PcGirl

Dankjewel voor je hulp! 

Hey Abbs,

 

De laptop blijft draaien alsof hij constant bezig is... Heb ook al Avast verwijderd en opnieuw geïnstalleerd, maar ook daar is er geen verschil te merken. 

 

Dag Abbs,

 

Ik heb gisteren nog een schijfcontrole uitgevoerd. Ik kreeg wel niet de optie om bepaalde zaken aan te vinken... Maar er werden uiteindelijk geen fouten gevonden.

Er was een heel klein beetje stof, maar dat heb ik eruit geblazen. 

 

Ik weet wel niet meer hoe het allemaal aanstond  Kan ik het gewoon ook allemaal op uitgeschakeld laten staan?

 

Ok, dat heb ik gedaan. Er was eentje dat niet wilde uitschakelen en op ingeschakeld bleef staan (zie foto).

 

Het blijft ook draaien...

 

 

De laptop start veel sneller op en is ook veel sneller nu, maar het geluid (draaien en blazen) is nog steeds op de achtergrond aanwezig. Het is precies of de laptop steeds met iets bezig is. 

Wat kan dat zijn?

Dag Abbs,

 

In bijlage het tekstbestand. 

startup.txt

Ik hoor nog steeds precies iets constant draaien op de achtergrond.

De laptop is wel sneller!

Ik hoop dat het gelukt is! De laptop viel uit (batterij plat) tijdens het heropstarten. 

In bijlage het logje. 

Fixlog.txt

In bijlage de logjes!

FRST.txt Addition.txt

Beste,

 

Ik ben nieuw op dit forum en ik hoop dat ik op de juiste plaats ben om mijn vraag te stellen.

Mijn laptop is sinds een tijdje erg traag: trage opstart, trage reacties en er lijkt constant op de achtergrond iets te draaien. Ik vraag me af of er een virus o.i.d. is dat dit kan veroorzaken? Mijn virusscanner (Avast) geeft echter geen virussen aan. 

 

Wat kan ik nog doen om mijn laptop terug sneller te laten gaan?

 

Groetjes! 

 

Ok!

Bedankt voor je hulp!

Hey!

Bedankt voor je antwoord! Via die weg lukt het echter ook niet...

Maar ik heb gisteren enkele dingen geprobeerd en ben dan uiteindelijk op microsoft site uitgekomen om na te kijken of mijn Office wel legitiem is. Toen ik dus een 'Office valideren' uitvoerde, kreeg ik de melding dat het geen legitieme versie is (Probleem: De productcode die bij de installatie van Office is opgegeven, wordt door Microsoft herkend als een productcode die aan een grote klant is verstrekt. Deze productcode is gereserveerd voor exclusief gebruik van die klant en kan niet worden gebruikt om andere exemplaren van Microsoft Office te installeren.)

Ik snap het niet goed, want ik heb de laptop 2 jaar geleden met alles erop en eraan gekocht... Hoe kan dat dan niet legitiem zijn? :s

Ik heb dan bij windows update aangegeven dat hij die update niet meer moet weergeven..

Hallo!

Al een paar dagen heb ik het probleem dat mijn laptop (windows XP) steeds een melding geeft voor een automatische update. Als ik deze dan installeer krijg ik daarna telkens volgend bericht: "De volgende updates zijn niet geïnstalleerd: Meldingen van Office Genuine Advantage (KB949810) nl"

Daarna kan ik enkel op 'afsluiten' klikken. En dan begint het spelletje weer vanaf het begin... Enkele uren later weer hetzelfde bericht met hetzelfde gevolg.

Op mijn pc staat een legale versie van office 2003.

Kunnen jullie mij helpen?

Alvast bedankt!

De foutmelding bij opstarten heb ik niet meer gehad . Firefox geeft af en toe nog de foutmelding, maar misschien ligt het aan firefox zelf?

De laptop is nog steeds wat traag. Ik zal nog eens een schijfopruiming doen!!

Bedankt voor het snelle antwoord. De map die ik moest verwijderen (C:\Windows\System32\bycool) vond ik echter niet terug...

