Vraag & Antwoord

Beveiliging & privacy

internet explore erg langzaam (log gemaakt)

4 antwoorden
  • hallo, ik heb een laptop en internet explore gaat erg langzaam. zowel het opstarten als surfen. waarbij hotmail echt een ramp is. even wat feitjes - 2,2 ghz, 752 mb intern geheugen -os windows xp prof service pack 2 -internet explore versie 7.0.5730.13 - realtime spyware en pop killer stopzilla - me andere laptop heeft geen problemen met internet en ook niet met hotmail. wat heb ik geprobeerd. ik heb de hele computer proberen schoon te maken door middel van : -aft cleaner en ccleaner -ad-aware en spybot s and d gedownload, updates hiervoor binnen gehaald en volledige systeem scan laten maken ad-aware vond 2 dingen, die hij heeft verwijderd en na een nieuwe scan was er niks meer van te vinden. bij deze site een online scan gemaakt http://www.ewido.net/en/onlinescan/ alles oke -virus scan gedaan met avg in de veilige modus, geen problemen gevonden -hijackthislog gedownload en gemaakt. logje is hieronder te vinden Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:00:13, on 31-1-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe C:\WINDOWS\Explorer.EXE C:\Program Files\STOPzilla!\STOPzilla.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\WINDOWS\LTSMMSG.exe C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe C:\WINDOWS\System32\00THotkey.exe C:\WINDOWS\system32\TPWRTRAY.EXE C:\WINDOWS\system32\TFNF5.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\TouchED\TouchED.Exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Messenger\MSMSGS.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.stopzilla.com/director/?type=first_run R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: ZILLAbar BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\ZB2.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\ZB2.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [NDSTray.exe] "C:\Program Files\Toshiba\ConfigFree\NDSTray.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Automatisch EPSON Stylus DX4000 Series op HELLO_PC] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S3.tmp" /EF "HKLM" O4 - HKLM\..\Run: [\192.168.0.103\EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_SC.tmp" /EF "HKLM" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - ESC Trusted Zone: http://*.update.microsoft.com O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} (sIKN Speler) - http://www.kerkomroep.nl/ocx/sIKNPlayer.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1199221638078 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe -- End of file - 6966 bytes
  • In het logje is ook niks terug te vinden. Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:314ed01e06]Combofix[/b:314ed01e06][/url] naar je Bureaublad. Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link, want Combofix wordt dagelijks geupdate. OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en [b:314ed01e06]download Combofix opnieuw[/b:314ed01e06]. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen![list:314ed01e06] Dubbelklik op [b:314ed01e06]Combofix.exe[/b:314ed01e06] Volg de instructies, aanvaard de disclaimer door [b:314ed01e06]1[/b:314ed01e06] (continue) te typen, gevolgd door [b:314ed01e06]ENTER[/b:314ed01e06]. Tijdens het runnen van de fix, [b:314ed01e06]NIET[/b:314ed01e06] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:314ed01e06] Wanneer de fix voltooid is en na herstart, zal de log [b:314ed01e06]combofix.txt[/b:314ed01e06] openen. [i:314ed01e06]Plaats dit log in je volgende post samen met een nieuw HijackThis log.[/i:314ed01e06]
  • hierbij de combofix log ComboFix 08-02.02.5 - Administrator 2008-02-02 19:50:16.3 - [color=red:cf8608e723][b:cf8608e723]FAT32[/b:cf8608e723][/color:cf8608e723]x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.460 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Administrator\Bureaublad\ComboFix.exe [color=red:cf8608e723][b:cf8608e723]WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !![/b:cf8608e723][/color:cf8608e723] . (((((((((((((((((((( Bestanden Gemaakt van 2008-01-02 to 2008-02-02 )))))))))))))))))))))))))))))) . 2008-01-31 14:56 . 2008-01-31 14:56 <DIR> d-------- C:\Program Files\Trend Micro 2008-01-30 14:50 . 2008-01-30 14:50 <DIR> d-------- C:\Program Files\Lavasoft 2008-01-30 14:50 . 2008-01-30 14:50 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-01-30 14:50 . 2008-01-30 14:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-01-30 14:44 . 2008-01-30 14:44 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-01-30 14:44 . 2008-01-30 14:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-01-28 11:12 . 2008-01-28 11:12 <DIR> d--hs---- C:\FOUND.000 2008-01-10 22:36 . 2008-01-10 22:36 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InterVideo 2008-01-06 08:00 . 2008-01-06 08:00 12,393,260 --------- C:\AVG7QT.DAT 2008-01-02 13:56 . 2008-01-02 13:56 <DIR> d-------- C:\Program Files\EPSON 2008-01-02 00:44 . 2007-08-13 18:54 33,792 --a------ C:\WINDOWS\system32\dllcache\custsat.dll 2008-01-02 00:37 . 2006-08-21 10:14 128,896 --------- C:\WINDOWS\system32\dllcache\fltmgr.sys 2008-01-02 00:37 . 2006-08-21 10:14 23,040 --------- C:\WINDOWS\system32\dllcache\fltmc.exe 2008-01-02 00:37 . 2006-08-21 13:28 16,896 --------- C:\WINDOWS\system32\dllcache\fltlib.dll 2008-01-02 00:34 . 2007-07-09 14:11 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll 2008-01-02 00:08 . 