Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Enorm traag en tmp0

juisterr
5 antwoorden
  • Sinds gisteren is mn computer erg traag, en gaf enkele malen zelfs een geluidsfragment bij opstarten. Ook kwam ik in mn taakbeheer het tmp0.exe file tegen wat me niet lukt om te verwijderen.
    Crapcleaner en Spybot al gedraaid en geschoond. maar het blijft zeuren.
    Mn logje;

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 7:00:51 PM, on 3/21/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    F:\DUmeter\DU Meter\DUMeter.exe
    C:\WINDOWS\CTHELPER.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    F:\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\Karels\Desktop\HiJackThis_v2.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nintendo.nl/NOE/nl_NL/club_nintendo/clubNintendoWelcome_p4.do
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [DU Meter] F:\DUmeter\DU Meter\DUMeter.exe
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] F:\Gmailnotifier\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O21 - SSODL: SrvUnknown - {831a2d9e-970a-45f9-8c29-383e6b174b0b} - C:\WINDOWS\Installer\{831a2d9e-970a-45f9-8c29-383e6b174b0b}\SrvUnknown.dll
    O21 - SSODL: zip - {f2a58d6d-afde-4d0c-acd8-9e5eebf4176b} - C:\WINDOWS\Installer\{f2a58d6d-afde-4d0c-acd8-9e5eebf4176b}\zip.dll
    O21 - SSODL: SysService - {a4237264-e54a-4096-89d1-519bd2ca7beb} - C:\WINDOWS\Installer\{a4237264-e54a-4096-89d1-519bd2ca7beb}\SysService.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NBService - Nero AG - F:\Nero 7.9.6\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


    End of file - 8339 bytes

    Aangepast, in de 1e post stond het tmp0.exe file nog in m'n taakbeheer, maar na het verwijderen van AntiViirus.exe (met Hijack) heb ik deze na enkele malen rebooten niet meer gezien, ook het geluidsfragment heb ik tot op heden niet meer gehoord.
    Hopelijk wil iemand evengoed nog m'n logje bekijken want ik blijf wel wat traag…
    :cry:
  • Schakel [b:b99bf42ad8]Spybot's TeaTimer[/b:b99bf42ad8] even uit, omdat deze de fix in de weg kan zitten:
    - Start Spybot
    - Ga naar Mode > selecteer Advanced Mode
    - Ga naar Tools en klik op het Resident-icoon in de lijst
    - Haal het vinkje weg bij Resident [b:b99bf42ad8]TeaTimer[/b:b99bf42ad8] en klik OK
    - Herstart de computer

    Download vervolgens ResetTeaTimer.bat naar je Bureaublad.
    Dubbelklik op [b:b99bf42ad8]ResetTeaTimer.bat[/b:b99bf42ad8] om alle entries in [b:b99bf42ad8] TeaTimer[/b:b99bf42ad8] te verwijderen.
    [i:b99bf42ad8]Als de computer schoon is, kun je [b:b99bf42ad8]TeaTimer[/b:b99bf42ad8] weer aan zetten [/i:b99bf42ad8]

    Je gebruikt een oude versie van HijackThis. Best dat je deze versie gebruikt: http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:b99bf42ad8]
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O21 - SSODL: SrvUnknown - {831a2d9e-970a-45f9-8c29-383e6b174b0b} - C:\WINDOWS\Installer\{831a2d9e-970a-45f9-8c29-383e6b174b0b}\SrvUnknown.dll
    O21 - SSODL: zip - {f2a58d6d-afde-4d0c-acd8-9e5eebf4176b} - C:\WINDOWS\Installer\{f2a58d6d-afde-4d0c-acd8-9e5eebf4176b}\zip.dll
    O21 - SSODL: SysService - {a4237264-e54a-4096-89d1-519bd2ca7beb} - C:\WINDOWS\Installer\{a4237264-e54a-4096-89d1-519bd2ca7beb}\SysService.dll
    [/b:b99bf42ad8]
    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.


    Download [b:b99bf42ad8]Malwarebytes' Anti-Malware[/color:b99bf42ad8][/b:b99bf42ad8] op je bureaublad.
    Dubbelklik [b:b99bf42ad8]mbam-setup.exe[/b:b99bf42ad8] en kies voor "[b:b99bf42ad8]Next[/b:b99bf42ad8]" om de tool te installeren.
    Als de installatie voltooid is zet je vinkjes bij "[b:b99bf42ad8]Update MalwareBytes' Anti-Malware[/b:b99bf42ad8]" en bij "[b:b99bf42ad8]Launch MalwareBytes' Anti-Malware[/b:b99bf42ad8]".
    Druk daarna op "[b:b99bf42ad8]Finish[/b:b99bf42ad8]".
    Kies in het hoofdscherm voor de tab "[b:b99bf42ad8]Scanner[/b:b99bf42ad8]" en selecteer het keuzerondje "[b:b99bf42ad8]Perform full scan[/b:b99bf42ad8]".
    Druk op de knop "[b:b99bf42ad8]Scan[/b:b99bf42ad8]" en zorg dat al je harde schijven/partities aangevinkt staan.
    Druk dan op de knop "[b:b99bf42ad8]Start Scan[/b:b99bf42ad8]".
    Wanneer de scan voltooid is klik je op OK, daarna op "[b:b99bf42ad8]Show Results[/b:b99bf42ad8]" om de resultaten te zien.
    Zorg ervoor dat alles aangevinkt is, klik daarna op "[b:b99bf42ad8]Remove Selected[/b:b99bf42ad8]".
    Als het programma je computer wil laten herstarten, sta je dit toe.
    Daarna opent een logje(mbam-log-XX-XX-XXXX(xx-xx-xx).txt)
    Post deze log in je volgende bericht.