Hier is het logje van MBAM (de scan duurde niet lang, en heeft niets gevonden)

Malwarebytes' Anti-Malware 1.33

Database versie: 1704

Windows 5.1.2600 Service Pack 3

29/01/2009 14:37:02

mbam-log-2009-01-29 (14-37-02).txt

Scan type: Snelle Scan

Objecten gescand: 52830

Verstreken tijd: 3 minute(s), 49 second(s)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 0

Registerwaarden geïnfecteerd: 0

Registerdata bestanden geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registerwaarden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Hallo!

Mijn laptop is de laatste tijd nogal traag. Voor dit probleem heb ik wat opgeruimd met ccleaner en schijfdefragmentaties uitgevoerd. Toch blijft hij traag (opstarten, afsluiten, programma’s openen). Ook doet firefox de laatste tijd nogal vreemd. Ik krijg veel foutmeldingen, zoals: “firefox is al actief, maar reageert niet.” (zie bijlage)

Gisteren zat ik bovendien met een probleem met word 2003 (ik kreeg tekens zoals ¨¨, ^^, “” telkens dubbel als ik er slecht 1 keer op klikte en de tekens kwamen ook niet boven mijn letter te staan, vb: ¨¨e in plaats van ë) Ik dacht misschien dat het spyware was en heb Spywaredoctor, Ad-aware en a-squared free laten draaien. Hieruit bleek dat ik met een worm zat. Na deze te verwijderen had ik het probleem in word niet meer. Maar toen ik vanmorgen mijn laptop aanzette kreeg ik volgende melding: “windows kan het bestand c:\windows\system32\bycool\myapp.exe niet vinden” (zie bijlage). Wat kan ik hieraan doen?

Hier is mijn HJT logje:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:28:37, on 29/01/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Launch Manager\Wbutton.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Launch Manager\PowerKey.exe

C:\Program Files\Acer\Acer Arcade\PCMService.exe

C:\Program Files\Launch Manager\OSDCtrl.exe

C:\Program Files\Launch Manager\HotkeyApp.exe

C:\Program Files\Launch Manager\LaunchAp.exe

C:\Acer\Empowering Technology\eRecovery\Monitor.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

C:\WINDOWS\system32\WLTRAY.exe

C:\Acer\Empowering Technology\admtray.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Windows\System32\bycool\winacces.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Labtec NumPad\Magickey.exe

C:\WINDOWS\system32\spoolsv.exe

C:\DOCUME~1\ACER\LOCALS~1\Temp\RtkBtMnt.exe

C:\Program Files\a-squared Free\a2service.exe

C:\Acer\Empowering Technology\admServ.exe

C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Acer | Product registration

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

O4 - HKLM\..\Run: [synTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"

O4 - HKLM\..\Run: [synTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe

O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"

O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC

O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"

O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC

O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"

O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"

O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\Monitor.exe"

O4 - HKLM\..\Run: [eDataSecurity Loader] "C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe"

O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY

O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [DRIVESYS] C:\Windows\System32\bycool\winacces.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Enable Labtec NumPad.lnk = C:\Program Files\Labtec NumPad\Magickey.exe

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tanyoz.spaces.live.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182946259000

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,4938/mcfscan.cab

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--

End of file - 9801 bytes

Ok, dat heb ik nog allemaal gedaan! Hartelijk bedankt!

Ik ben eens gaan kijken op de site van mozilla zelf en na een tijdje zoeken, heb ik het gevonden. Dit geven ze als oplossing voor het probleem:

"Check the connection settings: Tools > Options > Advanced : Network : Connection : Direct connection to the internet"

(Nederlands: Extra > Opties > Geavanceerd : Netwerk : Verbinding : Proxyinstellingen voor dit netwerk automatisch detecteren)

Ik heb dit dan maar geprobeerd en het werkte weer! Maar hoe komt dit? Ik heb aan deze instellingen nooit iets veranderd... Kan dit aan malware liggen?

Sorry.. ik kreeg foutmelding en poste blijkbaar 2 keer hetzelfde!

Nog geen verandering..

En wat kan ik doen om dat pijltje in mijn balk terug te krijgen?

Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:29:56, on 4/12/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\a-squared Free\a2service.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Acer\Empowering Technology\admServ.exe

C:\Program Files\Launch Manager\Wbutton.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Launch Manager\PowerKey.exe

C:\Program Files\Acer\Acer Arcade\PCMService.exe

C:\Program Files\Launch Manager\OSDCtrl.exe

C:\Program Files\Launch Manager\HotkeyApp.exe

C:\Program Files\Launch Manager\LaunchAp.exe

C:\Acer\Empowering Technology\eRecovery\Monitor.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

C:\WINDOWS\system32\WLTRAY.exe

C:\Acer\Empowering Technology\admtray.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Labtec NumPad\Magickey.exe

C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Acer | Product registration

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

O4 - HKLM\..\Run: [synTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"

O4 - HKLM\..\Run: [synTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe

O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"

O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC

O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"

O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC

O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"

O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"

O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\Monitor.exe"

O4 - HKLM\..\Run: [eDataSecurity Loader] "C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe"

O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY

O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Enable Labtec NumPad.lnk = C:\Program Files\Labtec NumPad\Magickey.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tanyoz.spaces.live.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182946259000

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,4938/mcfscan.cab

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--

End of file - 9514 bytes

ComboFix log:

ComboFix 08-12-04.04 - ACER 2008-12-04 23:25:34.1 - FAT32x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.536 [GMT 1:00]

Gestart vanuit: c:\documents and settings\ACER\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\ACER\Bureaublad\CFScript.txt

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((( Bestanden Gemaakt van 2008-11-04 to 2008-12-04 ))))))))))))))))))))))))))))))

.

2008-12-04 14:46 . 2008-12-04 14:46 <DIR> dr-h----- c:\documents and settings\ACER\Onlangs geopend

2008-12-04 13:52 . 2008-12-04 13:52 <DIR> d-------- c:\temp\google

2008-12-04 13:52 . 2008-12-04 13:52 <DIR> d-------- C:\temp

2008-11-30 16:31 . 2008-11-30 16:31 244 --ah----- C:\sqmnoopt01.sqm

2008-11-30 16:31 . 2008-11-30 16:31 232 --ah----- C:\sqmdata01.sqm

2008-11-24 03:31 . 2008-11-24 03:31 1,120 --a------ c:\windows\system32\history.aaw

2008-11-23 21:31 . 2008-11-23 21:31 <DIR> d-------- c:\program files\Lavasoft

2008-11-23 21:30 . 2008-11-23 21:30 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard

2008-11-23 18:17 . 2008-11-23 18:17 <DIR> d-------- c:\program files\Spyware Doctor

2008-11-23 18:17 . 2008-11-25 19:00 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys

2008-11-23 18:17 . 2008-11-25 19:00 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys

2008-11-23 18:17 . 2008-11-25 19:00 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys

2008-11-23 18:17 . 2008-06-02 15:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys

2008-11-23 18:05 . 2008-11-23 18:05 <DIR> d-------- c:\program files\a-squared Free

2008-11-21 00:13 . 2008-11-21 00:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\MumboJumbo

2008-11-15 16:40 . 2008-11-15 16:40 <DIR> d-------- c:\documents and settings\ACER\Application Data\SecretIslandEng

2008-11-13 13:09 . 2008-11-13 13:09 <DIR> d-------- c:\program files\MSXML 4.0

2008-11-13 12:55 . 2008-09-04 18:17 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll

2008-11-13 12:55 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-03 18:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys

2008-12-03 18:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys

2008-11-01 19:08 --------- d-----w c:\documents and settings\All Users\Application Data\PBGsavesDirectory

2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe

2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll

2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll

2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll

2008-10-15 17:37 337,408 ------w c:\windows\system32\dllcache\netapi32.dll

2008-10-03 18:38 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll

2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll

2008-09-15 16:28 1,846,528 ----a-w c:\windows\system32\win32k.sys

2008-09-15 16:28 1,846,528 ------w c:\windows\system32\dllcache\win32k.sys

2008-09-10 01:16 1,307,648 ----a-w c:\windows\system32\msxml6.dll

2008-09-10 01:16 1,307,648 ------w c:\windows\system32\dllcache\msxml6.dll

2008-09-08 11:41 333,824 ------w c:\windows\system32\dllcache\srv.sys

2008-09-04 17:17 1,106,944 ----a-w c:\windows\system32\msxml3.dll

2008-05-06 19:51 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat

2008-05-22 22:39 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008052220080523\index.dat

