Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

computer start vertraagd op

Anoniem
None
8 antwoorden
  • sinds gisteren start mijn computer zeer traag. Ik heb al wat verwijderd, helpt niet echt daarom hier mijn log, wil iemand daar eens even naar kijken.

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 9:23:27, on 1-7-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\KEMailKb\KEMailKb.EXE
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
    C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Teletekstbrowser\Teletekst.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijack This\hijackthis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [KEMailKb] C:\PROGRA~1\KEMailKb\KEMailKb.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Mediacontrole Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe


    End of file - 6502 bytes

  • Ziet er schoon genoeg uit, doe toch maar de combofix en plaats de uitslag aub.

    Download [b:6348e951fe]Combofix[/b:6348e951fe] naar je Bureaublad.[list:6348e951fe]
    Dubbelklik op [b:6348e951fe]Combofix.exe[/b:6348e951fe]
    Volg de instructies, aanvaard de disclaimer door [b:6348e951fe]1[/b:6348e951fe] (continue) te typen.
    Tijdens het runnen van de fix, [b:6348e951fe]NIET[/b:6348e951fe] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:6348e951fe]
    Wanneer de fix voltooid is en na herstart, zal de log [b:6348e951fe]combofix.txt[/b:6348e951fe] openen.
    [i:6348e951fe]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:6348e951fe]

    Opmerking: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
  • En als die ook niks vind, maak dan meteen backups van belangrijke bestanden, en ga daarna de schijf uitgebreid testen.
    http://www.tacktech.com/display.cfm?ttid=287
  • Hallo, hierbij beide logs



    "Beneden" - 2007-07-01 21:58:56 - ComboFix 07-06-27.7 - Service Pack 2 NTFS


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\DOCUME~1\Beneden\BUREAU~1\internet.lnk


    ((((((((((((((((((((((((( Files Created from 2007-06-01 to 2007-07-01 )))))))))))))))))))))))))))))))


