Vraag & Antwoord

Beveiliging & privacy

vertraagde computer/programma wat weigert af te sluiten

23 antwoorden
  • Mijn computer reageert erg vertraagd, tevens krijg ik vaak de melding dat het programma niet reageert, dit alles gedurende laatste paar weken. Hieronder volgt de logfile, wie kan er hierin iets vinden? Logfile of HijackThis v1.99.1 Scan saved at 21:36:14, on 8-8-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe D:\Program Files\sygate\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE D:\PROGRA~1\avg\avgcc.exe C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe C:\Program Files\D-Tools\daemon.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe C:\Program Files\McAfee.com\VSO\mcvsshld.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe D:\PROGRA~1\avg\avgamsvr.exe D:\PROGRA~1\avg\avgupsvc.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\UAService7.exe C:\Program Files\Internet Explorer\iexplore.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\Program Files\Outlook Express\msimn.exe C:\WINDOWS\System32\svchost.exe D:\belangrijke hulpprogramma's\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpagina.nl/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\avg\avgcc.exe /STARTUP O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\sygate\smc.exe -startgui O4 - HKLM\..\Run: [MPFEXE] "C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - D:\Program Files\IrfanView\Ebay\Ebay.htm O14 - IERESET.INF: START_PAGE_URL=http://www.startpagina.nl/ O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\avg\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\avg\avgupsvc.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - D:\Program Files\sygate\smc.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
  • Niet echt veel te zien in het log, probeer deze eens. * Download [b:201182f60e]Dr.Web CureIt[/b:201182f60e] naar je bureaublad: [url=ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe]ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe[/url] [list:201182f60e] [*:201182f60e]Dubbelklik [b:201182f60e]drweb-cureit.exe[/b:201182f60e] en sta het toe om de express scan te starten. [*:201182f60e]Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt, klik de Yes to all knop bij de vraag 'cure it?'. Dit is enkel een korte scan. [*:201182f60e]Eenmaal de korte scan is beeïndigd, kan je de drives selecteren die je wilt laten scannen. [*:201182f60e]Selecteer hier alle drives. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen. [*:201182f60e]Klik daarna de [b:201182f60e]groene pijl[/b:201182f60e] rechts om de scan te starten. [*:201182f60e]Klik 'Yes to all' wanneer er gevraagd wordt om cure of move uit te voeren. [*:201182f60e]Nadat de scan gedaan is, in het menu bovenaan, klik [b:201182f60e]File[/b:201182f60e] en kies [b:201182f60e]Save report List[/b:201182f60e]. Bewaar het op je bureaublad. [*:201182f60e]Sluit daarna Dr.Web Cureit. [*:201182f60e][b:201182f60e]Herstart[/b:201182f60e] je computer!! Belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens herstart. [*:201182f60e]Na het herstarten, Kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post. [/list:u:201182f60e]
  • Misschien moet je dan maar eens kijken naar hardware, te beginnen met harddisk en geheugen.
  • Hallo, hier is de logfile, er was een fout gevonden. Wat bedoelt men eigenlijk met de laaste opmerking over hardware e.d.? ============================================================================= Dr.Web(R) Scanner for Windows v4.33.2 (4.33.2.06080) Copyright (c) Igor Daniloff, 1992-2006 Log generated on: 2006-08-09, 14:56:29 [CP397712-B][Joost] Command-line: "C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\cureit.exe" /lng /ini:cureit_XP.ini Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2 ============================================================================= Engine version: 4.33 (4.33.4.07270) Engine API version: 2.01 [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crwtoday.cdb - 543 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43347.cdb - 707 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43346.cdb - 1429 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43345.cdb - 1358 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43344.cdb - 694 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43343.cdb - 1186 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43342.cdb - 744 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43341.cdb - 841 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43340.cdb - 822 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43339.cdb - 1071 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43338.cdb - 989 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43337.cdb - 855 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43336.cdb - 1297 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43335.cdb - 1195 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43334.cdb - 900 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43333.cdb - 1381 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43332.cdb - 1340 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43331.cdb - 2735 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43330.cdb - 2078 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43329.cdb - 2490 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43328.cdb - 743 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43327.cdb - 958 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43326.cdb - 793 