2008-05-22 22:41 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY" [X]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]

"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2005-11-08 81920]

"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-05 98394]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-05 688218]

"preload"="c:\windows\RUNXMLPL.exe" [2004-04-20 40960]

"PowerKey"="c:\program files\Launch Manager\PowerKey.exe" [2002-08-30 94208]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2005-08-31 147456]

"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]

"LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2005-07-25 241664]

"LManager"="c:\program files\Launch Manager\HotkeyApp.exe" [2005-11-08 69632]

"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768]

"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312]

"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632]

"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480]

"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"RTHDCPL"="RTHDCPL.EXE" [2006-01-11 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Enable Labtec NumPad.lnk - c:\program files\Labtec NumPad\Magickey.exe [2007-12-24 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.ffds"= ffdshow.ax

"msacm.ac3filter"= ac3filter.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]

backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk]

backup=c:\windows\pss\Google Updater.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

--a------ 2006-02-07 06:10 98304 c:\program files\Lexmark 2400 Series\ezprint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]

--a------ 2006-02-02 09:11 290816 c:\program files\Lexmark Fax Solutions\fm3032.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]

--a------ 2004-08-04 05:00 208952 c:\windows\ime\imjp8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]

--a------ 2006-01-22 18:45 286720 c:\program files\Lexmark 2400 Series\lxcrmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2006-09-01 15:57 282624 c:\program files\QuickTime\qttask.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-05 111184]

R1 Hotkey;Hotkey;c:\windows\system32\drivers\Hotkey.sys [2003-04-28 9867]

R1 OsaFsLoc;OsaFsLoc;\??\c:\windows\system32\drivers\OsaFsLoc.sys [2006-09-22 12106]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-04-05 20560]

R2 osaio;osaio;\??\c:\windows\system32\drivers\osaio.sys [2006-09-22 7296]

R2 osanbm;osanbm;\??\c:\windows\system32\drivers\osanbm.sys [2006-09-22 4010]

R3 NdisFilt;OSA NdisFilter Protocol;c:\windows\system32\Drivers\NdisFilt.sys [2006-09-22 4392]

R3 POWERKEY;POWERKEY;\??\c:\program files\Launch Manager\POWERKEY.sys [2000-12-19 2343]

R3 USBNumPad;Numberpad USB Keyboard;c:\windows\system32\Drivers\USBNumPad.sys [2007-12-24 9600]

S1 mailKmd;mailKmd; []

S1 Wbutton;Wbutton;c:\windows\system32\drivers\Wbutton.sys []

S3 ALSysIO;ALSysIO;\??\c:\docume~1\ACER\LOCALS~1\Temp\ALSysIO.sys []

S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-11-23 356920]

S3 SI15CI;SI15CI;\??\c:\elements\1stboot\SI15CI.SYS []

.

Inhoud van de 'Gedeelde Taken' map

2008-12-04 c:\windows\Tasks\1-Click Maintenance.job

- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe []

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.hln.be/

mStart Page = hxxp://www.msn.com

uInternet Connection Wizard,ShellNext = hxxp://www.aceradvantage.com/stdreg

c:\windows\Downloaded Program Files\ewidoOnlineScan.dll - O16 -: {193C772A-87BE-4B19-A7BB-445B226FE9A1}

hxxp://downloads.ewido.net/ewidoOnlineScan.cab

FireFox -: Profile - c:\documents and settings\ACER\Application Data\Mozilla\Firefox\Profiles\3kn7c2t0.default\

FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.be/

FF -: plugin - c:\progra~1\MOZILL~1\plugins\np_gp.dll

FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll

FF -: plugin - c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll

FF -: plugin - c:\program files\Mozilla Firefox\plugins\np_gp.dll

FF -: plugin - c:\program files\Mozilla Firefox\plugins\npadjdet.dll

FF -: plugin - c:\program files\Mozilla Firefox\plugins\npbittorrent.dll

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-04 23:27:03

Windows 5.1.2600 Service Pack 3 FAT NTAPI

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(824)

c:\windows\system32\Ati2evxx.dll

c:\windows\System32\BCMLogon.dll

.

