Beste experts

Men raadde mij elders op het forum aan om een logje te plaatsen.
Mijn computer is 3 weken geleden gereboot omdat ik zot werd van de trage snelheid.
Nu is het alweer zo dat ik na een half uur tot een uur de hele computer moet heropstarten omdat hij super traag wordt.
wdm.exe; acer.empowering.framework.supervisor.exe; iexplorer.exe; explorer.exe; sidebar.exe, ... eten al mijn geheugen op.
CPU-gebruik plakt tegen de 100%. Ook als ik niets meer uitvoer...
Kunnen jullie hier iets mee?
Zijn er nog zaken die je moet weten?

Om de 3 weken rebooten zie ik echt niet zitten. Momenteel zit Norton erop, maar die loopt bijna op zijn einde...


mvg



Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 17:30:31, on 2/02/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Windows\PLFSetL.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Users\driesdb\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EX E
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\mfpmp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.ex e
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://baerdemaekerkes.proboards.com/index.cgi?board=general
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\s wg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Norton-werkbalk weergeven - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe" -startup
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6 FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: eNetHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Wachtwoordvalidatie voor Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12508 bytes

Indien Norton geen betalende verise is zou ik deze verwijderen!! Norton staat erom bekend het syteem te vertragen en belasten!! Download eerst een nieuwe Antivirus: KLIK (http://users.telenet.be/bluepatchy/miekiemoes/Links.html#AntiVirus%20Scanners)
Ook zie ik dat er enorm veel opstart samen met Windows die totaal niet nodig is.

Volgende programma's kun je uischakelen via start -- uitvoeren typ in MSConfig en klik op "ok". Ga naar de tab "opstarten" en haal het vinkje weg bij:

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe" -startup
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?

Herstart je PC!!!


Note: deze programma's kun je op dezelfde wijze terug inschakelen!!!

Dankjewel, er zal al veel ballast verdwenen zijn. Ik koos voor avast als virusscan, hopelijk is dat een goede keus geweest.

Zat net weer wat op internet te spelen en de computer werd opnieuw traag.

Bestaat er een knopje om in één keer het geheugen helemaal leeg te maken? en CPU te verminderen???

Al eens een schijfdefragmentatie en -opruiming gedaan?

Schijfopruiming en defragmentatie doe ik normaalgezien eens per maand. Het is nog geen maand geleden sinds ik een reboot gedaan heb.

Schijfopruiming en defragmentatie doe ik normaalgezien eens per maand. Het is nog geen maand geleden sinds ik een reboot gedaan heb.

Een maand geleden sinds je een reboot gedaan hebt???? Een reboot is gewoon heropstarten hoor!! Bedoel je misschien een format?

Ik dacht dat ik eens een moeilijk woord kon gebruiken...:rolleyes:
Ik bedoelde de computer met zo'n opstart cd helemaal opnieuw terugzetten naar de originele configuratie.
Ondertussen nog eens ad-aware en avast een volledige systeemscan laten doen, schijfcontrole en schijfopruiming. Nog steeds mag ik na een half uurtje een stom facebook-spelletje te spelen mijn hele systeem reboten (nu wel in de juiste context gebruikt :) )

Ik maakte nog eens een logje, want ik zette al die dingen die je me aanraadde uit.

Ik kreeg net als vorige keer deze foutmelding:
"For some reason your system dinied write access to the Host file. If any hijacked domains are in this file, HijackThis may NOT be able to fix this.
If that happens, you need to edit the file yourself. To do this, click start, run and type: C:\Windows\System32\drivers\etc\hosts
And press Enter. Find the line(s) HijackThis reports and delete them.
Save the file as ‘hosts.’(with quotes), and reboot.
For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose ‘run as administrator’."
Ik ben de enige die deze laptop gebruik en ik ben onmiddellijk aangemeld als administrator. Ik vind die optie niet wanneer ik rechts klik op het HJT-icoontje...
Vind je nog iets? (Als je nog eens wil kijken natuurlijk.)
mvg
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 20:35:15, on 4/02/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Windows\PLFSetL.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Users\driesdb\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EX E
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.ex e
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://baerdemaekerkes.proboards.com/index.cgi?board=general
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telenet.be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\s wg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6 FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: eNetHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9920 bytes

Even mijn lichtje bij de collega's opsteken hoor!!!

Hoi laat eerst nog even volgende tool runnen: ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

Dankjewel, heb ik net laten doen, dat duurde ongeveer een 5-tal minuutjes.
Kan het zijn dat avast en windows firewall ruzie maken?
Windows firewall wordt steeds uitgezet, avast zegt dat alles veilig is...