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43325.cdb - 713 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43324.cdb - 655 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43323.cdb - 655 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43322.cdb - 778 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43321.cdb - 846 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43320.cdb - 808 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43319.cdb - 764 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43318.cdb - 838 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43317.cdb - 363 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43316.cdb - 730 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43315.cdb - 627 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43314.cdb - 824 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43313.cdb - 842 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43312.cdb - 830 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43311.cdb - 862 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43310.cdb - 853 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43309.cdb - 733 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43308.cdb - 708 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43307.cdb - 839 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43306.cdb - 930 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43305.cdb - 759 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43304.cdb - 721 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43303.cdb - 638 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43302.cdb - 806 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43301.cdb - 504 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crw43300.cdb - 24 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crwebase.cdb - 78674 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\cwrtoday.cdb - 207 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\cwr43301.cdb - 697 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crwrisky.cdb - 1271 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\cwntoday.cdb - 696 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\cwn43303.cdb - 766 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\cwn43302.cdb - 850 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\cwn43301.cdb - 773 virus records [Virus base] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\crwnasty.cdb - 4867 virus records Total virus records: 134600 Key file: C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\cureit.key License key number: 0000000010 Registered to: Dr.Web CureIt Project License key activates: 2005-03-05 License key expires: 2007-03-05 ----------------------------------------------------------------------------- Scan statistics ----------------------------------------------------------------------------- Objects scanned: 0 Infected objects found: 0 Objects with modifications found: 0 Suspicious objects found: 0 Adware programs found: 0 Dialer programs found: 0 Joke programs found: 0 Riskware programs found: 0 Hacktool programs found: 0 Objects cured: 0 Objects deleted: 0 Objects renamed: 0 Objects moved: 0 Objects ignored: 0 Scan speed: 0 Kb/s Scan time: 00:00:00 ----------------------------------------------------------------------------- [Scan path] C:\WINDOWS\System32\smss.exe [Scan path] C:\WINDOWS\system32\csrss.exe [Scan path] C:\WINDOWS\system32\winlogon.exe [Scan path] C:\WINDOWS\system32\services.exe [Scan path] C:\WINDOWS\system32\lsass.exe [Scan path] C:\WINDOWS\system32\svchost.exe [Scan path] C:\WINDOWS\system32\spoolsv.exe [Scan path] C:\WINDOWS\explorer.exe [Scan path] D:\PROGRA~1\avg\avgamsvr.exe [Scan path] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe [Scan path] C:\WINDOWS\system32\nvsvc32.exe [Scan path] C:\WINDOWS\system32\wdfmgr.exe [Scan path] C:\WINDOWS\system32\UAService7.exe [Scan path] C:\WINDOWS\System32\Wbem\wmiprvse.exe [Scan path] C:\WINDOWS\system32\alg.exe [Scan path] C:\WINDOWS\system32\wuauclt.exe [Scan path] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\_start.exe [Scan path] C:\DOCUME~1\Joost\LOCALS~1\Temp\RarSFX0\cureit.exe [Scan path] c:\windows\system32\nvcpl.dll [Scan path] C:\WINDOWS\system32\rundll32.exe [Scan path] C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe [Scan path] C:\Program Files\D-Tools\daemon.exe [Scan path] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe [Scan path] c:\PROGRA~1\mcafee.com\agent\mcagent.exe [Scan path] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe [Scan path] C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe [Scan path] C:\Program Files\McAfee.com\VSO\mcvsshld.exe [Scan path] C:\Program Files\McAfee.com\VSO\oasclnt.exe [Scan path] C:\Program Files\Messenger\msmsgs.exe [Scan path] C:\WINDOWS\System32\CTFMON.EXE [Scan path] d:\progra~1\avg\avgw.exe [Scan path] C:\Documents and Settings\Joost\Menu Start\Programma's\Opstarten\desktop.ini [Scan path] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\desktop.ini [Scan path] C:\WINDOWS\system32\mmsys.cpl [Scan path] C:\WINDOWS\system32\icmui.dll [Scan path] C:\WINDOWS\system32\rshx32.dll [Scan path] C:\WINDOWS\system32\docprop.dll [Scan path] C:\WINDOWS\system32\ntshrui.dll [Scan path] C:\WINDOWS\System32\themeui.dll [Scan path] C:\WINDOWS\system32\deskadp.dll [Scan path] C:\WINDOWS\system32\deskmon.dll [Scan path] C:\WINDOWS\system32\dssec.dll [Scan path] C:\WINDOWS\system32\SlayerXP.dll [Scan path] C:\WINDOWS\system32\shscrap.dll [Scan path] C:\WINDOWS\system32\diskcopy.dll [Scan path] C:\WINDOWS\system32\ntlanui2.dll [Scan path] C:\WINDOWS\system32\printui.dll [Scan path] C:\WINDOWS\system32\dskquoui.dll [Scan path] C:\WINDOWS\system32\syncui.dll [Scan path] C:\WINDOWS\System32\hticons.dll [Scan path] C:\WINDOWS\system32\fontext.dll [Scan path] C:\WINDOWS\system32\deskperf.dll [Scan path] C:\WINDOWS\system32\NETSHELL.dll [Scan path] C:\WINDOWS\system32\wiashext.dll [Scan path] C:\WINDOWS\System32\remotepg.dll [Scan path] C:\WINDOWS\system32\wuaucpl.cpl [Scan path] C:\WINDOWS\system32\wshext.dll [Scan path] C:\Program Files\Common Files\System\Ole DB\oledb32.dll [Scan path] C:\WINDOWS\System32\mstask.dll [Scan path] C:\WINDOWS\system32\shdocvw.dll [Scan path] C:\WINDOWS\System32\shmedia.dll [Scan path] C:\WINDOWS\System32\browseui.dll [Scan path] C:\WINDOWS\System32\sendmail.dll [Scan path] C:\WINDOWS\System32\occache.dll [Scan path] C:\WINDOWS\System32\webcheck.dll [Scan path] C:\WINDOWS\System32\appwiz.cpl [Scan path] C:\WINDOWS\System32\shimgvw.dll [Scan path] C:\WINDOWS\System32\netplwiz.dll [Scan path] C:\WINDOWS\System32\zipfldr.dll [Scan path] C:\WINDOWS\System32\cdfview.dll [Scan path] C:\WINDOWS\System32\msieftp.dll [Scan path] C:\WINDOWS\System32\docprop2.dll [Scan path] C:\WINDOWS\System32\dsquery.dll [Scan path] C:\WINDOWS\System32\dsuiext.dll [Scan path] C:\WINDOWS\System32\mydocs.dll [Scan path] C:\WINDOWS\System32\cscui.dll [Scan path] C:\WINDOWS\msagent\agentpsh.dll [Scan path] C:\WINDOWS\System32\dfsshlex.dll [Scan path] C:\WINDOWS\System32\photowiz.dll [Scan path] C:\WINDOWS\System32\mmcshext.dll [Scan path] C:\WINDOWS\system32\cabview.dll [Scan path] C:\Program Files\Outlook Express\wabfind.dll [Scan path] C:\WINDOWS\system32\wmpshell.dll [Scan path] D:\Program Files\avg\avgse.dll [Scan path] C:\WINDOWS\System32\twext.dll [Scan path] C:\WINDOWS\System32\extmgr.dll [Scan path] D:\Program Files\winrar\rarext.dll [Scan path] C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL [Scan path] D:\Program Files\record now\shlext.dll [Scan path] C:\WINDOWS\system32\dla\tfswshx.dll [Scan path] C:\WINDOWS\system32\Audiodev.dll [Scan path] C:\Program Files\Logitech\Video\Namespc2.dll [Scan path] D:\PROGRA~1\WINZIP\WZSHLSTB.DLL [Scan path] C:\WINDOWS\system32\nvcpl.dll [Scan path] C:\WINDOWS\system32\nvshell.dll [Scan path] C:\WINDOWS\system32\cryptext.dll [Scan path] d:\Program Files\Unlocker\UnlockerCOM.dll [Scan path] C:\WINDOWS\system32\upnpui.dll [Scan path] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Scan path] c:\program files\mcafee.com\mps\mcbrhlpr.dll [Scan path] c:\program files\mcafee.com\mps\popupkiller.dll [Scan path] c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll [Scan path] D:\SPYBOT~1\SDHelper.dll [Scan path] C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [Scan path] C:\WINDOWS\system32\SHELL32.dll [Scan path] C:\WINDOWS\System32\stobject.dll [Scan path] C:\WINDOWS\system32\MsgPlusLoader.dll [Scan path] C:\WINDOWS\system32\crypt32.dll [Scan path] C:\WINDOWS\system32\cryptnet.dll [Scan path] C:\WINDOWS\system32\cscdll.dll [Scan path] C:\WINDOWS\system32\wlnotify.dll [Scan path] C:\WINDOWS\system32\sclgntfy.dll [Scan path] C:\WINDOWS\system32\WRLogonNTF.dll [Scan path] C:\WINDOWS\System32\DRIVERS\3xHybrid.sys [Scan path] C:\WINDOWS\System32\DRIVERS\ACPI.sys [Scan path] C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [Scan path] C:\WINDOWS\system32\drivers\aeaudio.sys [Scan path] C:\WINDOWS\system32\drivers\aec.sys [Scan path] C:\WINDOWS\System32\drivers\afd.sys [Scan path] C:\WINDOWS\System32\DRIVERS\agp440.sys [Scan path] c:\windows\system32\svchost.exe [Scan path] C:\WINDOWS\system32\drivers\ASAPIW2k.sys [Scan path] C:\WINDOWS\System32\DRIVERS\asyncmac.sys [Scan path] C:\WINDOWS\System32\DRIVERS\atapi.sys [Scan path] C:\WINDOWS\system32\DRIVERS\atksgt.sys [Scan path] C:\WINDOWS\System32\DRIVERS\atmarpc.sys [Scan path] C:\WINDOWS\System32\DRIVERS\audstub.sys [Scan path] C:\WINDOWS\System32\Drivers\avg7core.sys [Scan path] C:\WINDOWS\System32\Drivers\avg7rsw.sys [Scan path] C:\WINDOWS\System32\Drivers\avg7rsxp.sys [Scan path] D:\PROGRA~1\avg\avgupsvc.exe [Scan path] C:\WINDOWS\System32\Drivers\avgtdi.sys [Scan path] C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [Scan path] C:\WINDOWS\System32\DRIVERS\cdrom.sys [Scan path] C:\WINDOWS\system32\cisvc.exe [Scan path] C:\WINDOWS\system32\clipsrv.exe [Scan path] c:\windows\system32\dllhost.exe [Scan path] C:\WINDOWS\system32\DRIVERS\d343bus.sys [Scan path] C:\WINDOWS\system32\DRIVERS\d343port.sys [Scan path] C:\WINDOWS\System32\DRIVERS\disk.sys [Scan path] c:\windows\system32\dmadmin.exe [Scan path] C:\WINDOWS\System32\drivers\dmboot.sys [Scan path] C:\WINDOWS\System32\drivers\dmio.sys [Scan path] C:\WINDOWS\System32\drivers\dmload.sys [Scan path] C:\WINDOWS\system32\drivers\DMusic.sys [Scan path] C:\WINDOWS\system32\drivers\drmkaud.sys [Scan path] C:\WINDOWS\system32\drivers\drvmcdb.sys [Scan path] C:\WINDOWS\system32\drivers\drvnddm.sys [Scan path] C:\WINDOWS\System32\DRIVERS\dvd43llh.sys [Scan path] C:\WINDOWS\System32\DRIVERS\e100b325.sys [Scan path] C:\WINDOWS\System32\drivers\enodpl.sys [Scan path] D:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [Scan path] C:\WINDOWS\System32\DRIVERS\fdc.sys [Scan path] C:\WINDOWS\System32\DRIVERS\flpydisk.sys [Scan path] C:\WINDOWS\system32\drivers\fltmgr.sys [Scan path] C:\WINDOWS\System32\DRIVERS\ftdisk.sys [Scan path] C:\WINDOWS\System32\DRIVERS\msgpc.sys [Scan path] C:\WINDOWS\System32\Drivers\HTTP.sys [Scan path] C:\WINDOWS\System32\DRIVERS\i8042prt.sys [Scan