Voltooingstijd: 2008-12-04 23:27:38

ComboFix-quarantined-files.txt 2008-12-04 22:27:38

ComboFix2.txt 2008-12-04 20:31:38

Pre-Run: 14.339.964.928 bytes beschikbaar

Post-Run: 14,356,643,840 bytes beschikbaar

179 --- E O F --- 2008-11-13 12:12:48

Ik krijg nog steeds hetzelfde bericht bij firefox en kan dus nog steeds niet op het internet met firefox. Ik heb ook geprobeerd om het opnieuw te installeren en dit maakt geen verschil.

Na het runnen van Combofix is ineens het pijltje van onder in mijn startbalk (om niet actieve pictogrammen weer te geven) verdwenen...

Hier is het logje:

ComboFix 08-12-04.03 - ACER 2008-12-04 21:24:52.1 - FAT32x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.527 [GMT 1:00]

Gestart vanuit: c:\documents and settings\ACER\Bureaublad\ComboFix.exe

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\sys_dll.dll

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_VFILT

(((((((((((((((((((( Bestanden Gemaakt van 2008-11-04 to 2008-12-04 ))))))))))))))))))))))))))))))

.

2008-12-04 14:46 . 2008-12-04 14:46 <DIR> dr-h----- c:\documents and settings\ACER\Onlangs geopend

2008-12-04 13:52 . 2008-12-04 13:52 <DIR> d-------- c:\temp\google

2008-12-04 13:52 . 2008-12-04 13:52 <DIR> d-------- C:\temp

2008-11-30 16:31 . 2008-11-30 16:31 244 --ah----- C:\sqmnoopt01.sqm

2008-11-30 16:31 . 2008-11-30 16:31 232 --ah----- C:\sqmdata01.sqm

2008-11-24 03:31 . 2008-11-24 03:31 1,120 --a------ c:\windows\system32\history.aaw

2008-11-23 21:31 . 2008-11-23 21:31 <DIR> d-------- c:\program files\Lavasoft

2008-11-23 21:30 . 2008-11-23 21:30 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard

2008-11-23 18:17 . 2008-11-23 18:17 <DIR> d-------- c:\program files\Spyware Doctor

2008-11-23 18:17 . 2008-11-25 19:00 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys

2008-11-23 18:17 . 2008-11-25 19:00 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys

2008-11-23 18:17 . 2008-11-25 19:00 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys

2008-11-23 18:17 . 2008-06-02 15:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys

2008-11-23 18:05 . 2008-11-23 18:05 <DIR> d-------- c:\program files\a-squared Free

2008-11-21 00:13 . 2008-11-21 00:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\MumboJumbo

2008-11-15 16:40 . 2008-11-15 16:40 <DIR> d-------- c:\documents and settings\ACER\Application Data\SecretIslandEng

2008-11-13 13:09 . 2008-11-13 13:09 <DIR> d-------- c:\program files\MSXML 4.0

2008-11-13 12:55 . 2008-09-04 18:17 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll

2008-11-13 12:55 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-03 18:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys

2008-12-03 18:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys

2008-11-01 19:08 --------- d-----w c:\documents and settings\All Users\Application Data\PBGsavesDirectory

2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe

2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll

2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll

2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll

2008-10-15 17:37 337,408 ------w c:\windows\system32\dllcache\netapi32.dll

2008-10-03 18:38 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll

2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll

2008-09-15 16:28 1,846,528 ----a-w c:\windows\system32\win32k.sys

2008-09-15 16:28 1,846,528 ------w c:\windows\system32\dllcache\win32k.sys

2008-09-10 01:16 1,307,648 ----a-w c:\windows\system32\msxml6.dll

2008-09-10 01:16 1,307,648 ------w c:\windows\system32\dllcache\msxml6.dll

2008-09-08 11:41 333,824 ------w c:\windows\system32\dllcache\srv.sys

2008-09-04 17:17 1,106,944 ----a-w c:\windows\system32\msxml3.dll

2008-05-06 19:51 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat

2008-05-22 22:39 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008052220080523\index.dat