    2007-07-01 21:58 49,152 –a—— C:\WINDOWS
    ircmd.exe
    2007-06-30 19:32 <DIR> d——– C:\DOCUME~1\Beneden\APPLIC~1\Lavasoft
    2007-06-30 19:26 83,024 –a—— C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-06-30 19:26 626,688 –a—— C:\WINDOWS\system32\msvcr80.dll
    2007-06-30 19:26 57,424 –a—— C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-06-30 19:26 53,840 –a—— C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-06-30 19:26 39,376 –a—— C:\WINDOWS\system32\drivers\ikfileflt.sys
    2007-06-30 19:26 29,264 –a—— C:\WINDOWS\system32\drivers\kcom.sys
    2007-06-30 19:26 <DIR> d——– C:\Program Files\Spyware Doctor
    2007-06-30 19:26 <DIR> d——– C:\DOCUME~1\Beneden\APPLIC~1\PC Tools
    2007-06-30 19:25 22,080 –a—— C:\WINDOWS\system32\drivers\sshrmd.sys
    2007-06-30 19:25 21,056 –a—— C:\WINDOWS\system32\drivers\sskbfd.sys
    2007-06-30 19:25 20,544 –a—— C:\WINDOWS\system32\drivers\SSFS0509.sys
    2007-06-30 19:25 164 –a—— C:\install.dat
    2007-06-30 19:25 144,960 –a—— C:\WINDOWS\system32\drivers\ssidrv.sys
    2007-06-30 19:25 <DIR> d——– C:\Program Files\Webroot
    2007-06-30 19:25 <DIR> d——– C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot
    2007-06-30 19:25 <DIR> d——– C:\DOCUME~1\Beneden\APPLIC~1\Webroot
    2007-06-30 19:25 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Webroot
    2007-06-30 19:24 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    2007-06-30 19:23 <DIR> d——– C:\Program Files\SpywareBlaster
    2007-06-30 19:23 <DIR> d——– C:\Program Files\Lavasoft
    2007-06-30 19:16 <DIR> d——– C:\WINDOWS\system32\GroupPolicy
    2007-06-30 19:16 <DIR> d——– C:\Program Files\Hitman Pro
    2007-06-26 16:46 <DIR> d——– C:\Program Files\Common Files\Ankiro
    2007-06-26 16:45 <DIR> d——– C:\Program Files\SPAMfighter
    2007-06-26 16:45 <DIR> d——– C:\Program Files\Common Files\Application
    2007-06-21 20:13 <DIR> d——– C:\DOCUME~1\Beneden\APPLIC~1\SmartFTP
    2007-06-21 20:04 <DIR> d——– C:\Program Files\Common Files\Adobe Systems Shared
    2007-06-21 19:49 <DIR> d——– C:\Program Files\WinSCP3
    2007-06-21 19:49 <DIR> d——– C:\Program Files\SmartFTP Client 2.0
    2007-06-21 19:47 16,384 –a—— C:\WINDOWS\system32\FileOps.exe
    2007-06-21 19:46 <DIR> d——– C:\Program Files\Namo
    2007-06-16 18:52 <DIR> d——– C:\foto's
    2007-06-16 18:52 <DIR> d——– C:\DOCUME~1\Beneden\APPLIC~1\Media Player Classic
    2007-06-16 13:30 <DIR> d——– C:\film1
    2007-06-16 13:20 458,112 –a—— C:\WINDOWS\system32\drivers\MarvinUsb.sys
    2007-06-16 13:20 <DIR> d——– C:\WINDOWS\system32\Quicktime
    2007-06-16 13:20 <DIR> d——– C:\Program Files\SmartSound Software
    2007-06-16 13:20 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
    2007-06-16 12:53 81,920 ——— C:\WINDOWS\system32\vdrmux.dll
    2007-06-16 12:53 76,800 ——— C:\WINDOWS\system32\Lfwmf13n.dll
    2007-06-16 12:53 73,728 ——— C:\WINDOWS\system32\MMAviAx.dll
    2007-06-16 12:53 73,728 ——— C:\WINDOWS\system32\lffax13n.dll
    2007-06-16 12:53 65,536 ——— C:\WINDOWS\system32\Lfpct13n.dll
    2007-06-16 12:53 46,592 ——— C:\WINDOWS\system32\vdrcodec.dll
    2007-06-16 12:53 453,120 ——— C:\WINDOWS\system32\ltkrn13n.dll
    2007-06-16 12:53 44,544 ——— C:\WINDOWS\system32\msxml4a.dll
    2007-06-16 12:53 40,960 ——— C:\WINDOWS\system32\langserv.dll
