Anki

Kape, Ik heb nog wat zitten sukkelen, maar intussen lijken alle problemen eindelijk van de baan. Mijn schoonmoeder zal content zijn dat ze eindelijk haar pc terug krijgt! Bedankt! Anki

Kape, bedankt voor de hulp, maar jammer genoeg is er nog steeds geen verbetering merkbaar. Het opstarten van IE, bijvoorbeeld, duurt maar liefst 10 volle minuten! Welke mogelijkheden resten mij nog? Nogmaals Combofix (of heeft dat geen enkele zin?)? Een volledige re-install? Misschien is er wel een hardwareprobleem, maar hoe kan ik dat achterhalen?

Hierbij de log (alvast bedankt voor uw hulp, want ik ben behoorlijk radeloos): ComboFix 10-01-27.06 - Lieve Peetermans 28/01/2010 21:26:39.1.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.502.244 [GMT 1:00] Gestart vanuit: c:\documents and settings\Lieve Peetermans\Bureaublad\ComboFix.exe AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\WinPCap c:\program files\WinPCap\daemon_mgm.exe c:\program files\WinPCap\npf_mgm.exe c:\program files\WinPCap\rpcapd.exe c:\windows\EventSystem.log c:\windows\system32\drivers\npf.sys c:\windows\system32\Packet.dll c:\windows\system32\pthreadVC.dll c:\windows\system32\WanPacket.dll c:\windows\system32\wpcap.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_NPF (((((((((((((((((((( Bestanden Gemaakt van 2009-12-28 to 2010-01-28 )))))))))))))))))))))))))))))) . 2010-01-27 21:18 . 2010-01-27 21:18 -------- d-----w- c:\documents and settings\Lieve Peetermans\Application Data\Malwarebytes 2010-01-27 21:18 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-27 21:18 . 2010-01-27 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-01-27 21:18 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-27 21:18 . 2010-01-27 21:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-27 20:32 . 2010-01-27 20:32 -------- d-----w- c:\documents and settings\Lieve Peetermans\Local Settings\Application Data\Threat Expert 2010-01-27 20:19 . 2009-11-10 09:26 767952 ----a-w- c:\windows\BDTSupport.dll 2010-01-27 20:19 . 2009-11-10 09:28 149456 ----a-w- c:\windows\SGDetectionTool.dll 2010-01-27 20:19 . 2009-11-10 09:28 165840 ----a-w- c:\windows\PCTBDRes.dll 2010-01-27 20:19 . 2009-11-10 09:28 1640400 ----a-w- c:\windows\PCTBDCore.dll 2010-01-27 20:19 . 2009-10-28 00:36 1152444 ----a-w- c:\windows\UDB.zip 2010-01-27 20:19 . 2008-11-26 11:08 131 ----a-w- c:\windows\IDB.zip 2010-01-27 20:17 . 2009-10-30 10:11 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2010-01-27 20:17 . 2009-11-09 10:20 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2010-01-27 20:17 . 2009-10-06 15:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2010-01-27 20:17 . 2009-09-03 08:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2010-01-27 20:16 . 2010-01-27 20:16 -------- d-----w- c:\program files\Spyware Doctor 2010-01-27 20:16 . 2010-01-27 20:16 -------- d-----w- c:\program files\Common Files\PC Tools 2010-01-27 20:16 . 2010-01-27 20:16 -------- d-----w- c:\documents and settings\Lieve Peetermans\Application Data\PC Tools 2010-01-27 20:16 . 2010-01-27 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools 2010-01-27 20:16 . 2010-01-27 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\TEMP 2010-01-27 19:41 . 2010-01-27 19:41 -------- d-----w- c:\program files\TrendMicro 2010-01-14 21:55 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-27 19:41 . 2010-01-27 19:41 388096 ----a-r- c:\documents and settings\Lieve Peetermans\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-01-05 09:59 . 2004-08-04 04:00 832512 ----a-w- c:\windows\system32\wininet.dll 2010-01-05 09:59 . 2004-08-04 04:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-01-05 09:59 . 2004-08-04 04:00 17408 ----a-w- c:\windows\system32\corpol.dll 2009-12-18 11:32 . 2006-01-06 18:22 70744 ----a-w- c:\windows\system32\perfc013.dat 2009-12-18 11:32 . 2006-01-06 18:22 444074 ----a-w- c:\windows\system32\perfh013.dat 2009-12-17 09:00 . 2010-01-28 19:54 2747440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100127.049\CCERASER.DLL 2009-11-21 16:03 . 2004-08-04 04:00 471552 ----a-w- c:\windows\AppPatch\AcLayers.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LaunchApp"="Alaunch" [X] "RTHDCPL"="RTHDCPL.EXE" [2005-11-16 15600128] "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-01-07 102491] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-01-07 692315] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632] "PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2005-08-31 147456] "EPM-DM"="c:\acer\Empowering Technology\ePower\epm-dm.exe" [2005-11-25 212992] "Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2005-11-09 3084288] "LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2006-03-30 471040] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-18 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-18 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-18 114688] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-11-18 1243088] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [27/01/2010 21:17 207792] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1007020.00B\SymEFA.sys [22/09/2009 19:58 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1007020.00B\BHDrvx86.sys [22/09/2009 19:58 259632] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1007020.00B\cchpx86.sys [22/09/2009 19:55 482432] R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100125.001\IDSXpx86.sys [28/01/2010 20:53 329592] R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [27/01/2010 21:19 112592] R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [22/09/2009 19:56 117640] R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [27/01/2010 21:40 359624] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [25/02/2009 12:43 102448] --- Andere Services/Drivers In Geheugen --- *Deregistered* - PCTSDInjDriver32 . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-28 21:44 Windows 5.1.2600 Service Pack 3 FAT NTAPI detected NTDLL code modification: ZwClose scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.7.2.11\diMaster.dll\" /prefetch:1" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(1196) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3576) c:\program files\Spyware Doctor\pctgmhk.dll c:\windows\system32\MSNChatHook.dll c:\windows\system32\sysenv.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\acer\Empowering Technology\admServ.exe c:\windows\RTHDCPL.EXE c:\windows\system32\igfxsrvc.exe c:\program files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe c:\windows\system32\igfxext.exe c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\program files\Spyware Doctor\pctsSvc.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\Acer\Acer Arcade\Kernel\TV\CLSched.exe c:\windows\system32\HPZipm12.exe . ************************************************************************** . Voltooingstijd: 2010-01-28 21:51:10 - machine werd herstart ComboFix-quarantined-files.txt 2010-01-28 20:51 Pre-Run: 26.508.263.424 bytes beschikbaar Post-Run: 26.529.857.536 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect - - End Of File - - 790E559C8CC70EB78B2827DFB3E71817

De pc van mijn schoonmoeder is extreem traag en ik heb de opdracht gekregen om dat te verhelpen. De klassieke trukjes heb ik reeds geprobeerd (schijfopruiming, systeemscan, virusscan, schijfdefragmentatie, etc.), maar dat helpt allemaal niet. Via dit forum botste ik op HijackThis, maar ik heb onvoldoende verstand om de logfile zelf te interpreteren en overbodige zaken uit te zuiveren. Wie kan/wil mij helpen? Hieronder de logfile: Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 20:42:28, on 27/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16981) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Acer\Empowering Technology\admServ.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Acer\Empowering Technology\eRecovery\Monitor.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Acer\Empowering Technology\admtray.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Acer\Acer Arcade\PCMService.exe C:\acer\Empowering Technology\ePower\epm-dm.exe C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- End of file - 9542 bytes