Dankjewel, heb ik net laten doen, dat duurde ongeveer een 5-tal minuutjes.
Kan het zijn dat avast en windows firewall ruzie maken?
Windows firewall wordt steeds uitgezet, avast zegt dat alles veilig is...

Dat betwijfel ik, op mijn andere PC is dit ook de combinatie die ik gebruik en heb er geen last van!!

Er is alleszins iets dat mijn firewall steeds uit zet. Heb met virusscan en adaware gescand, niets meer te vinden.

Download Combofix (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) naar je Bureaublad en gebruik het volgens deze handleiding (http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden).

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen! Dubbelklik op Combofix.exe om het te starten. Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate. Klik op OK in het "NirCmd" venstertje. Klik na afloop terug op Ja om het scannen op malware te starten. Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen. Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.Post dit logje in je volgende antwoord.

Dit is het logje van combofix:

ComboFix 10-02-12.01 - driesdb 16/02/2010 14:12:49.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3069.1722 [GMT 1:00]
Gestart vanuit: c:\users\driesdb\Desktop\ComboFix.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-01-16 to 2010-02-16 ))))))))))))))))))))))))))))))
.
2010-02-16 13:24 . 2010-02-16 13:24 -------- d-----w- c:\users\driesdb\AppData\Local\temp
2010-02-16 13:24 . 2010-02-16 13:24 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-02-16 13:24 . 2010-02-16 13:24 -------- d-----w- c:\users\Dries\AppData\Local\temp
2010-02-16 13:24 . 2010-02-16 13:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-16 13:24 . 2010-02-16 13:24 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2010-02-10 15:29 . 2010-02-10 15:29 -------- d-----w- c:\users\driesdb\AppData\Roaming\AnvSoft
2010-02-10 15:29 . 2010-02-10 15:29 -------- d-----w- c:\program files\AnvSoft
2010-02-10 13:03 . 2009-12-12 14:15 178176 ----a-w- c:\windows\system32\unrar.dll
2010-02-10 13:03 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-02-10 13:03 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-02-10 13:03 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-02-10 13:03 . 2010-01-05 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-02-10 13:03 . 2010-02-10 13:04 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-02-10 13:01 . 2010-02-10 13:01 15442876 ----a-w- c:\users\driesdb\klcodec561f.exe
2010-02-10 06:58 . 2009-12-11 11:43 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-10 06:58 . 2009-12-11 11:43 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-10 06:58 . 2009-12-08 20:01 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-10 06:58 . 2009-12-08 20:01 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-08 08:15 . 2010-02-09 18:48 -------- d-----w- c:\users\driesdb\AppData\Local\Adobe
2010-02-03 17:18 . 2010-02-03 16:05 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-02-03 16:08 . 2010-02-03 16:08 -------- d--h--w- c:\users\driesdb\AppData\Local\acer eNM
2010-02-03 16:05 . 2010-02-03 16:05 -------- dc----w- c:\windows\system32\DRVSTORE
2010-02-03 16:05 . 2009-12-02 13:19 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-02-03 16:05 . 2010-02-03 16:05 862040 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\threatwork.exe
2010-02-03 16:05 . 2010-02-03 16:05 15880 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lsdelete.exe
2010-02-03 16:05 . 2010-02-03 16:05 206944 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lavamessage.dll
2010-02-03 16:05 . 2010-02-03 16:05 390288 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lavalicense.dll
2010-02-03 16:05 . 2010-02-07 10:07 389784 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2010-02-03 16:05 . 2010-02-03 16:05 537576 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\aawapi.dll
2010-02-03 16:05 . 2010-02-03 16:05 163728 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\ShellExt.dll
2010-02-03 16:05 . 2010-02-03 16:05 8 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Savapibridge.dll
2010-02-03 16:04 . 2010-02-03 16:04 6296864 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Resources.dll
2010-02-03 16:04 . 2010-02-03 16:04 87496 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2010-02-03 16:04 . 2010-02-03 16:04 327000 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\RPAPI.dll
2010-02-03 16:04 . 2010-02-03 16:04 933120 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\CEAPI.dll
2010-02-03 16:04 . 2010-02-04 16:07 3803208 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2010-02-03 16:04 . 2010-02-03 16:04 816784 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2010-02-03 16:04 . 2010-02-04 16:07 823928 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2010-02-03 16:04 . 2010-02-03 16:04 1643272 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2010-02-03 16:04 . 2010-02-03 16:04 788880 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWTray.exe