    2007-06-16 12:53 393,216 ——— C:\WINDOWS\system32\LFCMP13n.DLL
    2007-06-16 12:53 32,768 ——— C:\WINDOWS\system32\MLPagAx.dll
    2007-06-16 12:53 30,208 ——— C:\WINDOWS\system32\lfbmp13n.dll
    2007-06-16 12:53 294,912 ——— C:\WINDOWS\system32\pvmjpg21.dll
    2007-06-16 12:53 278,016 ——— C:\WINDOWS\system32\LFJ2K13n.dll
    2007-06-16 12:53 24,576 ——— C:\WINDOWS\system32\lftga13n.dll
    2007-06-16 12:53 204,881 ——— C:\WINDOWS\system32\DiskIO.dll
    2007-06-16 12:53 18,432 –a—— C:\WINDOWS\system32\Cachex.dll
    2007-06-16 12:53 155,721 ——— C:\WINDOWS\system32\RALMain.dll
    2007-06-16 12:53 153,088 ——— C:\WINDOWS\system32\ltfil13n.DLL
    2007-06-16 12:53 143,360 ——— C:\WINDOWS\system32\lftif13n.dll
    2007-06-16 12:53 114,759 ——— C:\WINDOWS\system32\Aviprax.dll
    2007-06-16 12:53 1,693,696 ——— C:\WINDOWS\system32\LTCLR13n.dll
    2007-06-16 12:51 171,008 –a—— C:\WINDOWS\system32\drivers\MarvinBus.sys
    2007-06-16 12:51 14,165 ——— C:\WINDOWS\system32\drivers\Pclepci.sys
    2007-06-16 12:50 90,112 –a—— C:\WINDOWS\unvise32.exe
    2007-06-16 12:50 406,016 –a—— C:\WINDOWS\system32\PSDrvCheck.exe
    2007-06-16 12:50 19,456 –a—— C:\WINDOWS\system32\asapi.dll
    2007-06-16 12:50 11,264 –a—— C:\WINDOWS\system32\drivers\asapiW2k.sys
    2007-06-16 12:48 974,848 –a—— C:\WINDOWS\system32\MFC70.DLL
    2007-06-16 12:48 964,608 –a—— C:\WINDOWS\system32\MFC70U.DLL
    2007-06-16 12:48 84,992 –a—— C:\WINDOWS\system32\ATL70.DLL
    2007-06-16 12:48 65,536 –a—— C:\WINDOWS\system32\MFC71DEU.DLL
    2007-06-16 12:48 61,440 –a—— C:\WINDOWS\system32\pclepim1.dll
    2007-06-16 12:48 61,440 –a—— C:\WINDOWS\system32\MFC71ITA.DLL
    2007-06-16 12:48 61,440 –a—— C:\WINDOWS\system32\MFC71FRA.DLL
    2007-06-16 12:48 61,440 –a—— C:\WINDOWS\system32\MFC71ESP.DLL
    2007-06-16 12:48 57,344 –a—— C:\WINDOWS\system32\MFC71ENU.DLL
    2007-06-16 12:48 499,712 –a—— C:\WINDOWS\system32\msvcp71.dll
    2007-06-16 12:48 49,152 –a—— C:\WINDOWS\system32\PCLEGetGuid.dll
    2007-06-16 12:48 49,152 –a—— C:\WINDOWS\system32\MFC71KOR.DLL
    2007-06-16 12:48 49,152 –a—— C:\WINDOWS\system32\MFC71JPN.DLL
    2007-06-16 12:48 45,056 –a—— C:\WINDOWS\system32\MFC71CHT.DLL
    2007-06-16 12:48 40,960 –a—— C:\WINDOWS\system32\MFC71CHS.DLL
    2007-06-16 12:48 106,496 –a—— C:\WINDOWS\system32\atl71.dll
    2007-06-16 12:48 1,060,864 –a—— C:\WINDOWS\system32\MFC71.dll
    2007-06-16 12:48 1,047,552 –a—— C:\WINDOWS\system32\MFC71u.dll
    2007-06-16 12:47 <DIR> d——– C:\Program Files\Pinnacle
    2007-06-16 12:47 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
    2007-06-11 22:11 <DIR> d——– C:\DOCUME~1\Beneden\APPLIC~1\Pegasys Inc
    2007-06-11 21:54 740,442 –a—— C:\WINDOWS\system32\divx.dll
    2007-06-11 21:54 73,728 –a—— C:\WINDOWS\system32\dpl100.dll
    2007-06-11 21:54 593,920 –a—— C:\WINDOWS\system32\xvidcore.dll
    2007-06-11 21:54 348,160 –a—— C:\WINDOWS\system32\msvcr71.dll
    2007-06-11 21:54 3,596,288 –a—— C:\WINDOWS\system32\qt-dx331.dll
    2007-06-11 21:54 217,088 –a—— C:\WINDOWS\system32\yv12vfw.dll
    2007-06-11 21:54 180,224 –a—— C:\WINDOWS\system32\xvidvfw.dll
    2007-06-11 21:54 10,752 –a—— C:\WINDOWS\system32\ff_vfw.dll
    2007-06-11 21:54 <DIR> d——– C:\Program Files\K-Lite Codec Pack
    2007-06-11 21:23 <DIR> d——– C:\film
    2007-06-10 22:52 <DIR> d——– C:\Program Files\Hijack This


