Vraag & Antwoord

Beveiliging & privacy

Enorm traag en tmp0

Anoniem
juisterr
5 antwoorden
 • Sinds gisteren is mn computer erg traag, en gaf enkele malen zelfs een geluidsfragment bij opstarten. Ook kwam ik in mn taakbeheer het tmp0.exe file tegen wat me niet lukt om te verwijderen.
  Crapcleaner en Spybot al gedraaid en geschoond. maar het blijft zeuren.
  Mn logje;

  Logfile of Trend Micro HijackThis v2.0.0 (BETA)
  Scan saved at 7:00:51 PM, on 3/21/2008
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  Boot mode: Normal

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
  C:\Program Files\Alwil Software\Avast4\ashServ.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\Explorer.EXE
  F:\DUmeter\DU Meter\DUMeter.exe
  C:\WINDOWS\CTHELPER.EXE
  C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
  C:\Program Files\Common Files\Real\Update_OB\realsched.exe
  C:\Program Files\iTunes\iTunesHelper.exe
  C:\WINDOWS\system32\RUNDLL32.EXE
  C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
  C:\WINDOWS\system32\ctfmon.exe
  F:\Spybot - Search & Destroy\TeaTimer.exe
  C:\Program Files\Google\Google Updater\GoogleUpdater.exe
  C:\Program Files\Logitech\SetPoint\SetPoint.exe
  C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
  C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  C:\WINDOWS\system32\nvsvc32.exe
  C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
  C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
  C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
  C:\Program Files\iPod\bin\iPodService.exe
  C:\Program Files\Mozilla Firefox\firefox.exe
  C:\Program Files\iTunes\iTunes.exe
  C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
  C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
  C:\WINDOWS\system32\svchost.exe
  C:\Documents and Settings\Karels\Desktop\HiJackThis_v2.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nintendo.nl/NOE/nl_NL/club_nintendo/clubNintendoWelcome_p4.do
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
  O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\SPYBOT~1\SDHelper.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
  O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
  O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
  O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
  O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
  O4 - HKLM\..\Run: [DU Meter] F:\DUmeter\DU Meter\DUMeter.exe
  O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
  O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
  O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
  O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] F:\Gmailnotifier\Gmail Notifier\gnotify.exe
  O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
  O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
  O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
  O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Spybot - Search & Destroy\TeaTimer.exe
  O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
  O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
  O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\SPYBOT~1\SDHelper.dll
  O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\SPYBOT~1\SDHelper.dll
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
  O21 - SSODL: SrvUnknown - {831a2d9e-970a-45f9-8c29-383e6b174b0b} - C:\WINDOWS\Installer\{831a2d9e-970a-45f9-8c29-383e6b174b0b}\SrvUnknown.dll
  O21 - SSODL: zip - {f2a58d6d-afde-4d0c-acd8-9e5eebf4176b} - C:\WINDOWS\Installer\{f2a58d6d-afde-4d0c-acd8-9e5eebf4176b}\zip.dll
  O21 - SSODL: SysService - {a4237264-e54a-4096-89d1-519bd2ca7beb} - C:\WINDOWS\Installer\{a4237264-e54a-4096-89d1-519bd2ca7beb}\SysService.dll
  O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
  O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
  O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
  O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
  O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
  O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
  O23 - Service: NBService - Nero AG - F:\Nero 7.9.6\Nero 7\Nero BackItUp\NBService.exe
  O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
  O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
  O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


  End of file - 8339 bytes

  Aangepast, in de 1e post stond het tmp0.exe file nog in m'n taakbeheer, maar na het verwijderen van AntiViirus.exe (met Hijack) heb ik deze na enkele malen rebooten niet meer gezien, ook het geluidsfragment heb ik tot op heden niet meer gehoord.
  Hopelijk wil iemand evengoed nog m'n logje bekijken want ik blijf wel wat traag…
  :cry:
 • Schakel [b:b99bf42ad8]Spybot's TeaTimer[/b:b99bf42ad8] even uit, omdat deze de fix in de weg kan zitten:
  - Start Spybot
  - Ga naar Mode > selecteer Advanced Mode
  - Ga naar Tools en klik op het Resident-icoon in de lijst
  - Haal het vinkje weg bij Resident [b:b99bf42ad8]TeaTimer[/b:b99bf42ad8] en klik OK
  - Herstart de computer

  Download vervolgens ResetTeaTimer.bat naar je Bureaublad.
  Dubbelklik op [b:b99bf42ad8]ResetTeaTimer.bat[/b:b99bf42ad8] om alle entries in [b:b99bf42ad8] TeaTimer[/b:b99bf42ad8] te verwijderen.
  [i:b99bf42ad8]Als de computer schoon is, kun je [b:b99bf42ad8]TeaTimer[/b:b99bf42ad8] weer aan zetten [/i:b99bf42ad8]

  Je gebruikt een oude versie van HijackThis. Best dat je deze versie gebruikt: http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

