Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Laptop tergend langzaam (hijackthi log en malwarebytes log)

Anoniem
None
29 antwoorden
  • Ik ben al een hele week bezig met de laptop op te ruimen van een familielid.
    Haar probleem was (en is) dat de laptop enorm traag opstart en werkt.
    Ik heb enorm veel overbodige bestanden (dubbele foto's enz) weggedaan.
    Omdat ze nog maar 0MB vrij had op de C schijf.
    Intussen is er alweer 5GB vrij.
    Ik heb defragmenatie gedaan, overbodige systeemherstelpunten weggedaan, schijfopruiming. Gescand met Adaware.. CC cleaner.. Spyboth Search & Destroy Malwarebytes…

    Toch blijft de laptop enorm traag, zowel bij 't opstarten als nadien.
    Internet explorer is een ramp! Duurt gemiddeld 6 minuten eer je een woordje kan typen in de zoekoptie.
    Heb Firefox erop gezet, dat gaat al iets sneller.

    Graag jullie advies en eens nakijken van de Hijackthis log

    Eerst de mbam.log:
    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Databaseversie: 6422

    Windows 5.1.2600 Service Pack 2
    Internet Explorer 8.0.6001.18702

    23/04/2011 3:04:08
    mbam-log-2011-04-23 (03-04-08).txt

    Scantype: Snelle scan
    Objecten gescand: 160267
    Verstreken tijd: 14 minuut/minuten, 51 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 1
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 3
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} (Rogue.Multiple) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    De Hijackthis log:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 1:42:00, on 29/04/2011
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\AVG\AVG9\avgchsvx.exe
    C:\Program Files\AVG\AVG9\avgrsx.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\AVG\AVG9\avgcsrvx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Acer\eManager\anbmServ.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG9\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\AVG\AVG9\avgnsx.exe
    C:\Program Files\Maxtor\Sync\SyncServices.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\acer\epm\epm-dm.exe
    C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
    C:\PROGRA~1\AVG\AVG9\avgtray.exe
    C:\Documents and Settings\Bonné Mick\Mijn documenten\iTunesHelper.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
    O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\Bonné Mick\Mijn documenten\iTunesHelper.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Telenet EasyCare.lnk = C:\Program Files\Telenet EasyCare\bin\matcli.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O15 - Trusted Zone: http://*.cbc.be (HKLM)
    O15 - Trusted Zone: http://*.cbc.eu (HKLM)
    O15 - Trusted Zone: http://www.isabel.be (HKLM)
    O15 - Trusted Zone: http://*.isabel.be (HKLM)
    O15 - Trusted Zone: http://ugrade.isabel.eu (HKLM)
    O15 - Trusted Zone: http://www.isabel.eu (HKLM)
    O15 - Trusted Zone: http://*.isabel.eu (HKLM)
    O15 - Trusted Zone: http://*.kbc.be (HKLM)
    O15 - Trusted Zone: http://*.kbc.com (HKLM)
    O15 - Trusted Zone: http://*.kbc.eu (HKLM)
    O15 - Trusted Zone: http://*.kbcbankingforbusiness.com (HKLM)
    O15 - Trusted Zone: http://*.kbcgroup.eu (HKLM)
    O15 - Trusted Zone: http://*.kbcmerchantbanking.com (HKLM)
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: getPlus(R) Helper - GEAR Software Inc. - (no file)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe


    End of file - 13763 bytes


    Alvast bedankt!!!
  • Hoi Labradorreke, je schrijft dat je alweer 5GB vrij hebt gekregen.

    Welnu, dat lezende vraag ik mij af hoe groot de HD dan wel is.
    Is er enkel maar een C-partitie (hoe groot is deze dan) of is er nog meer ruimte op de HD!

    Dat alles kan je vinden via [b:941d776145]Schijbeheer[/b:941d776145].

    Weet je niet daar te komen: klik [b:941d776145]Deze computer[/b:941d776145] met rechts aan, kies voor [b:941d776145]Beheren[/b:941d776145].