path] C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [Scan path] C:\WINDOWS\System32\DRIVERS\imapi.sys [Scan path] C:\WINDOWS\System32\imapi.exe [Scan path] C:\WINDOWS\System32\DRIVERS\intelppm.sys [Scan path] C:\WINDOWS\system32\drivers\ip6fw.sys [Scan path] C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [Scan path] C:\WINDOWS\System32\DRIVERS\ipinip.sys [Scan path] C:\WINDOWS\System32\DRIVERS\ipnat.sys [Scan path] C:\WINDOWS\System32\DRIVERS\ipsec.sys [Scan path] C:\WINDOWS\System32\DRIVERS\irenum.sys [Scan path] C:\WINDOWS\System32\DRIVERS\isapnp.sys [Scan path] C:\WINDOWS\System32\DRIVERS\kbdclass.sys [Scan path] C:\WINDOWS\system32\drivers\kmixer.sys [Scan path] C:\WINDOWS\system32\DRIVERS\lirsgt.sys [Scan path] C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [Scan path] c:\program files\mcafee.com\agent\mcdetect.exe [Scan path] c:\PROGRA~1\mcafee.com\vso\mcshield.exe [Scan path] c:\PROGRA~1\mcafee.com\agent\mctskshd.exe [Scan path] C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe [Scan path] C:\WINDOWS\System32\mnmsrvc.exe [Scan path] C:\WINDOWS\System32\DRIVERS\mouclass.sys [Scan path] C:\WINDOWS\System32\DRIVERS\MPE.sys [Scan path] C:\WINDOWS\System32\Drivers\MpFirewall.sys [Scan path] C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe [Scan path] C:\WINDOWS\System32\DRIVERS\mrxdav.sys [Scan path] C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [Scan path] C:\WINDOWS\System32\msdtc.exe [Scan path] c:\windows\system32\msiexec.exe [Scan path] C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe [Scan path] C:\WINDOWS\system32\drivers\MSKSSRV.sys [Scan path] C:\WINDOWS\system32\drivers\MSPCLOCK.sys [Scan path] C:\WINDOWS\system32\drivers\MSPQM.sys [Scan path] C:\WINDOWS\System32\DRIVERS\mssmbios.sys [Scan path] C:\WINDOWS\system32\drivers\MSTEE.sys [Scan path] C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [Scan path] C:\WINDOWS\system32\drivers\naiavf5x.sys [Scan path] C:\WINDOWS\System32\DRIVERS\NdisIP.sys [Scan path] C:\WINDOWS\System32\DRIVERS\ndistapi.sys [Scan path] C:\WINDOWS\System32\DRIVERS\ndisuio.sys [Scan path] C:\WINDOWS\System32\DRIVERS\ndiswan.sys [Scan path] C:\WINDOWS\System32\DRIVERS\netbios.sys [Scan path] C:\WINDOWS\System32\DRIVERS\netbt.sys [Scan path] C:\WINDOWS\system32\netdde.exe [Scan path] C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [Scan path] C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [Scan path] C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [Scan path] C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [Scan path] C:\WINDOWS\System32\DRIVERS\parport.sys [Scan path] C:\WINDOWS\System32\DRIVERS\pci.sys [Scan path] C:\WINDOWS\System32\DRIVERS\pciide.sys [Scan path] C:\WINDOWS\system32\drivers\pclepci.sys [Scan path] C:\WINDOWS\System32\DRIVERS\pctvvbi.sys [Scan path] C:\WINDOWS\system32\drivers\pfc.sys [Scan path] C:\WINDOWS\System32\DRIVERS\raspptp.sys [Scan path] C:\WINDOWS\System32\DRIVERS\processr.sys [Scan path] C:\WINDOWS\System32\DRIVERS\psched.sys [Scan path] C:\WINDOWS\System32\DRIVERS\ptilink.sys [Scan path] C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [Scan path] C:\WINDOWS\system32\DRIVERS\LVCM.sys [Scan path] C:\WINDOWS\System32\DRIVERS\rasacd.sys [Scan path] C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [Scan path] C:\WINDOWS\System32\DRIVERS\raspppoe.sys [Scan path] C:\WINDOWS\System32\DRIVERS\raspti.sys [Scan path] C:\WINDOWS\System32\DRIVERS\rdbss.sys [Scan path] C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [Scan path] C:\WINDOWS\system32\sessmgr.exe [Scan path] C:\WINDOWS\System32\DRIVERS\redbook.sys [Scan path] C:\WINDOWS\System32\locator.exe [Scan path] C:\WINDOWS\System32\rsvp.exe [Scan path] C:\WINDOWS\System32\SCardSvr.exe [Scan path] C:\WINDOWS\system32\drivers\scsiport.sys [Scan path] C:\Program Files\Spyware Doctor\sdhelp.exe [Scan path] C:\WINDOWS\System32\DRIVERS\secdrv.sys [Scan path] C:\WINDOWS\System32\DRIVERS\serenum.sys [Scan path] C:\WINDOWS\System32\DRIVERS\serial.sys [Scan path] C:\WINDOWS\System32\drivers\SFC4.sys [Scan path] C:\WINDOWS\System32\drivers\sfdrv01.sys [Scan path] C:\WINDOWS\System32\drivers\sfhlp02.sys [Scan path] C:\WINDOWS\System32\DRIVERS\SLIP.sys [Scan path] D:\Program Files\sygate\smc.exe [Scan path] C:\WINDOWS\system32\drivers\smwdm.sys [Scan path] C:\WINDOWS\system32\DRIVERS\snapman.sys [Scan path] C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe [Scan path] C:\WINDOWS\system32\drivers\splitter.sys [Scan path] C:\WINDOWS\System32\DRIVERS\sr.sys [Scan path] C:\WINDOWS\System32\DRIVERS\srv.sys [Scan path] C:\WINDOWS\system32\drivers\sscdbhk5.sys [Scan path] C:\WINDOWS\system32\Drivers\SSI.SYS [Scan path] C:\WINDOWS\system32\drivers\ssrtln.sys [Scan path] C:\WINDOWS\System32\DRIVERS\StreamIP.sys [Scan path] C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe [Scan path] C:\WINDOWS\System32\DRIVERS\swenum.sys [Scan path] C:\WINDOWS\system32\drivers\swmidi.sys [Scan path] C:\WINDOWS\system32\drivers\sysaudio.sys [Scan path] C:\WINDOWS\system32\smlogsvc.exe [Scan path] C:\WINDOWS\System32\drivers\tandpl.sys [Scan path] C:\WINDOWS\System32\DRIVERS\tcpip.sys [Scan path] C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys [Scan path] C:\WINDOWS\System32\DRIVERS\termdd.sys [Scan path] C:\WINDOWS\system32\dla\tfsnboio.sys [Scan path] C:\WINDOWS\system32\dla\tfsncofs.sys [Scan path] C:\WINDOWS\system32\dla\tfsndrct.sys [Scan path] C:\WINDOWS\system32\dla\tfsndres.sys [Scan path] C:\WINDOWS\system32\dla\tfsnifs.sys [Scan path] C:\WINDOWS\system32\dla\tfsnopio.sys [Scan path] C:\WINDOWS\system32\dla\tfsnpool.sys [Scan path] C:\WINDOWS\system32\dla\tfsnudf.sys [Scan path] C:\WINDOWS\system32\dla\tfsnudfa.sys [Scan path] C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [Scan path] C:\WINDOWS\system32\DRIVERS\timntr.sys [Scan path] d:\Program Files\Unlocker\UnlockerDriver5.sys [Scan path] C:\WINDOWS\System32\DRIVERS\update.sys [Scan path] C:\WINDOWS\System32\ups.exe [Scan path] C:\WINDOWS\system32\drivers\usbaudio.sys [Scan path] C:\WINDOWS\system32\DRIVERS\usbccgp.sys [Scan path] C:\WINDOWS\System32\DRIVERS\usbehci.sys [Scan path] C:\WINDOWS\System32\DRIVERS\usbhub.sys [Scan path] C:\WINDOWS\System32\DRIVERS\usbprint.sys [Scan path] C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [Scan path] C:\WINDOWS\System32\DRIVERS\usbuhci.sys [Scan path] C:\WINDOWS\System32\drivers\vga.sys [Scan path] C:\WINDOWS\System32\DRIVERS\wanarp.sys [Scan path] C:\WINDOWS\system32\drivers\wdmaud.sys [Scan path] C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys [Scan path] C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys [Scan path] C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys [Scan path] C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys [Scan path] C:\WINDOWS\System32\wbem\wmiapsrv.exe [Scan path] C:\WINDOWS\system32\drivers\wpsdrvnt.sys [Scan path] C:\WINDOWS\System32\drivers\ws2ifsl.sys [Scan path] C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [Scan path] C:\WINDOWS\system32\ntsd.exe ----------------------------------------------------------------------------- Scan statistics ----------------------------------------------------------------------------- Objects scanned: 293 Infected objects found: 0 Objects with modifications found: 0 Suspicious objects found: 0 Adware programs found: 0 Dialer programs found: 0 Joke programs found: 0 Riskware programs found: 0 Hacktool programs found: 0 Objects cured: 0 Objects deleted: 0 Objects renamed: 0 Objects moved: 0 Objects ignored: 0 Scan speed: 3276 Kb/s Scan time: 00:00:22 ----------------------------------------------------------------------------- [Scan path] C:\ C:\Documents and Settings\All Users\Application Data\McAfee\SpamKiller\Logs\FILTER~1.LOG - read error C:\Documents and Settings\Joost\NTUSER.DAT - read error C:\Documents and Settings\Joost\NTUSER~1.LOG - read error C:\Documents and Settings\Joost\Application Data\SecuROM\UserData\*.* - read error C:\Documents and Settings\Joost\Application Data\SecuROM\UserData\*.* - read error C:\Documents and Settings\Joost\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error C:\Documents and Settings\Joost\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error C:\Documents and Settings\Joost\Local Settings\Temp\hsperfdata_Joost\2344 - read error C:\Documents and Settings\LocalService\NTUSER.DAT - read error C:\Documents and Settings\LocalService\NTUSER~1.LOG - read error C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error C:\Documents and Settings\NetworkService\NTUSER.DAT - read error C:\Documents and Settings\NetworkService\NTUSER~1.LOG - read error C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - read error C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error C:\muziek\downloads\0053EFBB\Protected_12_09_2004_14_02_55.asf infected with Trojan.DownLoader.1729 - deleted C:\WINDOWS\system32\CatRoot2\edb.log - read error C:\WINDOWS\system32\CatRoot2\tmp.edb - read error C:\WINDOWS\system32\config\default - read error C:\WINDOWS\system32\config\default.LOG - read error C:\WINDOWS\system32\config\SAM - read error C:\WINDOWS\system32\config\SAM.LOG - read error C:\WINDOWS\system32\config\SECURITY - read error C:\WINDOWS\system32\config\SECURITY.LOG - read error C:\WINDOWS\system32\config\software - read error C:\WINDOWS\system32\config\software.LOG - read error C:\WINDOWS\system32\config\system - read error C:\WINDOWS\system32\config\system.LOG - read error [Scan path] D:\ >>D:\Program Files\Tweak-XP Pro 4\tweak-xp.exe>D:\Program Files\winrar\Dos.SFX ----------------------------------------------------------------------------- Scan statistics ----------------------------------------------------------------------------- Objects scanned: 266343 Infected objects found: 1 Objects with modifications found: 0 Suspicious objects found: 0 Adware programs found: 0 Dialer programs found: 0 Joke programs found: 0 Riskware programs found: 0 Hacktool programs found: 0 Objects cured: 0 Objects deleted: 1 Objects renamed: 0 Objects moved: 0 Objects ignored: 0 Scan speed: 505 Kb/s Scan time: 02:17:19 ----------------------------------------------------------------------------- ============================================================================= Total session statistics ============================================================================= Objects scanned: 266636 Infected objects found: 1 Objects with modifications found: 0 Suspicious objects found: 0 Adware programs found: 0 Dialer programs found: 0 Joke programs found: 0 Riskware programs found: 0 Hacktool programs found: 0 Objects cured: 0 Objects deleted: 1 Objects renamed: 0 Objects moved: 0 Objects ignored: 0 Scan speed: 4 Kb/s Scan time: 02:17:41 =============================================================================
  • Als een computer iets van de harddisk probeert te lezen, en dat lukt niet, dan kan dat enorm vertragend werken. Als een computer dus plotseling veel trager gaat werken, ligt het voor de hand, te denken aan een defect aan de schijf. Defect geheugen kan ook diverse problemen veroorzaken.