2010-02-03 16:04 . 2010-02-07 10:07 1181328 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWService.exe
2010-02-03 16:04 . 2010-02-03 16:04 -------- dc-h--w- c:\programdata\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-02-03 16:04 . 2009-12-07 14:10 2953352 -c--a-w- c:\programdata\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe
2010-02-03 16:03 . 2010-02-03 16:05 -------- d-----w- c:\programdata\Lavasoft
2010-02-03 16:03 . 2010-02-03 16:03 -------- d-----w- c:\program files\Lavasoft
2010-02-03 12:08 . 2010-01-14 10:12 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-02-03 07:57 . 2010-01-28 21:57 163280 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-03 07:57 . 2010-01-28 21:54 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-03 07:57 . 2010-01-28 21:54 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-03 07:57 . 2010-01-28 21:57 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-03 07:57 . 2010-01-28 21:54 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-02-03 07:56 . 2010-01-28 22:09 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-03 07:56 . 2010-01-28 22:09 152672 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-03 07:56 . 2010-02-03 07:56 -------- d-----w- c:\programdata\Alwil Software
2010-02-03 07:56 . 2010-02-03 07:56 -------- d-----w- c:\program files\Alwil Software
2010-02-02 16:25 . 2010-02-02 16:26 388096 ----a-r- c:\users\driesdb\AppData\Roaming\Microsoft\Install er\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-02-02 16:25 . 2010-02-02 16:25 -------- d-----w- c:\program files\TrendMicro
2010-02-01 07:37 . 2010-02-01 07:37 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbFA76.tmp.exe
2010-01-26 15:32 . 2010-01-26 15:32 -------- d-----w- c:\programdata\Office Genuine Advantage
2010-01-19 22:02 . 2005-02-24 10:51 348160 ----a-w- c:\windows\system32\WMAFile.dll
2010-01-18 20:19 . 2010-01-18 20:20 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-18 20:15 . 2010-02-01 09:55 -------- d-----w- c:\program files\Google
2010-01-18 20:15 . 2010-01-18 20:23 -------- d-----w- c:\programdata\NOS
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-02-16 13:05 . 2006-11-02 16:11 670308 ----a-w- c:\windows\system32\perfh013.dat
2010-02-16 13:05 . 2006-11-02 16:11 127900 ----a-w- c:\windows\system32\perfc013.dat
2010-02-14 13:43 . 2009-12-05 17:03 848 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-02-10 07:59 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-02-10 07:13 . 2007-09-03 16:04 -------- d-----w- c:\programdata\Microsoft Help
2010-02-06 19:23 . 2007-09-03 16:17 -------- d-----w- c:\program files\Symantec
2010-02-06 19:21 . 2007-09-03 16:17 -------- d-----w- c:\programdata\Symantec
2010-02-06 19:21 . 2007-09-03 16:17 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-02-03 07:38 . 2009-11-21 21:29 -------- d-----w- c:\users\driesdb\AppData\Roaming\LimeWire
2010-01-19 22:02 . 2010-01-19 22:02 -------- d-----w- c:\users\driesdb\AppData\Roaming\FreeAudioPack
2010-01-19 22:02 . 2010-01-19 22:02 -------- d-----w- c:\program files\Free Audio Pack
2010-01-09 15:58 . 2010-01-09 15:58 -------- d-----w- c:\program files\Mobotix
2010-01-06 20:22 . 2010-01-06 20:22 335 ----a-w- c:\windows\mozregistry.dat
2010-01-06 20:22 . 2010-01-06 20:22 -------- d-----w- c:\users\driesdb\AppData\Roaming\Thunderbird
2010-01-06 20:22 . 2010-01-06 20:22 -------- d-----w- c:\program files\Qualcomm
2010-01-06 20:22 . 2010-01-06 20:22 -------- d-----w- c:\program files\Netscape
2010-01-06 20:22 . 2010-01-06 20:22 9728 ----a-w- c:\windows\system32\rnaph.dll
2010-01-06 19:25 . 2009-12-07 21:51 -------- d-----w- c:\program files\Java
2010-01-04 08:24 . 2010-01-04 08:24 -------- d-----w- c:\program files\PhotoViewer
2010-01-02 06:38 . 2010-01-21 18:26 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-21 18:26 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-21 18:26 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-21 18:26 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-27 11:03 . 2009-12-27 11:03 -------- d-----w- c:\program files\PC Inspector File Recovery
2009-12-27 11:03 . 2007-09-03 14:46 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-21 22:58 . 2009-11-20 16:05 27525 ----a-w- c:\users\driesdb\AppData\Roaming\nvModes.dat
2009-12-21 22:35 . 2009-12-21 22:35 -------- d-----w- c:\programdata\Forge of Games
2009-12-21 19:06 . 2009-12-21 19:06 1403592 ----a-w- c:\programdata\hps\12455\setup_Pixum_EasyBook.exe
