 15:48:16 . 2009-05-05 16:36:08 0 d-----w- C:\Program Files\Google

2009-05-07 11:25:22 . 2009-05-05 17:17:01 0 d-----w- C:\ProgramData\CyberLink

2009-05-06 20:42:53 . 2009-05-06 20:42:43 0 d-----w- C:\Users\Brian\AppData\Roaming\CyberLink

2009-05-06 20:42:51 . 2009-05-06 20:42:51 0 d-----w- C:\ProgramData\PlayMovie

2009-05-06 18:41:42 . 2008-07-15 09:17:46 0 d-----w- C:\Program Files\eSobi

2009-05-05 22:22:25 . 2008-07-15 08:34:48 125 ----a-w- C:\Windows\xUninstall.bat

2009-05-05 17:17:10 . 2009-05-05 17:17:12 36864 ----a-w- C:\ProgramData\Temp\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\PostBuild.exe

2009-05-05 17:16:46 . 2009-05-05 17:17:01 53319 ----a-w- C:\ProgramData\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe

2009-05-05 16:53:03 . 2009-05-05 16:53:03 118784 ----a-w- C:\Windows\system32\VMC3KAPI.dll

2009-05-05 16:53:03 . 2009-05-05 16:53:03 114688 ----a-w- C:\Windows\system32\VCryptAPI.dll

2009-05-05 16:52:51 . 2009-05-05 16:52:51 23040 ----a-w- C:\Windows\system32\ShlCmd.exe

2009-05-05 16:52:49 . 2009-05-05 16:52:49 5632 ----a-w- C:\Windows\system32\biologon.dll

2009-05-05 16:52:36 . 2009-05-05 16:52:36 43184 ----a-w- C:\Windows\system32\drivers\AlfaFF.sys

2009-05-05 16:52:36 . 2009-05-05 16:52:36 331776 ----a-w- C:\Windows\system32\DrvCrypt.dll

2009-05-05 16:52:36 . 2009-05-05 16:52:36 16384 ----a-w- C:\Windows\system32\AlfaFF.dll

2009-05-05 16:52:30 . 2009-05-05 16:52:30 192512 ----a-w- C:\Windows\system32\BioOne.dll

2009-05-05 16:52:29 . 2009-05-05 16:52:29 189952 ----a-w- C:\Windows\system32\PBAGUI.dll

2009-04-15 20:24:40 . 2009-04-15 20:24:40 90112 ----a-w- C:\Windows\system32\dpl100.dll

2009-04-15 20:24:38 . 2009-04-15 20:24:38 823296 ----a-w- C:\Windows\system32\divx_xx0c.dll

2009-04-15 20:24:38 . 2009-04-15 20:24:38 823296 ----a-w- C:\Windows\system32\divx_xx07.dll

2009-04-15 20:24:38 . 2009-04-15 20:24:38 815104 ----a-w- C:\Windows\system32\divx_xx0a.dll

2009-04-15 20:24:38 . 2009-04-15 20:24:38 802816 ----a-w- C:\Windows\system32\divx_xx11.dll

2009-04-15 20:24:38 . 2009-04-15 20:24:38 684032 ----a-w- C:\Windows\system32\DivX.dll

.

((((((((((((((((((((((((((((( SnapShot@2009-07-05_07.28.45 )))))))))))))))))))))))))))))))))))))))))

.

+ 2008-01-21 01:58:01 . 2009-07-05 08:36:55 57780 C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2006-11-02 13:05:11 . 2009-07-05 08:37:00 87766 C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

+ 2009-05-05 16:30:05 . 2009-07-05 11:35:56 32768 C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-05-05 16:30:05 . 2009-07-05 07:22:04 32768 C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-05-05 16:30:05 . 2009-07-05 07:22:04 49152 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-05-05 16:30:05 . 2009-07-05 11:35:56 49152 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-05-05 16:30:05 . 2009-07-05 11:35:56 16384 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-05-05 16:30:05 . 2009-07-05 07:22:04 16384 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-05-05 16:37:19 . 2009-07-05 08:37:00 5992 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1210195884-4264460027-3884599694-1000_UserData.bin

+ 2009-07-05 11:09:23 . 2009-07-05 11:09:25 5864 C:\Windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\D5485EFFDBC7A8150BD38C04CE8D76A5D72E646F\D5485EFFDBC7A8150BD38C04CE8D76A5D72E646F\Data.dat

- 2009-07-05 06:48:35 . 2009-07-05 06:48:36 5864 C:\Windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\D5485EFFDBC7A8150BD38C04CE8D76A5D72E646F\D5485EFFDBC7A8150BD38C04CE8D76A5D72E646F\Data.dat

+ 2009-07-05 11:09:38 . 2009-07-05 11:09:39 5220 C:\Windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\D358CB14376CE9F90790146155456C4FBFA49EF9\D358CB14376CE9F90790146155456C4FBFA49EF9\Data.dat