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-07-01 18:30:04 54,464 —-a-w C:\WINDOWS\system32\perfc013.dat
    2007-07-01 18:30:04 367,286 —-a-w C:\WINDOWS\system32\perfh013.dat
    2007-07-01 15:52:33 ——– d—–w C:\DOCUME~1\Beneden\APPLIC~1\LimeWire
    2007-06-23 17:22:14 ——– d—–w C:\Program Files\KEMailKb
    2007-06-21 17:47:57 ——– d–h–w C:\Program Files\InstallShield Installation Information
    2007-06-16 11:20:14 ——– d—–w C:\Program Files\Common Files\InstallShield
    2007-06-16 07:08:41 ——– d—–w C:\Program Files\VideoMate
    2007-06-12 04:52:04 ——– d—–w C:\Program Files\Google
    2007-06-10 07:45:22 ——– d—–w C:\DOCUME~1\Beneden\APPLIC~1\Google
    2007-05-19 12:40:27 ——– d—–w C:\DOCUME~1\Beneden\APPLIC~1\Opera
    2007-05-19 12:40:24 ——– d—–w C:\Program Files\Opera
    2007-05-19 07:21:31 ——– d—–w C:\Program Files\Medionkeyboard
    2007-05-19 07:21:09 ——– d—–w C:\Program Files\Browser mouse
    2007-05-18 20:04:54 ——– d—–w C:\Program Files\EPSON
    2007-05-18 15:02:34 ——– d—–w C:\Program Files\Foxit Software
    2007-05-17 19:40:38 ——– d—–w C:\Program Files\MSXML 4.0
    2007-05-17 17:36:24 ——– d—–w C:\Program Files\CAM Development
    2007-05-17 17:30:41 ——– d—–w C:\Program Files\LimeWire
    2007-05-17 17:20:26 ——– d—–w C:\Program Files\BearShare Applications
    2007-05-17 17:10:29 ——– d—–w C:\DOCUME~1\Beneden\APPLIC~1\SPAMfighter
    2007-05-17 14:02:11 ——– d—–w C:\Program Files\Lavalys
    2007-05-17 12:57:33 ——– d—–w C:\Program Files\Teletekstbrowser
    2007-05-17 12:50:33 ——– d—–w C:\Program Files\Microsoft Works
    2007-05-17 10:36:07 552 —-a-w C:\WINDOWS\system32\d3d8caps.dat
    2007-05-16 15:19:43 683,520 —-a-w C:\WINDOWS\system32\inetcomm.dll
    2007-05-12 16:50:45 ——– d—–w C:\Program Files\McAfee
    2007-05-12 16:40:17 ——– d—–w C:\Program Files\Windows Media Connect 2
    2007-05-12 16:23:18 ——– d—–w C:\Program Files\Common Files\McAfee
    2007-05-12 16:22:53 ——– d—–w C:\Program Files\McAfee.com
    2007-05-12 16:22:07 ——– d—–w C:\Program Files\MSN Messenger
    2007-05-12 16:20:35 ——– d—–w C:\Program Files\Common Files\Ahead
    2007-05-12 16:17:30 ——– d—–w C:\Program Files\Nero
    2007-05-12 16:15:00 ——– d—–w C:\Program Files\Messenger
    2007-05-12 16:14:52 ——– d—–w C:\Program Files\CyberLink
    2007-05-12 16:09:49 ——– d—–w C:\Program Files\Microsoft.NET
    2007-05-11 23:26:57 ——– d—–w C:\Program Files\Common Files\ODBC
    2007-05-11 23:26:55 ——– d—–w C:\Program Files\Common Files\SpeechEngines
    2007-05-11 21:48:09 ——– d—–w C:\Program Files\Realtek
    2007-05-11 21:34:23 ——– d—–w C:\Program Files\microsoft frontpage
    2007-05-11 21:34:02 0 –sha-r C:\MSDOS.SYS
    2007-05-11 21:34:02 0 –sha-r C:\IO.SYS
    2007-05-11 21:34:02 0 —-a-w C:\CONFIG.SYS
    2007-05-11 21:34:02 0 —-a-w C:\AUTOEXEC.BAT
    2007-05-11 21:32:51 ——– d–h–w C:\Program Files\WindowsUpdate
    2007-05-11 21:32:49 ——– d—–w C:\Program Files\Online Services
    2007-05-11 21:32:05 ——– d—–w C:\Program Files\Common Files\MSSoap
    2007-05-11 21:31:57 ——– d—–w C:\Program Files\Movie Maker
    2007-05-11 21:31:28 21,748 —-a-w C:\WINDOWS\system32\emptyregdb.dat
    2007-05-11 21:30:44 ——– d—–w C:\Program Files\MSN Gaming Zone
    2007-05-11 21:30:36 ——– d—–w C:\Program Files\Windows NT
    2007-04-25 14:22:52 144,896 —-a-w C:\WINDOWS\system32\schannel.dll
    2007-04-18 16:15:26 2,854,400 —-a-w C:\WINDOWS\system32\msi.dll
    2007-04-16 20:47:36 33,624 —-a-w C:\WINDOWS\system32\wups.dll
    2007-04-16 20:45:54 1,710,936 —-a-w C:\WINDOWS\system32\wuaueng.dll
    2007-04-16 20:45:48 549,720 —-a-w C:\WINDOWS\system32\wuapi.dll
    2007-04-16 20:45:42 325,976 —-a-w C:\WINDOWS\system32\wucltui.dll
    2007-04-16 20:45:36 203,096 —-a-w C:\WINDOWS\system32\wuweb.dll
    2007-04-16 20:45:28 92,504 —-a-w C:\WINDOWS\system32\cdm.dll
    2007-04-16 20:45:20 53,080 —-a-w C:\WINDOWS\system32\wuauclt.exe
    2007-04-16 20:45:20 43,352 —-a-w C:\WINDOWS\system32\wups2.dll