    In het nieuwe venster klik je dan in de linkerkolom op [b:941d776145]Schijfbeheer[/b:941d776145]
  • Er is een C schijf van 26 GB
    en er is een D schijf van 26GB

    Op de D schijf is intussen 18 GB vrij
    Op de C schijf 21 GB vrij

    Moet er iets aan de Hijackthis log gefixed worden?
  • Ja - doe dat maar - lees onderstaande:

    [b:3a868be90d]Welk programma[/b:3a868be90d]: Trend Micro [b:3a868be90d]Hijack This Versie 2.0.4[/b:3a868be90d]
    [b:3a868be90d]Waarvoor/waarom[/b:3a868be90d]: maakt een duidelijk overzicht van Windows door middel van een scan.
    [b:3a868be90d]Moeilijkheidsgraad[/b:3a868be90d]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven.

    [b:3a868be90d]Download[/b:3a868be90d] de [b:3a868be90d]HijackThis Installer[/b:3a868be90d]

    [b:3a868be90d]Installatie[/b:3a868be90d]:
    [list:3a868be90d][*:3a868be90d]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:3a868be90d]
    Gebruikers van [b:3a868be90d]Windows Vista[/b:3a868be90d] en [b:3a868be90d]Windows 7[/b:3a868be90d] gaan daarna naar de installatielokatie van HijackThis.
    [list:3a868be90d][*:3a868be90d]Vervolgens met rechts hijackthis.exe aanklikken en dan Eigenschappen kiezen.
    [*:3a868be90d]Klik nu op de tab Comptabiliteit en zet dan een vinkje bij Als Administrator uitvoeren.
    [*:3a868be90d]Als laatste wordt dan nog op [b:3a868be90d]Toepassen[/b:3a868be90d] en [b:3a868be90d]OK[/b:3a868be90d] geklikt[/list:u:3a868be90d]
    [b:3a868be90d]Hijack This gebruiken[/b:3a868be90d]:
    [list:3a868be90d][*:3a868be90d]Sluit eerst alle openstaande programma's en de webbrowsers.
    [*:3a868be90d]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile'
    [*:3a868be90d]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'.
    [*:3a868be90d]Kopieer en plak inhoud van het Hijack This-logfile in je aansluitende bericht.
    [*:3a868be90d]Hierna mag je Hijack This weer sluiten[/list:u:3a868be90d]
  • Heu… in mijn eerste bericht stond al een hijackthis log… :?
  • Je hebt gelijk.
    Hoe oud is die PC al, gezien de naar huidige maatstaven klein hardddisk?

    Je mag nu het onderstaande gaan doen:

    [b:c47da61206]Doe de ESET online scan (Klik).[/b:c47da61206]
    [list:c47da61206]
    [*:c47da61206]Klik op de knop [b:c47da61206]ESET Online Scanner[/b:c47da61206]
    [*:c47da61206]Zet een vinkje bij [b:c47da61206]YES, I accept the Terms of Use[/b:c47da61206]
    [*:c47da61206]Klik op [b:c47da61206]Start[/b:c47da61206]
    [*:c47da61206]Sta het ActiveX control toe om te installeren.
    [*:c47da61206]Klik op [b:c47da61206]"Advanced settings"[/b:c47da61206]
    [*:c47da61206]Zet een vinkje bij de volgende opties:
    [list:c47da61206][*:c47da61206][b:c47da61206]Remove found threats[/b:c47da61206]
    [*:c47da61206][b:c47da61206]Scan archives[/b:c47da61206]
    [*:c47da61206][b:c47da61206]Scan for potentially unwanted applications[/b:c47da61206]
    [*:c47da61206][b:c47da61206]Scan for potentially unsafe applications[/b:c47da61206]
    [*:c47da61206][b:c47da61206]Enable Anti-Stealth technology [/b:c47da61206][/list:u:c47da61206]
    [*:c47da61206]Klik op [b:c47da61206]Start[/b:c47da61206]
    [*:c47da61206]De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
    [*:c47da61206]Je mag het venster sluiten wanneer de scan klaar is.
    [*:c47da61206]Gebruik [b:c47da61206]Kladblok[/b:c47da61206] om het logje te openen. Dit logje vind je in de lokatie C:\Program Files\EsetOnlineScanner\[b:c47da61206]log.txt[/b:c47da61206]
    [*:c47da61206]Kopieer en plak de inhoud van dit logje in je volgende bericht.[/list:u:c47da61206]
    N.B.: deaktiveer tijdelijk je eigen antivirus tijdens de scan, dan is de onlinescan sneller!
  • Denk dat laptop inderdaad al wel een jaar of zes is…