  • Dat snap ik, maar hoe kan ik dat nagaan, hoe kan ik uitzoeken of er een defect is?
  • Geheugen test je met memtest: http://www.memtest86.com/ Harddisk met de tool van de fabrikant: http://gathering.tweakers.net/forum/list_messages/649273#hddvaag
  • dr.web heeft maar 1 dingseltje gevonden en Objects deleted: 1 dus die is nu weg. Volg verder de aanwijzingen van Gerben maar.
  • memtest krijg ik niet opgestart, er verschijnt een zip file, die pak ik uit, dan maakt men een dir. Boot in die directory start ik op, dan start een programma dvd encrijpter en die zoekt naar een schijf in het e station.
  • Memtest download je in de vorm van een floppy of cd image. Daarmee maak je dus een floppy of een cd aan. Vervolgens daarmee booten.
  • harddisk is in orde, de memtest blijft uren draaien zonder verder bericht
  • Zonder bericht of zonder errors? Je krijgt [url=http://www.memtest.org/pics/amd64-big.gif]dit scherm[/url] wel te zien? En hoe lijkt het met de harddisk?
  • De beide testen zijn nu gelukt, ik heb bij seagate de uitgebreide test gedaan, geen errors. Bij de memtest heb ik 6 x de cyclus laten uitvoeren, geen errors
  • wat kan ik nu nog doen?
  • Hoe is het intussen met de genoemde problemen?
  • Ik heb op aanraden van een kennis mcafee securtiy uitgezet, dat scheelt al wel wat( meen ik wellicht), maar nog steeds bemerk ik vertraging en nog steeds krijg ik de melding dat een programma niet reageert.
  • Probeer dit eens uit te voeren aub. * [u:deb8dae9cf]Clean de Cache and Cookies in [color=blue:deb8dae9cf]IE[/color:deb8dae9cf][/u:deb8dae9cf]:[list:deb8dae9cf][*:deb8dae9cf][b:deb8dae9cf]Sluit[/b:deb8dae9cf] Internet Explorer. [*:deb8dae9cf]Ga naar Configuratiescherm > Internet Opties > tab Algemeen [*:deb8dae9cf]Klik de [b:deb8dae9cf]Cookies verwijderen[/b:deb8dae9cf] knop [*:deb8dae9cf]Klik op de [b:deb8dae9cf]Bestanden verwijderen[/b:deb8dae9cf] knop ernaast [*:deb8dae9cf][b:deb8dae9cf]Vink aan[/b:deb8dae9cf]: Ook alle off line items verwijderen, klik OK[/list:u:deb8dae9cf]* [u:deb8dae9cf]Clean de Cache and Cookies in [color=blue:deb8dae9cf]Firefox[/color:deb8dae9cf][/u:deb8dae9cf] (In geval Firefox geïnstalleerd is):[list:deb8dae9cf][*:deb8dae9cf]Go to Extra > Opties. [*:deb8dae9cf]Klik [b:deb8dae9cf]Privacy[/b:deb8dae9cf] in het menu. [*:deb8dae9cf]Klik op de knop [b:deb8dae9cf]Wissen[/b:deb8dae9cf] (Geschiedenis, Cookies, Cache). [*:deb8dae9cf]Klik OK om het venster opnieuw te sluiten.[/list:u:deb8dae9cf] * [u:deb8dae9cf]Clean [color=blue:deb8dae9cf]andere Temporary files + Prullenbak[/color:deb8dae9cf][/u:deb8dae9cf][list:deb8dae9cf][*:deb8dae9cf]Ga naar Start > Uitvoeren en typ: [b:deb8dae9cf]cleanmgr[/b:deb8dae9cf] en klik ok. [*:deb8dae9cf]Laat het je systeem scannen op bestanden die moeten verwijderd worden [*:deb8dae9cf]Zorg er wel voor dat je daar [b:deb8dae9cf]enkel[/b:deb8dae9cf] maar 'tijdelijke bestanden', 'tijdelijke internetbestanden' en 'prullenbak' staan aangevinkt. [*:deb8dae9cf]Klik daarna op OK.[/list:u:deb8dae9cf] Download [url=http://download.bleepingcomputer.com/sUBs/combofix.exe][b:deb8dae9cf]Combofix[/b:deb8dae9cf][/url] naar je Bureaublad.[list:deb8dae9cf] Dubbelklik [b:deb8dae9cf]Combofix.exe[/b:deb8dae9cf] Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen. Tijdens het runnen van de fix, [b:deb8dae9cf]NIET[/b:deb8dae9cf] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:deb8dae9cf] Wanneer de fix voltooid is en na herstart, zal de log [b:deb8dae9cf]combofix.txt[/b:deb8dae9cf] openen. [i:deb8dae9cf]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:deb8dae9cf] NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
  • Joost - 06-08-20 17:57:12,07 ComboFix 06.08.18 - Running from: C:\Documents and Settings\Joost\Bureaublad ((((((((((((((((((((((((((((((( Files Created from 2006-07-20 to 2006-08-20 )))))))))))))))))))))))))))))))))) 2006-08-06 21:38 442,368 C:\WINDOWS\system32\vp6vfw.dll (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-08-16 20:35 -------- d-------- C:\Program Files\Seagate 2006-08-16 12:42 -------- d-------- C:\Program Files\Internet Explorer 2006-08-15 12:24 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-08-12 09:06 777472 --a------ C:\WINDOWS\system32\drivers\avg7core.sys 2006-08-12 09:06 27904 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys 2006-08-08 12:18 -------- d-------- C:\Program Files\SpywareBlaster 2006-08-03 20:39 -------- d-------- C:\Program Files\D-Tools 2006-08-01 12:09 -------- d-------- C:\Documents and Settings\Joost\Application Data\uTorrent 2006-07-27 15:26 679424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-07-21 10:29 72704 --a------ C:\WINDOWS\system32\hlink.dll 2006-07-19 22:47 -------- d-------- C:\Program Files\Java 2006-07-19 22:47 -------- d-------- C:\Program Files\Google 2006-07-16 13:01 12464 --a------ C:\WINDOWS\system32\drivers\secdrv.sys 2006-07-15 18:23 -------- d-------- C:\Documents and Settings\Joost\Application Data\ubi.com 2006-07-02 19:43 -------- d-------- C:\Documents and Settings\Joost\Application Data\MailWasherPro 2006-07-02 11:15 30464 --a------ C:\WINDOWS\macromix.dll 2006-06-28 16:39 -------- d-------- C:\Documents and