- 2009-07-05 06:46:37 . 2009-07-05 06:46:38 5822 C:\Windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\97DB1828C28FDB0F94A4153157DD0991117EAEAB\97DB1828C28FDB0F94A4153157DD0991117EAEAB\Data.dat

+ 2009-07-05 11:09:08 . 2009-07-05 11:09:09 5822 C:\Windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\97DB1828C28FDB0F94A4153157DD0991117EAEAB\97DB1828C28FDB0F94A4153157DD0991117EAEAB\Data.dat

- 2009-07-05 06:46:33 . 2009-07-05 06:46:39 4888 C:\Windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\081FA807FC5B63C60D1E99A781D2093E538B4BE3\081FA807FC5B63C60D1E99A781D2093E538B4BE3\Data.dat

+ 2009-07-05 11:09:02 . 2009-07-05 11:09:04 4888 C:\Windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\081FA807FC5B63C60D1E99A781D2093E538B4BE3\081FA807FC5B63C60D1E99A781D2093E538B4BE3\Data.dat

+ 2009-07-05 11:42:20 . 2009-07-05 11:42:20 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2009-07-05 07:20:37 . 2009-07-05 07:20:37 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2009-07-05 07:20:37 . 2009-07-05 07:20:37 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-05 11:42:20 . 2009-07-05 11:42:20 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2006-11-02 10:33:01 . 2009-07-05 10:20:09 587178 C:\Windows\System32\perfh009.dat

- 2006-11-02 10:33:01 . 2009-07-05 07:25:53 587178 C:\Windows\System32\perfh009.dat

- 2006-11-02 10:33:01 . 2009-07-05 07:25:53 101250 C:\Windows\System32\perfc009.dat

+ 2006-11-02 10:33:01 . 2009-07-05 10:20:09 101250 C:\Windows\System32\perfc009.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2008-07-29 15:52:34 121392 ----a-w- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 16:52:40 3885408]

"BitTorrent DNA"="C:\Users\Brian\Program Files\DNA\btdna.exe" [2009-06-12 11:22:42 321344]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 02:23:29 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 15:45:06 182808]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-04 09:26:54 1037608]

"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2009-03-25 15:25:20 645328]

"eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 15:52:50 526896]

"BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 19:36:20 28672]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 02:38:54 40048]

"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-08-01 13:11:00 13548064]

"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-08-01 13:11:00 92704]

"ProductReg"="C:\Program Files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 03:53:32 6144]

"ZPdtWzdVitaKey MC3000"="C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-05-05 16:52:32 3719680]

"PLFSetI"="C:\Windows\PLFSetI.exe" [2008-06-30 15:56:32 200704]

"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2008-06-16 09:58:38 809480]

"eAudio"="C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-09-11 20:46:38 544768]

"ePower_DMC"="C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 07:51:42 405504]

"ArcadeDeluxeAgent"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-07-24 13:54:10 147456]

"CLMLServer"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-07-24 13:54:18 167936]

"PlayMovie"="C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-07-18 14:04:36 167936]

"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-03-09 03:19:17 148888]

"RtHDVCpl"="RtHDVCpl.exe" - C:\Windows\RtHDVCpl.exe [2008-05-07 08:19:26 6139904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-5-21 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]

2009-05-05 16:52:53 3162624 ----a-w- C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{56DACD60-1C76-48B4-B349-5588497504C2}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent

"{C25AB198-14E1-4D19-B3E0-9CAF668E3422}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe

"{D9765EFB-B68F-49D4-83D5-26AD13855B95}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe

"{FE8EA7E6-CABD-4B4A-A763-39FB5A83E867}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe

"{6BEACB18-C7D6-4EF3-A719-2D19CC426712}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe

"{CFDD83ED-A217-40AF-A64A-96F88CF70351}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe

"{F1FEDDBD-EAFB-45B2-BC42-AE5FF0008DCD}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe

"{A70962F8-D497-41AC-AF33-C52193C85D8D}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{28664E5F-1A2E-48A1-A60C-316F23BB4E26}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{4D05C54E-32AD-4CAA-9CFB-4ACFD383577E}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe

"{C99AB8BB-3EA7-4AAD-8360-6829E72B26DF}"= C:\Program Files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie

"{C0194FC8-0C50-48AE-8D9A-35E36D94593D}"= C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program

"{C788411D-14FC-4B16-8825-A367FB184650}"= C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia

"{0392ADC5-D9A4-48F0-A572-951CAB40423B}"= C:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector

"{AE6029F3-2B69-49F7-B852-CB3D388E49C7}"= C:\Program Files\Acer\Acer VCM\VC.exe:Acer VCM

"{BE94EB98-499E-4043-B6A0-7DCDFEBFB2D6}"= UDP:D:\Program Files\Steam\steamapps\common\company of heroes sp demo\RelicCOH.exe:Company of Heroes Singleplayer Demo