    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner.ocx - registred OK
    # version=7
    # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
    # OnlineScanner.ocx=1.0.0.6427
    # api_version=3.0.2
    # EOSSerial=d3070767f2287e49b35ce33605a28843
    # end=finished
    # remove_checked=true
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2011-04-30 12:33:37
    # local_time=2011-04-30 02:33:37 (+0100, Romance (zomertijd))
    # country="Belgium"
    # lang=1033
    # osver=5.1.2600 NT Service Pack 2
    # compatibility_mode=512 16777215 100 0 285461 285461 0 0
    # compatibility_mode=1024 16777175 100 0 42386987 42386987 0 0
    # compatibility_mode=8192 67108863 100 0 339 339 0 0
    # scanned=97107
    # found=2
    # cleaned=2
    # scan_time=7936
    F:\Muziek\Engelstalig\01 Track 1.wma probably a variant of Win32/Agent.BZFASNN trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    F:\Muziek\Engelstalig\02 Track 2 (springsteen).wma WMA/TrojanDownloader.Wimad.K trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
  • Hoi Labradorreke, je mag nu via Configuratiescherm\Software Eset weer verwijderen.

    Doe daarna dit: een test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is.

    Download naar je bureaublad [b:8436de9222][/b:8436de9222].
    [list:8436de9222][*:8436de9222] Klik/dubbelklik op [b:8436de9222]SecurityCheck.exe[/b:8436de9222] en let op de instrukties in het zwarte vesnter.
    [*:8436de9222] Een Kladblok document genaamd [b:8436de9222]checkup.txt[/b:8436de9222] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:8436de9222] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:8436de9222]
    Post de inhoud van [b:8436de9222]checkup.txt [/b:8436de9222]in je volgende post.
  • Results of screen317's Security Check version 0.99.10
    Windows XP Service Pack 2

    Internet Explorer 8
    [b:f99feab977]``````````````````````````````
    [u:f99feab977]Antivirus/Firewall Check:[/u:f99feab977][/b:f99feab977]
    AVG Free 9.0
    [b:f99feab977]```````````````````````````````
    [u:f99feab977]Anti-malware/Other Utilities Check:[/u:f99feab977][/b:f99feab977]
    Ad-Aware
    Malwarebytes' Anti-Malware
    CCleaner
    Java(TM) 6 Update 24
    Adobe Flash Player 10.0.32.18
    Adobe Reader 7.0.8 - Nederlands
    Adobe Reader 7.0.5 Language Support
  • Hoi Labradorreke, nu is het noodzakelijk Windows uptadate te maken, de verouderde antivirus door een moderne variant te vervangen
    en als dat allemaal gedaan is volgt in een volgende stap optimalistatie!

    Ten eerste: download de volgende onderdelen naar het bureablad:

    a) Windows XP Service Pack 3 - http://www.microsoft.com/downloads/nl-nl/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4&DisplayLang=nl

    b) AVG Remover(32bit) 2011 - http://download.avg.com/filedir/util/support/avg_remover_stf_x86_2011_1322.exe

    c) Avast 6\2011 Free: [b:a929fb83ad]Downloadlink Avast 6 Free[/b:a929fb83ad]


    Werlwijze:

    1) laat het AVG Removertool AVG verwijderen.
    Na de herstart het notebook:

    2) ga naar Configuratiescherm\Software en verwijder daar Lavasoft AdAware

    Herstart wederom het notebook en installeer vervolgens Windows XP Service Pack 3.