  Start Hijackthis op en kies voor 'Do a system scan only'
  Selecteer alleen de items die hieronder zijn genoemd:
  [b:b99bf42ad8]
  O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
  O21 - SSODL: SrvUnknown - {831a2d9e-970a-45f9-8c29-383e6b174b0b} - C:\WINDOWS\Installer\{831a2d9e-970a-45f9-8c29-383e6b174b0b}\SrvUnknown.dll
  O21 - SSODL: zip - {f2a58d6d-afde-4d0c-acd8-9e5eebf4176b} - C:\WINDOWS\Installer\{f2a58d6d-afde-4d0c-acd8-9e5eebf4176b}\zip.dll
  O21 - SSODL: SysService - {a4237264-e54a-4096-89d1-519bd2ca7beb} - C:\WINDOWS\Installer\{a4237264-e54a-4096-89d1-519bd2ca7beb}\SysService.dll
  [/b:b99bf42ad8]
  Sluit alle vensters behalve Hijackthis
  Klik op 'Fix checked' om de items te verwijderen.


  Download [b:b99bf42ad8] op je bureaublad.
  Dubbelklik [b:b99bf42ad8]mbam-setup.exe[/b:b99bf42ad8] en kies voor "[b:b99bf42ad8]Next[/b:b99bf42ad8]" om de tool te installeren.
  Als de installatie voltooid is zet je vinkjes bij "[b:b99bf42ad8]Update MalwareBytes' Anti-Malware[/b:b99bf42ad8]" en bij "[b:b99bf42ad8]Launch MalwareBytes' Anti-Malware[/b:b99bf42ad8]".
  Druk daarna op "[b:b99bf42ad8]Finish[/b:b99bf42ad8]".
  Kies in het hoofdscherm voor de tab "[b:b99bf42ad8]Scanner[/b:b99bf42ad8]" en selecteer het keuzerondje "[b:b99bf42ad8]Perform full scan[/b:b99bf42ad8]".
  Druk op de knop "[b:b99bf42ad8]Scan[/b:b99bf42ad8]" en zorg dat al je harde schijven/partities aangevinkt staan.
  Druk dan op de knop "[b:b99bf42ad8]Start Scan[/b:b99bf42ad8]".
  Wanneer de scan voltooid is klik je op OK, daarna op "[b:b99bf42ad8]Show Results[/b:b99bf42ad8]" om de resultaten te zien.
  Zorg ervoor dat alles aangevinkt is, klik daarna op "[b:b99bf42ad8]Remove Selected[/b:b99bf42ad8]".
  Als het programma je computer wil laten herstarten, sta je dit toe.
  Daarna opent een logje(mbam-log-XX-XX-XXXX(xx-xx-xx).txt)
  Post deze log in je volgende bericht.

  succes
 • Malwarebytes' Anti-Malware 1.09
  Database versie: 519

  Scan type: Volledige Scan (C:\|D:\|E:\|F:\|G:\|)
  Objecten gescand: 223476
  Verstreken tijd: 44 minute(s), 8 second(s)

  Geheugenprocessen geïnfecteerd: 0
  Geheugenmodulen geïnfecteerd: 3
  Registersleutels geïnfecteerd: 5
  Registerwaarden geïnfecteerd: 3
  Registerdata bestanden geïnfecteerd: 0
  Mappen geïnfecteerd: 3
  Bestanden geïnfecteerd: 10

  Geheugenprocessen geïnfecteerd:
  (Geen kwaadaardige items gevonden)

  Geheugenmodulen geïnfecteerd:
  C:\WINDOWS\Installer\{a4237264-e54a-4096-89d1-519bd2ca7beb}\SysService.dll (Trojan.Alphabet) -> Unloaded module successfully.
  C:\WINDOWS\Installer\{f2a58d6d-afde-4d0c-acd8-9e5eebf4176b}\zip.dll (Trojan.Alphabet) -> Unloaded module successfully.
  C:\WINDOWS\Installer\{831a2d9e-970a-45f9-8c29-383e6b174b0b}\SrvUnknown.dll (Trojan.Alphabet) -> Unloaded module successfully.

  Registersleutels geïnfecteerd:
  HKEY_CLASSES_ROOT\CLSID\{a4237264-e54a-4096-89d1-519bd2ca7beb} (Trojan.Alphabet) -> Quarantined and deleted successfully.
  HKEY_CLASSES_ROOT\CLSID\{f2a58d6d-afde-4d0c-acd8-9e5eebf4176b} (Trojan.Alphabet) -> Quarantined and deleted successfully.
  HKEY_CLASSES_ROOT\CLSID\{831a2d9e-970a-45f9-8c29-383e6b174b0b} (Trojan.Alphabet) -> Quarantined and deleted successfully.
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\etlrlws.bnqk (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\etlrlws.ToolBar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

  Registerwaarden geïnfecteerd:
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SysService (Trojan.Alphabet) -> Quarantined and deleted successfully.
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\zip (Trojan.Alphabet) -> Quarantined and deleted successfully.
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SrvUnknown (Trojan.Alphabet) -> Quarantined and deleted successfully.