Settings\Joost\Application Data\Adobe 2006-06-28 15:11 -------- d-------- C:\Documents and Settings\Joost\Application Data\McAfee.com Personal Firewall 2006-06-28 15:00 -------- d-------- C:\Program Files\McAfee 2006-06-26 09:56 -------- d-------- C:\Documents and Settings\Joost\Application Data\AdobeUM 2006-06-25 19:06 7 --a------ C:\Documents and Settings\Joost\Application Data\bin.dll 2006-06-24 18:47 -------- d-------- C:\Documents and Settings\Joost\Application Data\Glory of the Roman Empire Demo 2006-06-24 16:01 18048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys 2006-06-24 16:01 165376 --a------ C:\WINDOWS\system32\drivers\atksgt.sys 2006-06-11 11:31 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033" "AVG7_CC"="D:\\PROGRA~1\\avg\\avgcc.exe /STARTUP" "SmcService"="D:\\PROGRA~1\\sygate\\smc.exe -startgui" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background" "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoCDBurning"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "NoSetFolders"=dword:00000000 "NoSetTaskbar"=dword:00000000 "NoControlPanel"=dword:00000000 "NoSaveSettings"=dword:00000000 "NoRun"=dword:00000000 "NoFind"=dword:00000000 "NoMultiIE"=dword:00000000 "LWA"=dword:00000000 "LWB"=dword:00000000 "LWC"=dword:00000000 "LWD"=dword:00000000 "LWE"=dword:00000000 "LWF"=dword:00000000 "LWG"=dword:00000000 "LWH"=dword:00000000 "LWI"=dword:00000000 "LWJ"=dword:00000000 "LWK"=dword:00000000 "LWL"=dword:00000000 "LWM"=dword:00000000 "LWN"=dword:00000000 "LWO"=dword:00000000 "LWP"=dword:00000000 "LWQ"=dword:00000000 "LWR"=dword:00000000 "LWS"=dword:00000000 "LWT"=dword:00000000 "LWU"=dword:00000000 "LWV"=dword:00000000 "LWW"=dword:00000000 "LWX"=dword:00000000 "LWY"=dword:00000000 "LWZ"=dword:00000000 "NoDrives"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] "DisableClock"=dword:00000000 "NoDispCPL"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Mijn huidige introductiepagina" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,f2,01,00,00,b9,00,00,00,7c,00,00,00,72,00,\ 00,00,01,00,00,00 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "AVG7_Run"="D:\\PROGRA~1\\avg\\avgw.exe /RUNONCE" "Spyware Doctor"="" [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "AVG7_Run"="D:\\PROGRA~1\\avg\\avgw.exe /RUNONCE" "Spyware Doctor"="" [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk] "location"="Common Startup" "command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE " "item"="Adobe Gamma Loader" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk] "location"="Common Startup" "command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE " "item"="Adobe Reader Snelle start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^eEye JScript Patch Checker.lnk] "location"="Common Startup" "item"="eEye JScript Patch Checker" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] "location"="Common Startup" "command"="C:\\PROGRA~1\\Logitech\\DESKTO~1\\8876480\\Program\\LDMConf.exe /start" "item"="Logitech Desktop Messenger" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] "location"="Common Startup" "command"="C:\\PROGRA~1\\MICROS~2\\Office\\OSA9.EXE -b -l" "item"="Microsoft Office" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Pinnacle Scheduler.lnk] "location"="Common Startup" "command"="C:\\PROGRA~1\\Pinnacle\\SHARED~1\\Programs\\SCHEDU~1\\PCLESC~1.EXE " "item"="Pinnacle Scheduler" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk] "location"="Common Startup" "command"="D:\\PROGRA~1\\WinZip\\WZQKPICK.EXE " "item"="WinZip Quick Pick" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupfolder\C:^Documents and Settings^Joost^Menu Start^Programma's^Opstarten^PowerReg Scheduler.exe] "location"="Startup" "item"="PowerReg Scheduler" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupfolder\C:^Documents and Settings^Joost^Menu Start^Programma's^Opstarten^Registration Call of Juarez SP Demo.LNK] "location"="Startup" "command"="D:\\PROGRA~1\\Ubisoft\\Demo\\Techland\\CALLOF~1\\REGIST~1.EXE -d 802847 -l english -r 7 -g Call of Juarez SP Demo -c us -i 2863" "item"="Registration Call of Juarez SP Demo" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupfolder\C:^Documents and Settings^Joost^Menu Start^Programma's^Opstarten^Registration-PCTV.lnk] "location"="Startup" "command"="C:\\PROGRA~1\\Pinnacle\\PCTVST~1\\EREGIS~1\\RegTool.exe PCTV,PCTSTD,register,NL,0," "item"="Registration-PCTV" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupfolder\C:^Documents and Settings^Joost^Menu Start^Programma's^Opstarten^Watch.lnk] "location"="Startup" "command"="C:\\WINDOWS\\twain_32\\A4CIS600\\WATCH.exe " "item"="Watch" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\Acronis Scheduler2 Service] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="schedhlp" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Acronis\\Schedule2\\schedhlp.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\Acronis True Image Monitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TrueImageMonitor" "hkey"="HKLM" "command"="\"C:\\Program Files\\Acronis\\TrueImage\\TrueImageMonitor.