2008-01-02 00:08 <DIR> d-------- C:\Documents and Settings\LocalService\Menu Start . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-01 20:54 --------- d-----w C:\Program Files\Common Files\iS3 2008-01-01 20:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZILLAbar 2008-01-01 20:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\STOPzilla! 2008-01-01 20:51 --------- d-----w C:\Program Files\STOPzilla! 2008-01-01 20:51 --------- d-----w C:\Documents and Settings\Administrator\Application Data\STOPzilla! 2008-01-01 20:38 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll 2008-01-01 20:38 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll 2008-01-01 20:38 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7 2008-01-01 20:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft 2008-01-01 20:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVG7 2008-01-01 20:38 --------- d-----w C:\Documents and Settings\Administrator\Application Data\AVG7 2008-01-01 19:32 --------- d-----w C:\Program Files\Microsoft.NET 2008-01-01 19:26 0 --sha-r C:\WINDOWS\system32\drivers\TOSHIBA_Satellite Pro A10_00980000-DU_PSA15E-018PC.MRK 2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2007-11-07 09:30 727,040 ----a-w C:\WINDOWS\system32\lsasrv.dll 2007-11-07 09:30 727,040 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [2004-10-13 17:24 1694208] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03 15360] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-04-06 23:19 155648] "HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-04-06 23:07 114688] "LTSMMSG"="LTSMMSG.exe" [2003-04-18 09:06 32768 C:\WINDOWS\ltsmmsg.exe] "PmProxy"="C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe" [2003-02-28 18:54 40960] "00THotkey"="C:\WINDOWS\System32\[u:cf8608e723]0[/u:cf8608e723]0THotkey.exe" [2003-05-23 14:13 253952] "000StTHK"="000StTHK.exe" [2001-06-23 20:28 24576 C:\WINDOWS\system32\[u:cf8608e723]0[/u:cf8608e723]00StTHK.exe] "Tpwrtray"="TPWRTRAY.EXE" [2003-05-08 10:37 217088 C:\WINDOWS\system32\TPWRTRAY.EXE] "TFNF5"="TFNF5.exe" [2001-09-04 10:29 69632 C:\WINDOWS\system32\TFNF5.exe] "NDSTray.exe"="C:\Program Files\Toshiba\ConfigFree\NDSTray.exe" [2003-01-17 20:26 458752] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2002-12-25 14:38 159744] "TouchED"="C:\Program Files\TOSHIBA\TouchED\TouchED.Exe" [2003-03-11 13:55 122880] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-01 21:48 579072] "\192.168.0.103\EPSON Stylus DX4000 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.exe" [2006-02-21 05:00 131072] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-01 21:48 219136] R0 TVALG;Toshiba Value Added Logical and General Purpose Device Driver;C:\WINDOWS\system32\DRIVERS\TVALG.SYS [2001-09-13 19:53] R3 TOSHIBASoftModem;TOSHIBA Software Modem;C:\WINDOWS\system32\DRIVERS\LTSM.sys [2002-09-17 15:12] R3 wlags48b;Wireless LAN PCCard Driver;C:\WINDOWS\system32\DRIVERS\wlags48b.sys [2002-06-28 07:29] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-02 19:51:03 Windows 5.1.2600 Service Pack 2 FAT NTAPI scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "\\192.168.0.103\\EPSON Stylus DX4000 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIBEE.EXE /FU \"C:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\E_SC.tmp\" /EF \"HKLM\"" . Voltooingstijd: 2008-02-02 19:51:25 ComboFix3.txt 2008-02-02 18:42:44 ComboFix2.txt 2008-02-02 18:45:44 . 2008-01-09 05:54:40 --- E O F --- en het hijackthislog Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:52:17, on 2-2-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe C:\Program Files\STOPzilla!\STOPzilla.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\WINDOWS\LTSMMSG.exe C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe C:\WINDOWS\System32\00THotkey.exe C:\WINDOWS\system32\TPWRTRAY.EXE C:\WINDOWS\system32\TFNF5.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\TouchED\TouchED.Exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Messenger\MSMSGS.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Apoint2K\Apntex.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.stopzilla.com/director/?type=first_run R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: ZILLAbar BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\ZB2.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\ZB2.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [NDSTray.exe] "C:\Program Files\Toshiba\ConfigFree\NDSTray.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [\192.168.0.103\EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\E_SC.tmp" /EF "HKLM" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - ESC Trusted Zone: http://*.update.microsoft.com O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} (sIKN Speler) - http://www.kerkomroep.nl/ocx/sIKNPlayer.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1199221638078 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe -- End of file - 6778 bytes p.s. Heb deze logs in de normale windows mode gemaakt, of had ik deze beter in de veilige mode kunnen maken?
  • Nee gewone modus is juist goed. Helaas ( ik zou eerder willen zeggen gelukkig) zie ik geen malware of virus oid. Het moet dus haast wel software matig of hardware matig zijn. Misschien als je nog problemen hebt kan je die vraag beter in een van de twee subfora plaatsen hier op het forum.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.