  Registerdata bestanden geïnfecteerd:
  (Geen kwaadaardige items gevonden)

  Mappen geïnfecteerd:
  C:\WINDOWS\Installer\{a4237264-e54a-4096-89d1-519bd2ca7beb} (Trojan.Alphabet) -> Delete on reboot.
  C:\WINDOWS\Installer\{f2a58d6d-afde-4d0c-acd8-9e5eebf4176b} (Trojan.Alphabet) -> Delete on reboot.
  C:\WINDOWS\Installer\{831a2d9e-970a-45f9-8c29-383e6b174b0b} (Trojan.Alphabet) -> Delete on reboot.

  Bestanden geïnfecteerd:
  C:\WINDOWS\Installer\{a4237264-e54a-4096-89d1-519bd2ca7beb}\SysService.dll (Trojan.Alphabet) -> Delete on reboot.
  C:\WINDOWS\Installer\{f2a58d6d-afde-4d0c-acd8-9e5eebf4176b}\zip.dll (Trojan.Alphabet) -> Delete on reboot.
  C:\WINDOWS\Installer\{831a2d9e-970a-45f9-8c29-383e6b174b0b}\SrvUnknown.dll (Trojan.Alphabet) -> Delete on reboot.
  C:\WINDOWS\rs.txt (Malware.Trace) -> Quarantined and deleted successfully.
  C:\Program Files\antiviirus.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
  C:\Program Files\tmp0.exe (Trojan.Alphabet) -> Quarantined and deleted successfully.
  C:\WINDOWS\fmsxwqs.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  C:\WINDOWS\drnpfdxsfn.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  C:\WINDOWS\drnpfdxwrs.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  C:\WINDOWS\altvxvm.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 12:23:53 PM, on 3/22/2008
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v7.00 (7.00.6000.16608)
  Boot mode: Normal

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
  C:\Program Files\Alwil Software\Avast4\ashServ.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\Explorer.EXE
  F:\DUmeter\DU Meter\DUMeter.exe
  C:\WINDOWS\CTHELPER.EXE
  C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
  F:\Gmailnotifier\Gmail Notifier\gnotify.exe
  C:\Program Files\Common Files\Real\Update_OB\realsched.exe
  C:\WINDOWS\system32\RUNDLL32.EXE
  C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
  C:\WINDOWS\system32\ctfmon.exe
  F:\Spybot - Search & Destroy\TeaTimer.exe
  C:\Program Files\Logitech\SetPoint\SetPoint.exe
  C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
  C:\WINDOWS\system32\nvsvc32.exe
  C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
  C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
  C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
  C:\Program Files\Mozilla Firefox\firefox.exe
  F:\Hijack\HijackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nintendo.nl/NOE/nl_NL/club_nintendo/clubNintendoWelcome_p4.do
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
  O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\SPYBOT~1\SDHelper.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
  O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
  O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
  O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
  O4 - HKLM\..\Run: [DU Meter] F:\DUmeter\DU Meter\DUMeter.exe
  O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
  O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
  O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
  O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] F:\Gmailnotifier\Gmail Notifier\gnotify.exe
  O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
  O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Spybot - Search & Destroy\TeaTimer.exe
  O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
  O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\SPYBOT~1\SDHelper.dll
  O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\SPYBOT~1\SDHelper.dll
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
  O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
  O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
  O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
  O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
  O23 - Service: NBService - Nero AG - F:\Nero 7.9.6\Nero 7\Nero BackItUp\NBService.exe
  O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
  O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
  O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


  End of file - 6606 bytes
 • Om herinfectie via systeemherstel te voorkomen, is het raadzaam de bestaande systeemherstelpunten te verwijderen door systeemherstel tijdelijk uit te schakelen.


  - Ga naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
  - Klik in de linkerhelft van het venster op "Instellingen van systeemherstel".
  - Zet een vinkje voor "Systeemherstel uitschakelen".
  - Klik "Toepassen".
  - Windows vraagt of je dat zeker weet.
  - Klik "Ja".
  - Klik "OK".
  - Start de pc opnieuw op.
  - Ga weer naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
  - Je krijgt de melding: "Systeemherstel is uitgeschakeld. Wilt u systeemherstel nu inschakelen?"
  - Klik "Ja".
  - Verwijder het vinkje voor "Systeemherstel uitschakelen".
  - Klik "Toepassen".
  - Klik "OK".
  - Start de pc opnieuw op
  - Er is nu een nieuw schoon herstel punt aangemaakt

  Hier nog wat tips. Beveiligings Tips

  nog meer tips


  laatste logje is schoon de trojan is weg.
 • Dat is een merkbaar verschil 8)

  Heel erg bedankt!!!!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.