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\AGEIA PhysX SysTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TrayIcon" "hkey"="HKLM" "command"="C:\\Program Files\\AGEIA Technologies\\TrayIcon.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\BearShare] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BearShare" "hkey"="HKLM" "command"="\"D:\\Program Files\\BearShare\\BearShare.exe\" /pause" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\CTFMON.EXE] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\dla] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="tfswctrl" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\dvd43] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="dvd43_tray" "hkey"="HKLM" "command"="C:\\Program Files\\dvd43\\dvd43_tray.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\KernelFaultCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="dumprep 0 -k" "hkey"="HKLM" "command"="%systemroot%\\system32\\dumprep 0 -k" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\LDM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BackWeb-8876480" "hkey"="HKCU" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\LogitechVideoRepair] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ISStart" "hkey"="HKLM" "command"="C:\\Program Files\\Logitech\\Video\\ISStart.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\LogitechVideoTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LogiTray" "hkey"="HKLM" "command"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\MessengerPlus3] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MsgPlus" "hkey"="HKLM" "command"="\"D:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\mount.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mount" "hkey"="HKCU" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\MSKDetectorExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MSKDetct" "hkey"="HKLM" "command"="C:\\Program Files\\McAfee\\SpamKiller\\MSKDetct.exe /uninstall" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\NvMediaCenter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvMcTray" "hkey"="HKLM" "command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\nwiz] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nwiz" "hkey"="HKLM" "command"="nwiz.exe /install" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\OASClnt] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="oasclnt" "hkey"="HKLM" "command"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\PinnacleDriverCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PSDrvCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\PSDrvCheck.exe -CheckReg" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\Shareaza] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Shareaza" "hkey"="HKCU" "command"="\"d:\\Program Files\\Shareaza\\Shareaza.exe\" -tray" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\Sonic RecordNow!] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\StorageGuard] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="sgtray" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\UserFaultCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="dumprep 0 -u" "hkey"="HKLM" "command"="%systemroot%\\system32\\dumprep 0 -u" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\WashAndGo - Cleanup of old Backupfiles] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="checker" "hkey"="HKCU" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\WeatherCast] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Weather" "hkey"="HKCU" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\startupreg\WhenUSave] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Save" "hkey"="HKCU" "inimapping"="0" Completion time: Sun 20-08-2006 17:57:57.54 ComboFix.txt
  • En een HJT logje aub.
  • Logfile of HijackThis v1.99.1 Scan saved at 19:20:26, on 20-8-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe D:\Program Files\sygate\smc.exe C:\WINDOWS\system32\spoolsv.exe D:\PROGRA~1\avg\avgamsvr.exe D:\PROGRA~1\avg\avgupsvc.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\Explorer.EXE D:\PROGRA~1\avg\avgcc.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\winlogon.exe C:\Program Files\Pinnacle\PCTV Stereo\Vision\Vision.exe C:\PROGRA~1\Pinnacle\SHARED~1\Filter\server.exe C:\PROGRA~1\Pinnacle\SHARED~1\Filter\VBI_SE~1.EXE C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe C:\Program Files\Internet Explorer\iexplore.exe D:\belangrijke hulpprogramma's\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpagina.nl/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\avg\avgcc.exe /STARTUP O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\sygate\smc.exe -startgui O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - D:\Program Files\IrfanView\Ebay\Ebay.htm O14 - IERESET.INF: START_PAGE_URL=http://www.startpagina.nl/ O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} - http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\avg\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\avg\avgupsvc.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - D:\Program Files\sygate\smc.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.