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    {53707962-6F74-2D53-2644-206D7942484F}=C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 01:04]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
    {7DB2D5A0-7241-4E79-B68D-6309F01C5231}=c:\program files\mcafee\virusscan\scriptcl.dll [2006-12-22 16:02]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "KEMailKb"="C:\PROGRA~1\KEMailKb\KEMailKb.EXE" [2006-05-15 10:56]
    "nwiz"="nwiz.exe" [2006-08-16 09:35 C:\WINDOWS\system32
    wiz.exe]
    "SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2007-06-25 15:03]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ComproPVR Schedule.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ComproPVR Schedule.lnk
    backup=C:\WINDOWS\pss\ComproPVR Schedule.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ComproRemote.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ComproRemote.lnk
    backup=C:\WINDOWS\pss\ComproRemote.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^TweakYC.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\TweakYC.lnk
    backup=C:\WINDOWS\pss\TweakYC.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
    ALCMTR.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
    C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMK08KB]
    C:\Program Files\Medionkeyboard\1.3\MMKEYBD.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMMEDIONMOUSE]
    C:\Program Files\Browser mouse\1.3\mouse32a.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg
    wiz]
    nwiz.exe /install

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    RTHDCPL.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
    SkyTel.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"


    Contents of the 'Scheduled Tasks' folder
    2007-05-12 16:23:00 C:\WINDOWS\tasks\McDefragTask.job
    2007-05-12 16:22:59 C:\WINDOWS\tasks\McQcTask.job