    Is dat gebeurt en de machine is opnieuw opgestart, installeer dan dan eerst Avast 6 en ga vervolgens naar Start\Alle programma's\Windows Update!

    Zorg ervoor dat Windows alle updates installeert!
    Mogelijk zijn er meerdere updaterondes nodig!

    Is dat allemaal achter de rug - post dan een nieuw HijackThis-log.
  • Nog steeds bezig met SP 3 erop te zetten…
    loopt al enkele uurtjes..
    We wachten af!

    Alvast bedankt voor je hulp Abraham!
  • Hoi Labradorreke, dat gaat niet goed!
    De installatie van SP3 had allang gebeurd moeten zijn!

    Ik vraag mij af of die HD nog wel gezond is!

    Overigens: je hebt toch wel eerst AVG verwijderd?
  • Hoi ik heb alle stappen gedaan zoals je hierboven opgegeven hebt.
    AVG was inderdaad verwijderd.
    Uiteindelijk is alles gelukt en heb ik de hijackthislog:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 3:57:22, on 1/05/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\acer\epm\epm-dm.exe
    C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
    C:\Documents and Settings\Bonné Mick\Mijn documenten\iTunesHelper.exe
    C:\Program Files\AVAST Software\Avast\avastUI.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Maxtor\Sync\SyncServices.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
    C:\WINDOWS\system32\wuauclt.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
    O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\Bonné Mick\Mijn documenten\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Telenet EasyCare.lnk = C:\Program Files\Telenet EasyCare\bin\matcli.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O15 - Trusted Zone: http://*.cbc.be (HKLM)
    O15 - Trusted Zone: http://*.cbc.eu (HKLM)
    O15 - Trusted Zone: http://www.isabel.be (HKLM)
    O15 - Trusted Zone: http://*.isabel.be (HKLM)
    O15 - Trusted Zone: http://ugrade.isabel.eu (HKLM)
    O15 - Trusted Zone: http://www.isabel.eu (HKLM)
    O15 - Trusted Zone: http://*.isabel.eu (HKLM)
    O15 - Trusted Zone: http://*.kbc.be (HKLM)
    O15 - Trusted Zone: http://*.kbc.com (HKLM)
    O15 - Trusted Zone: http://*.kbc.eu (HKLM)
    O15 - Trusted Zone: http://*.kbcbankingforbusiness.com (HKLM)
    O15 - Trusted Zone: http://*.kbcgroup.eu (HKLM)
    O15 - Trusted Zone: http://*.kbcmerchantbanking.com (HKLM)
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-beta/OnlineScanner.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: getPlus(R) Helper - GEAR Software Inc. - (no file)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe


    End of file - 14066 bytes
  • Ik heb trouwens ook mijn twijfels over de harde schijf…
    vandaar dat ik alle gegevens (foto's enz)
    op een externe harde schijf heb gezet, zodat ze die al zeker niet kwijt raakt.

    Nu moet ik ook nog even vragen…
    ik heb vorige week selectief opstarten ingeschakeld en een paar dingen uitgevinkt die niet moeten opgestart worden.
    Want er staan een paar vreemde dingen tussen…
    die trouwens na de eerste virusscans verwijderd zijn denk ik.
    Want tijdens het opstarten kwamen altijd foutmeldingen dat die niet gevonden werden.
    heb even een print screen gemaakt:
    het gaat om de 2 voorlaatste…(vreemde tekens!)