"{C94E4D26-FEE3-4C74-A5E1-6ACC291B8B67}"= TCP:D:\Program Files\Steam\steamapps\common\company of heroes sp demo\RelicCOH.exe:Company of Heroes Singleplayer Demo

"{2BC1B18E-AA96-43A0-80B1-36FD748F3DFE}"= UDP:D:\Program Files\Steam\steamapps\common\empire total war demo\Empire.exe:Empire: Total War Demo

"{A8320325-7DBE-42A2-8F32-E84FBF11A698}"= TCP:D:\Program Files\Steam\steamapps\common\empire total war demo\Empire.exe:Empire: Total War Demo

"{8280703C-D0E2-4967-ACA1-2D93CB1FC9B7}"= C:\Program Files\Skype\Phone\Skype.exe:Skype

"{72794AF3-A7FC-477B-BDD7-A894178B4DF9}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA

"{6CAE8D06-1327-42EC-9470-8AE9DF2A188A}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA

"{D6F2683D-1701-4A2A-810D-97AA272CCD8E}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

"{ACD216F4-965D-46B0-BF22-9195B605A495}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB

"{FF7D38A6-4BA9-418E-82C6-D73194A02C32}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare

"{341DE183-1A9C-471B-A412-6BF36194B869}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare

"{7922580C-A622-4A80-AC67-7227D381EBA3}"= UDP:C:\Program Files\DNA\btdna.exe:DNA (TCP-In)

"{CFC59CFA-BD12-46BB-BC59-2674A0FEEE53}"= TCP:C:\Program Files\DNA\btdna.exe:DNA (UDP-In)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

"d:\\Program Files\\BitTorrent\\bittorrent.exe"= d:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R0 AlfaFF;AlfaFF File System mini-filter;C:\Windows\System32\drivers\AlfaFF.sys [5-5-2009 20:52:36 43184]

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [5-5-2009 21:19:07 61424]

R2 CLHNService;CLHNService;C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [5-5-2009 21:20:43 81504]

R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [15-7-2008 12:35:22 24576]

R2 IGBASVC;iGroupTec Service;C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [5-5-2009 20:52:41 3520512]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [7-5-2009 22:25:26 210216]

R2 NTIPPKernel;NTIPPKernel;C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [5-5-2009 21:20:46 122368]

R2 RS_Service;Raw Socket Service;C:\Program Files\Acer\Acer VCM\RS_Service.exe [5-5-2009 21:28:49 233472]

R2 vfsFPService;Validity Fingerprint Service;C:\Windows\System32\vfsFPService.exe [26-5-2008 7:43:58 599344]

R3 AVerAF15;AVerMedia BDA Digital Tuner;C:\Windows\System32\drivers\AVerAF15.sys [6-5-2009 2:23:21 280192]

R3 itecir;ITECIR Infrared Receiver;C:\Windows\System32\drivers\itecir.sys [5-5-2009 21:02:10 54784]

R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1E60x86.sys [15-7-2008 21:48:39 47104]

R3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit;C:\Windows\System32\drivers\NETw5v32.sys [15-7-2008 21:48:49 3658752]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda32v.sys [18-8-2008 11:00:39 44064]

R3 vfs101x;vfs101x;C:\Windows\System32\drivers\vfs101x.sys [26-5-2008 7:44:14 40752]

S4 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3-3-2008 15:11:14 16384]

S4 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25-4-2008 23:36:20 45056]

S4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25-4-2008 23:36:02 131072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Inhoud van de 'Gedeelde Taken' map

2009-07-05 C:\Windows\Tasks\AWC Startup.job

- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-06-27 13:13:44 . 2009-04-30 17:22:40]

2008-07-15 C:\Windows\Tasks\McDefragTask.job

- c:\PROGRA~1\mcafee\mqc\QcConsol.exe [2009-05-08 09:20:51 . 2009-01-09 08:53:12]

2008-07-15 C:\Windows\Tasks\McQcTask.job

- c:\PROGRA~1\mcafee\mqc\QcConsol.exe [2009-05-08 09:20:51 . 2009-01-09 08:53:12]

.

- - - - ORPHANS VERWIJDERD - - - -

HKCU-Run-AlcoholAutomount - D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.flabber.nl/

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0509&m=aspire_6935

IE: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Met uitzondering van dit bestand C:\ProgramData\ezsidmv.dat - dat je mag verwijderen met Windows Verkenner - zie ik geen negatieve aanduidingen meer in je logs.

Bekijk deze TIPS nog eens voor een "trage" computer. Misschien zitten daar nog hints in die je op het goede spoor kunnen zetten ?

Je mag ook Combofix verwijderen via Start -> Uitvoeren -> typ combofix /u

En laat daarna even weten hoe het nu staat ?

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.