2009-12-16 14:55 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-14 10:54 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-12-14 10:54 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-12-08 20:01 . 2010-02-10 06:57 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-08 17:26 . 2010-02-10 06:57 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-12-04 18:30 . 2010-02-10 06:57 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-04 18:29 . 2010-02-10 06:57 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-12-04 18:28 . 2010-02-10 06:57 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-04 18:28 . 2010-02-10 06:57 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-04 18:28 . 2010-02-10 06:57 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-04 18:28 . 2010-02-10 06:57 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-04 18:28 . 2010-02-10 06:57 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-04 18:28 . 2010-02-10 06:57 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-04 18:27 . 2010-02-10 06:57 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-12-04 15:56 . 2010-02-10 06:57 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-12-04 15:56 . 2010-02-10 06:57 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-25 13:14 . 2009-11-20 12:34 101784 ----a-w- c:\users\driesdb\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-21 23:59 . 2009-11-21 23:59 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-11-21 23:59 . 2009-11-21 23:59 272896 ----a-w- c:\windows\system32\polstore.dll
2009-11-21 23:51 . 2009-11-21 23:51 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-11-21 23:51 . 2009-11-21 23:51 17920 ----a-w- c:\windows\system32\netevent.dll
2009-11-21 23:51 . 2009-11-21 23:51 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-11-21 23:51 . 2009-11-21 23:51 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-11-21 23:51 . 2009-11-21 23:51 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-11-21 23:51 . 2009-11-21 23:51 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-11-21 23:51 . 2009-11-21 23:51 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-11-21 23:51 . 2009-11-21 23:51 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-11-21 23:51 . 2009-11-21 23:51 10240 ----a-w- c:\windows\system32\finger.exe
2009-11-21 23:45 . 2009-11-21 23:45 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-11-21 23:45 . 2009-11-21 23:45 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2009-11-21 23:45 . 2009-11-21 23:45 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-11-21 23:45 . 2009-11-21 23:45 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-11-21 23:45 . 2009-11-21 23:45 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-11-21 23:45 . 2009-11-21 23:45 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-11-21 23:45 . 2009-11-21 23:45 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2009-11-21 23:43 . 2009-11-21 23:43 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-11-21 23:43 . 2009-11-21 23:43 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-11-21 23:43 . 2009-11-21 23:43 23552 ----a-w- c:\windows\system32\lpk.dll
2009-11-21 23:43 . 2009-11-21 23:43 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-11-21 23:41 . 2009-11-21 23:41 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-11-21 23:41 . 2009-11-21 23:41 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-21 23:41 . 2009-11-21 23:41 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-11-21 23:41 . 2009-11-21 23:41 9728 ----a-w- c:\windows\system32\lsass.exe
2009-11-21 23:41 . 2009-11-21 23:41 72704 ----a-w- c:\windows\system32\secur32.dll
2009-11-21 23:41 . 2009-11-21 23:41 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-11-21 23:35 . 2009-11-21 23:35 2868224 ----a-w- c:\windows\system32\mf.dll
2009-11-21 23:35 . 2009-11-21 23:35 98816 ----a-w- c:\windows\system32\mfps.dll
2009-11-21 23:35 . 2009-11-21 23:35 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-11-21 23:35 . 2009-11-21 23:35 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-11-21 23:35 . 2009-11-21 23:35 2048 ----a-w- c:\windows\system32\mferror.dll
2009-11-21 23:24 . 2009-11-21 23:24 71680 ----a-w- c:\windows\system32\atl.dll
2009-11-21 23:11 . 2009-11-21 23:11 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-11-21 23:10 . 2009-11-21 23:10 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-11-21 23:10 . 2009-11-21 23:10 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-11-21 23:10 . 2009-11-21 23:10 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-11-21 22:35 . 2009-11-21 22:35 623616 ----a-w- c:\windows\system32\localspl.dll
2009-11-21 22:33 . 2009-11-21 22:33 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-11-21 22:24 . 2009-11-21 22:24 5071872 ----a-w- c:\windows\system32\NlsModels0011.dll
2009-11-21 22:19 . 2009-11-21 22:19 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-11-21 22:01 . 2009-11-21 22:01 37888 ----a-w- c:\windows\system32\printcom.dll
2009-11-21 22:00 . 2009-11-21 22:00 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-21 21:59 . 2009-11-21 21:59 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-11-21 21:58 . 2009-11-21 21:58 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-11-21 20:25 . 2009-11-21 20:25 1961720 ----a-w- c:\users\driesdb\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdatea x.exe
2009-11-21 20:14 . 2009-11-21 20:14 101784 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-11-21 20:14 . 2009-11-21 20:14 8224 ----a-w- c:\users\Administrator\AppData\Local\GDIPFONTCACHE V1.DAT