    succes
  • Malwarebytes' Anti-Malware 1.09
    Database versie: 519

    Scan type: Volledige Scan (C:\|D:\|E:\|F:\|G:\|)
    Objecten gescand: 223476
    Verstreken tijd: 44 minute(s), 8 second(s)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 3
    Registersleutels geïnfecteerd: 5
    Registerwaarden geïnfecteerd: 3
    Registerdata bestanden geïnfecteerd: 0
    Mappen geïnfecteerd: 3
    Bestanden geïnfecteerd: 10

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen geïnfecteerd:
    C:\WINDOWS\Installer\{a4237264-e54a-4096-89d1-519bd2ca7beb}\SysService.dll (Trojan.Alphabet) -> Unloaded module successfully.
    C:\WINDOWS\Installer\{f2a58d6d-afde-4d0c-acd8-9e5eebf4176b}\zip.dll (Trojan.Alphabet) -> Unloaded module successfully.
    C:\WINDOWS\Installer\{831a2d9e-970a-45f9-8c29-383e6b174b0b}\SrvUnknown.dll (Trojan.Alphabet) -> Unloaded module successfully.

    Registersleutels geïnfecteerd:
    HKEY_CLASSES_ROOT\CLSID\{a4237264-e54a-4096-89d1-519bd2ca7beb} (Trojan.Alphabet) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f2a58d6d-afde-4d0c-acd8-9e5eebf4176b} (Trojan.Alphabet) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{831a2d9e-970a-45f9-8c29-383e6b174b0b} (Trojan.Alphabet) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\etlrlws.bnqk (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\etlrlws.ToolBar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SysService (Trojan.Alphabet) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\zip (Trojan.Alphabet) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SrvUnknown (Trojan.Alphabet) -> Quarantined and deleted successfully.

    Registerdata bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Mappen geïnfecteerd:
    C:\WINDOWS\Installer\{a4237264-e54a-4096-89d1-519bd2ca7beb} (Trojan.Alphabet) -> Delete on reboot.
    C:\WINDOWS\Installer\{f2a58d6d-afde-4d0c-acd8-9e5eebf4176b} (Trojan.Alphabet) -> Delete on reboot.
    C:\WINDOWS\Installer\{831a2d9e-970a-45f9-8c29-383e6b174b0b} (Trojan.Alphabet) -> Delete on reboot.

    Bestanden geïnfecteerd:
    C:\WINDOWS\Installer\{a4237264-e54a-4096-89d1-519bd2ca7beb}\SysService.dll (Trojan.Alphabet) -> Delete on reboot.
    C:\WINDOWS\Installer\{f2a58d6d-afde-4d0c-acd8-9e5eebf4176b}\zip.dll (Trojan.Alphabet) -> Delete on reboot.
    C:\WINDOWS\Installer\{831a2d9e-970a-45f9-8c29-383e6b174b0b}\SrvUnknown.dll (Trojan.Alphabet) -> Delete on reboot.
    C:\WINDOWS\rs.txt (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Program Files\antiviirus.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Program Files\tmp0.exe (Trojan.Alphabet) -> Quarantined and deleted successfully.
    C:\WINDOWS\fmsxwqs.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\WINDOWS\drnpfdxsfn.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\WINDOWS\drnpfdxwrs.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\WINDOWS\altvxvm.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:23:53 PM, on 3/22/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    F:\DUmeter\DU Meter\DUMeter.exe
    C:\WINDOWS\CTHELPER.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    F:\Gmailnotifier\Gmail Notifier\gnotify.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    F:\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    F:\Hijack\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nintendo.nl/NOE/nl_NL/club_nintendo/clubNintendoWelcome_p4.do
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [DU Meter] F:\DUmeter\DU Meter\DUMeter.exe
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] F:\Gmailnotifier\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NBService - Nero AG - F:\Nero 7.9.6\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


    End of file - 6606 bytes
  • Om herinfectie via systeemherstel te voorkomen, is het raadzaam de bestaande systeemherstelpunten te verwijderen door systeemherstel tijdelijk uit te schakelen.


    - Ga naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
    - Klik in de linkerhelft van het venster op "Instellingen van systeemherstel".
    - Zet een vinkje voor "Systeemherstel uitschakelen".
    - Klik "Toepassen".
    - Windows vraagt of je dat zeker weet.
    - Klik "Ja".
    - Klik "OK".
    - Start de pc opnieuw op.
    - Ga weer naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
    - Je krijgt de melding: "Systeemherstel is uitgeschakeld. Wilt u systeemherstel nu inschakelen?"
    - Klik "Ja".
    - Verwijder het vinkje voor "Systeemherstel uitschakelen".
    - Klik "Toepassen".
    - Klik "OK".
    - Start de pc opnieuw op
    - Er is nu een nieuw schoon herstel punt aangemaakt

    Hier nog wat tips. Beveiligings Tips

    nog meer tips


    laatste logje is schoon de trojan is weg.
  • Dat is een merkbaar verschil 8)

    Heel erg bedankt!!!!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.