2008-05-22 22:41 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY" [X]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]

"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2005-11-08 81920]

"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-05 98394]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-05 688218]

"preload"="c:\windows\RUNXMLPL.exe" [2004-04-20 40960]

"PowerKey"="c:\program files\Launch Manager\PowerKey.exe" [2002-08-30 94208]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2005-08-31 147456]

"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]

"LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2005-07-25 241664]

"LManager"="c:\program files\Launch Manager\HotkeyApp.exe" [2005-11-08 69632]

"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768]

"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312]

"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632]

"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480]

"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"RTHDCPL"="RTHDCPL.EXE" [2006-01-11 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Enable Labtec NumPad.lnk - c:\program files\Labtec NumPad\Magickey.exe [2007-12-24 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.ffds"= ffdshow.ax

"msacm.ac3filter"= ac3filter.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]

backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk]

backup=c:\windows\pss\Google Updater.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

--a------ 2006-02-07 06:10 98304 c:\program files\Lexmark 2400 Series\ezprint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]

--a------ 2006-02-02 09:11 290816 c:\program files\Lexmark Fax Solutions\fm3032.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]

--a------ 2004-08-04 05:00 208952 c:\windows\ime\imjp8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe]

--a------ 2006-01-22 18:45 286720 c:\program files\Lexmark 2400 Series\lxcrmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2006-09-01 15:57 282624 c:\program files\QuickTime\qttask.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-05 111184]

R1 Hotkey;Hotkey;c:\windows\system32\drivers\Hotkey.sys [2003-04-28 9867]

R1 OsaFsLoc;OsaFsLoc;\??\c:\windows\system32\drivers\OsaFsLoc.sys [2006-09-22 12106]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-04-05 20560]

R2 osaio;osaio;\??\c:\windows\system32\drivers\osaio.sys [2006-09-22 7296]

R2 osanbm;osanbm;\??\c:\windows\system32\drivers\osanbm.sys [2006-09-22 4010]

R3 NdisFilt;OSA NdisFilter Protocol;c:\windows\system32\Drivers\NdisFilt.sys [2006-09-22 4392]

R3 POWERKEY;POWERKEY;\??\c:\program files\Launch Manager\POWERKEY.sys [2000-12-19 2343]

R3 USBNumPad;Numberpad USB Keyboard;c:\windows\system32\Drivers\USBNumPad.sys [2007-12-24 9600]

S1 mailKmd;mailKmd; []

S1 Wbutton;Wbutton;c:\windows\system32\drivers\Wbutton.sys []

S3 ALSysIO;ALSysIO;\??\c:\docume~1\ACER\LOCALS~1\Temp\ALSysIO.sys []

S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-11-23 356920]

S3 SI15CI;SI15CI;\??\c:\elements\1stboot\SI15CI.SYS []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c6129ce-822a-11dc-b9f2-0016d3445fcd}]

\Shell\Auto\command - Folders.exe

\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Folders.exe

.

Inhoud van de 'Gedeelde Taken' map

2008-12-04 c:\windows\Tasks\1-Click Maintenance.job

- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe []

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.hln.be/

mStart Page = hxxp://www.msn.com

uInternet Connection Wizard,ShellNext = hxxp://www.aceradvantage.com/stdreg

c:\windows\Downloaded Program Files\ewidoOnlineScan.dll - O16 -: {193C772A-87BE-4B19-A7BB-445B226FE9A1}

hxxp://downloads.ewido.net/ewidoOnlineScan.cab

FireFox -: Profile - c:\documents and settings\ACER\Application Data\Mozilla\Firefox\Profiles\3kn7c2t0.default\

FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.be/

FF -: plugin - c:\progra~1\MOZILL~1\plugins\np_gp.dll

FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll

FF -: plugin - c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll

FF -: plugin - c:\program files\Mozilla Firefox\plugins\np_gp.dll

FF -: plugin - c:\program files\Mozilla Firefox\plugins\npadjdet.dll

FF -: plugin - c:\program files\Mozilla Firefox\plugins\npbittorrent.dll

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-04 21:28:35

Windows 5.1.2600 Service Pack 3 FAT NTAPI

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(824)

c:\windows\system32\Ati2evxx.dll

c:\windows\System32\BCMLogon.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\windows\System32\wltrysvc.exe

c:\windows\System32\bcmwltry.exe

c:\program files\Lavasoft\Ad-Aware\aawservice.exe

c:\windows\system32\Ati2evxx.exe

c:\program files\Alwil Software\Avast4\aswUpdSv.exe

c:\program files\Alwil Software\Avast4\ashServ.exe

c:\program files\a-squared Free\a2service.exe

c:\acer\Empowering Technology\admServ.exe

c:\windows\system32\WLTRAY.exe

c:\program files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe

c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program files\CyberLink\Shared Files\RichVideo.exe

c:\program files\Acer\Acer Arcade\Kernel\TV\CLSched.exe

c:\docume~1\ACER\LOCALS~1\Temp\RtkBtMnt.exe

c:\program files\Alwil Software\Avast4\ashMaiSv.exe

c:\program files\Alwil Software\Avast4\ashWebSv.exe

c:\program files\Alwil Software\Avast4\setup\avast.setup

.

**************************************************************************

.

Voltooingstijd: 2008-12-04 21:31:34 - machine werd herstart

ComboFix-quarantined-files.txt 2008-12-04 20:31:32

Pre-Run: 14.606.336.000 bytes beschikbaar

Post-Run: 14,541,455,360 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect

220 --- E O F --- 2008-11-13 12:12:48

Misschien had ik dit topic beter bij 'internet en netwerk' gezet? Sorry hiervoor!

Hallo!

Gisteren is mijn laptop met het facebook-virus besmet. Toen ik doorhad dat er iets niet klopte (ik had via facebookmail een link doorgekregen waar ik zogezegd een update van flash player nodig had), was het al te laat... Ik weet nu niet of ik het virus heb, want er was een foutmelding gekomen... Maar vanaf dan kan ik dus niet meer op het internet via mozilla firefox (ik krijg bericht: Proxyserver weigerde verbinding) en wél met internet explorer! Kan dit hiermee te maken hebben?

Hier is mijn Hijackthislogje:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:13:04, on 4/12/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Launch Manager\Wbutton.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\a-squared Free\a2service.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Launch Manager\PowerKey.exe

C:\Acer\Empowering Technology\admServ.exe

C:\Program Files\Acer\Acer Arcade\PCMService.exe

C:\Program Files\Launch Manager\OSDCtrl.exe

C:\Program Files\Launch Manager\HotkeyApp.exe

C:\Program Files\Launch Manager\LaunchAp.exe

C:\Acer\Empowering Technology\eRecovery\Monitor.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

C:\WINDOWS\system32\WLTRAY.exe

C:\Acer\Empowering Technology\admtray.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Labtec NumPad\Magickey.exe

C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\DOCUME~1\ACER\LOCALS~1\Temp\RtkBtMnt.exe

C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Acer | Product registration

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

O4 - HKLM\..\Run: [synTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"

O4 - HKLM\..\Run: [synTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe

O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"

O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC

O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"

O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC

O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"

O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"

O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\Monitor.exe"

O4 - HKLM\..\Run: [eDataSecurity Loader] "C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe"

O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY

O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Enable Labtec NumPad.lnk = C:\Program Files\Labtec NumPad\Magickey.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tanyoz.spaces.live.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182946259000

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,4938/mcfscan.cab

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--

End of file - 9979 bytes

Alvast bedankt!

VLC werkt bij mij wel !

Waaraan lag het dan? En moet ik iets doen voor die codec die bij K-Lite codec pack als 'broken' werd gevonden? (K-lite codec pack heb ik wel verwijderd bij het installeren van XP codecpack)