2009-11-21 19:52 . 2009-11-21 19:52 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-11-21 19:44 . 2009-11-21 19:44 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-11-21 19:44 . 2009-11-21 19:44 2560 ----a-w- c:\windows\AppPatch\AcRes.dll
2009-11-21 19:44 . 2009-11-21 19:44 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2009-11-21 19:44 . 2009-11-21 19:44 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2009-11-21 19:44 . 2009-11-21 19:44 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2010-01-18 39408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-06-11 1286144]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-06-27 752136]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-01-28 2757512]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]
c:\users\driesdb\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-9-3 535336]
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\eNetHook.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Users^driesdb^AppData^Roam ing^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\users\driesdb\AppData\Roaming\Microsoft\Wi ndows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
2007-05-22 13:49 151552 ----a-w- c:\acer\AcerTour\Reminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2007-06-06 08:06 159744 ----a-w- c:\program files\Apoint2K\Apoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
2007-10-30 18:52 16200 ----a-w- c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-03-21 12:00 174872 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-07-25 15:39 8470528 ----a-w- c:\windows\System32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-07-25 15:39 81920 ----a-w- c:\windows\System32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-07-25 15:39 86016 ----a-w- c:\windows\System32\nvsvc.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
2007-05-24 12:38 206952 ------w- c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-06-15 08:45 1826816 ----a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2006-11-05 20:48 57344 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):ac,7f,ae,eb,4f,7e,ca,01
R0 AFS;AFS;c:\windows\System32\drivers\AFS.SYS [21/11/2009 10:42 77004]
R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [3/02/2010 17:05 64288]
R1 aswSP;aswSP;c:\windows\System32\drivers\aswSP.sys [3/02/2010 8:57 163280]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [20/11/2009 13:37 13560]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswF sBlk.sys [3/02/2010 8:57 19024]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\as wMonFlt.sys [3/02/2010 8:57 51792]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2/12/2009 14:19 1181328]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [4/09/2007 0:01 32256]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/02/2010 10:56 135664]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [4/09/2007 0:01 179712]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de 'Gedeelde Taken' map
2010-02-16 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 16:07]
2010-02-16 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 16:07]
2010-02-16 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 16:07]
2010-02-16 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 16:07]
2010-02-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 16:07]
2010-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 09:55]
2010-02-16 c:\windows\Tasks\User_Feed_Synchronization-{499049F6-E198-45E0-B4A2-5D358A480768}.job
- c:\windows\system32\msfeedssync.exe [2010-01-21 04:56]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://baerdemaekerkes.proboards.com/index.cgi?board=general
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.telenet.be
mWindow Title = Telenet Internet
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6 FF0C6D236BF8.dll/cmsidewiki.html
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.be/ips-opdata/layout/hema/objects/jordan.cab
.
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-16 14:24
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
************************************************** ************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{ 49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
- - - - - - - > 'Explorer.exe'(4848)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
.
Voltooingstijd: 2010-02-16 14:29:12
ComboFix-quarantined-files.txt 2010-02-16 13:29
ComboFix2.txt 2010-02-16 09:19
ComboFix3.txt 2010-02-08 16:58
Pre-Run: 23.290.798.080 bytes beschikbaar
Post-Run: 23.153.082.368 bytes beschikbaar
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 1B58BA45F4BE5E55F1114AB8D77410AF

Hoi,

ik zie dat je ComboFix hier http://www.hijackthis.nl/forum/viewtopic.php?f=4&t=25756 al gebruikt hebt!!! Gelieve de richtlijnen van Eric daar te volgen daar ik hier niet meer kan zien wat er wel en niet verwijderd werd!!! deze gaat dus op slot.