    **************************************************************************

    catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-07-01 22:01:00
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-07-01 22:01:52
    C:\ComboFix-quarantined-files.txt … 2007-07-01 22:01

    — E O F —
    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 22:02:29, on 1-7-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\KEMailKb\KEMailKb.EXE
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
    C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Hijack This\hijackthis.exe
    C:\WINDOWS\system32\cmd.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
    O4 - HKLM\..\Run: [KEMailKb] C:\PROGRA~1\KEMailKb\KEMailKb.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Mediacontrole Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe


    End of file - 6225 bytes




  • Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:b62e4a95ba]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    [/b:b62e4a95ba]
    Klik op 'Fix checked' om de items te verwijderen.

    Download:
    Sla het bestand op je bureaublad op, daarna dubbelklikken.
    Mogelijk start de uninstaller van een rogue scanner op, sluit deze niet af maar laat deze zijn werk doen.

    Daarna de [b:b62e4a95ba]PC herstarten[/b:b62e4a95ba] en nogmaals RemoveVideoActiveXObject.exe dubbelklikken.
    Post daarna het logje C:\[b:b62e4a95ba]RVAXO-results.log[/b:b62e4a95ba] in je volgende bericht tesamen met een nieuw logje van HijackThis.
  • Hallo,

    Hierbij de logs. Er is nu wel iets geks gebeurd:
    Het complete origenele buroblad is flink gekrompen tot een kleine foto in het midden van het blad. De iconen staan nu gewoon op hun plaats tegen een strak blauwe achtergrond. Hijackthis start nu niet meer normaal op maar begint meteen met de check



    —————-RemoveVideoActiveXObject.exe first run————-

    Files found:

    C:\WINDOWS\system32\actskn45.ocx

    Uninstallers Rogue scanners:


    Folders Found:


    ————–RemoveVideoActiveXObject.exe last run—————

    Files found:


    Uninstallers Rogue scanners:


    Folders Found:

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 21:46:57, on 2-7-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\KEMailKb\KEMailKb.EXE
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
    C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Hijack This\hijackthis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
    O4 - HKLM\..\Run: [KEMailKb] C:\PROGRA~1\KEMailKb\KEMailKb.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Mediacontrole Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe


    End of file - 6262 bytes

  • En toch ziet je logje er prima uit zo.

    Download en installeer CCleaner
    (De CCLeaner Yahoo Toolbar is niet nodig)




    Start Ccleaner.
    Ccleaner biedt je de mogelijkheid om in te stellen wat er opgeschoond moet worden.
    Selecteer nu alleen de volgende items:
    Internet Explorer:
    - Tijdelijke Internet bestanden
    Systeem:
    - Prullenbak leegmaken
    - Tijdelijke bestanden
    klik nu in Ccleaner op [b:d19d755cd0]opschonen[/b:d19d755cd0] (rechts onderaan).

    Om herinfectie via systeemherstel te voorkomen, is het raadzaam de bestaande systeemherstelpunten te verwijderen door systeemherstel tijdelijk uit te schakelen.


    - Ga naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
    - Klik in de linkerhelft van het venster op "Instellingen van systeemherstel".
    - Zet een vinkje voor "Systeemherstel uitschakelen".
    - Klik "Toepassen".
    - Windows vraagt of je dat zeker weet.
    - Klik "Ja".
    - Klik "OK".
    - Start de pc opnieuw op.
    - Ga weer naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
    - Je krijgt de melding: "Systeemherstel is uitgeschakeld. Wilt u systeemherstel nu inschakelen?"
    - Klik "Ja".
    - Verwijder het vinkje voor "Systeemherstel uitschakelen".
    - Klik "Toepassen".
    - Klik "OK".
    - Start de pc opnieuw op
    - Er is nu een nieuw schoon herstel punt aangemaakt

    Hier nog wat tips. tips
  • Misschien is Microsoft BootVis een oplossing?

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.