    Limewire heb ik er trouwens vanochtend afgezwierd.
    Maar staat er ook nog tussen…

    Mijn idee is ook dat er veel te veel opgestart wordt wat niet nodig is.
    Maar weet ook niet wat je zomaar kan uitvinken…

    Bekijk je eens even?
    Bedankt!
    [img:3801eb14eb]http://i9.photobucket.com/albums/a53/Labradorreke/start.jpg[/img:3801eb14eb]
  • Ik zie al waar e crux zit.

    Teatimer is actief, een onderdeel van Spybot Search en Destroy.

    Dit tool hou ik verantwoordelijk voor de langdurige en waarschijnlijk mislukte installatie van SP3!

    Verwijder Spybot geheel!

    Dat Telenet EasyCare is al een ouder tool - ik denk dat dat zonder problemen ook uitgevinkt mag worden!

    En installeer [b:7471a77fa4]CrystalDiskInfo[/b:7471a77fa4] - een tool dat aangeeft hoe de gezondheid van de HD ervoor staat, door de SMART-gegevens te lezen.
    Is de hoofdkleur "blauw" - is de de HD gezond.
    IS de kleur echter geel, dan zijn er kleinere tot grote problemen met de HD.

    http://crystalmark.info/software/CrystalDiskInfo/index-e.html
  • [img:4ae4faeb04]http://i9.photobucket.com/albums/a53/Labradorreke/crystaldisk.jpg[/img:4ae4faeb04]
  • Na het terug opstarten kreeg ik de melding dat Photogallery niet kon gevonden worden. Er wordt naar een cdrom gevraagd (heb ik niet in m'n bezit) ?
  • Vreemd.

    Post een nieuw Hijack This-log.

    Wat betreft de HD - die melding is nog onschuldig en kan ook weer verdwijnen!
  • Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 21:17:32, on 1/05/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\acer\epm\epm-dm.exe
    C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
    C:\Documents and Settings\Bonné Mick\Mijn documenten\iTunesHelper.exe
    C:\Program Files\AVAST Software\Avast\avastUI.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Maxtor\Sync\SyncServices.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
    O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Documents and Settings\Bonné Mick\Mijn documenten\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O15 - Trusted Zone: http://*.cbc.be (HKLM)
    O15 - Trusted Zone: http://*.cbc.eu (HKLM)
    O15 - Trusted Zone: http://www.isabel.be (HKLM)
    O15 - Trusted Zone: http://*.isabel.be (HKLM)
    O15 - Trusted Zone: http://ugrade.isabel.eu (HKLM)
    O15 - Trusted Zone: http://www.isabel.eu (HKLM)
    O15 - Trusted Zone: http://*.isabel.eu (HKLM)
    O15 - Trusted Zone: http://*.kbc.be (HKLM)
    O15 - Trusted Zone: http://*.kbc.com (HKLM)
    O15 - Trusted Zone: http://*.kbc.eu (HKLM)
    O15 - Trusted Zone: http://*.kbcbankingforbusiness.com (HKLM)
    O15 - Trusted Zone: http://*.kbcgroup.eu (HKLM)
    O15 - Trusted Zone: http://*.kbcmerchantbanking.com (HKLM)
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-beta/OnlineScanner.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: getPlus(R) Helper - GEAR Software Inc. - (no file)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe


    End of file - 13340 bytes
  • Er zit vooruitgang zie ik.

    Je mag het volgende doen:

    sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop [b:360166c650]Fix checked[/b:360166c650] klikt!


    Start nu HijackThis en klik op de knop [b:360166c650]Do a Scan only,

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
    O23 - Service: getPlus(R) Helper - GEAR Software Inc. - (no file)[/b:360166c650]

    [list:360166c650][*:360166c650] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen
    [*:360166c650] Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:360166c650]Fix checked[/b:360166c650]
    [*:360166c650] Klik hierna HijackThis op uit.[/list:u:360166c650]


    Hierna laat je MBAM opnieuw een snelle scan uitvoeren - dit na eerst MBAM te hebben geupdated!

    Post zowel het log van MBAM alsmede ook een nieuw Hijack This-log.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.