Mededeling

Collapse
No announcement yet.

Traag naar internet

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Traag naar internet

    Hallo,
    M'n probleem : Pc start normaal op tot op het moment dat hij ik explorer opstart en hij dan aut. naar internet moet, dan blijft explorer een hele poos hangen om dan toch het schermpje inbelverbinding weer te geven en vervolgens probleemloos naar internet te gaan....
    ps : adsl verbinding ok


    Heb al het volgende geprobeerd..
    Geen adware gevonden (adaware se en spybot)
    geprobeerd zonder opstarten van zonealarm en avg
    Windows laten de beveiligde bestanden kontroleren (sfc /scannow)
    ccleaner.... tune-up ... msconfig opgekuisd...gedefragmenteer

    Ben een beetje ten einde raad, en daarom hier m'n logje...

    Alvast bedankt

    Ivan

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:33:38, on 19/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Belgium Identity Card\beidSystemTray.exe
    C:\Program Files\ATnotes\ATnotes.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\ZoneLabs\isafe.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Certificate Import] C:\Program Files\Belgium Identity Card\beidSystemTray.exe
    O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User '?')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
    O4 - HKUS\S-1-5-21-602162358-1606980848-1060284298-1003\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
    O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
    O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
    O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink.com/winxp/CheckDVD.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader4.cab
    O16 - DPF: {DAF94F73-2AA6-44D8-A562-A28831820D34} (Pixum EasyUploadX Control) - http://www.pixum.de/int/EasyUpload/ImgUploader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1C738F1C-B6D4-4023-B565-15E96946B25F}: NameServer = 194.119.228.67 193.74.208.135
    O17 - HKLM\System\CS1\Services\Tcpip\..\{1C738F1C-B6D4-4023-B565-15E96946B25F}: NameServer = 194.119.228.67 193.74.208.135
    O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Belgium Identity Card Service (BELGIUM_ID_CARD_SERVICE) - Zetes - C:\WINDOWS\System32\Belpic PCSC Service.exe
    O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\System32\ZoneLabs\isafe.exe
    O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 6106 bytes
    Labels: Geen
    • Citaat
  • #2
    Zie ook de oorzaak niet eigenlijk naar voren komen in je logje. Is de bekabeling in orde ? Reset de modem en de eventueel aanwezige router eens door de stroom eraf te halen.


    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.


    Download Combofix naar je Bureaublad.
    Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link, want Combofix wordt dagelijks geupdate.

    OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
    • Dubbelklik op Combofix.exe
      Volg de instructies, aanvaard de disclaimer door 1 (continue) te typen, gevolgd door ENTER.
      Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

    Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
    Plaats deze log in je volgende post samen met een nieuw HijackThis log.

    Windows 10 opstarten in Veilige Modus
    • Citaat

    Comment

    • #3
      Juisterr,

      Bedankt voor de reactie....
      Wat betreft bekabeling en model is vlgs mij alles in orde, want heb vlugge opstart adsl verbinding... ( de 2 schermpjes in opstartbalk)
      Hier alvast m'n combologje...

      ComboFix 07-12-21.4 - Ivan 2007-12-24 16:59:38.1 - NTFSx86

      Gestart vanuit: C:\Documents and Settings\Ivan\Bureaublad\ComboFix.exe
      .
      ADS - explorer.exe: deleted 68 bytes in 1 streams.

      (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\Documents and Settings\Ivan\Application Data\inst.exe

      .
      (((((((((((((((((((( Bestanden Gemaakt van 2007-11-24 to 2007-12-24 ))))))))))))))))))))))))))))))
      .

      2007-12-23 20:14 . 2007-12-23 20:14 <DIR> dr-h----- C:\Documents and Settings\Ivan\Onlangs geopend
      2007-12-22 11:22 . 2007-12-22 22:11 <DIR> d-------- C:\Program Files\FoldermarkerPro
      2007-12-19 19:18 . 2007-12-19 19:18 <DIR> d-------- C:\Program Files\Trend Micro
      2007-12-19 18:46 . 2001-08-17 21:28 771,581 --a--c--- C:\WINDOWS\system32\dllcache\winacisa.sys
      2007-12-19 18:45 . 2001-08-17 21:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
      2007-12-19 18:44 . 2001-09-06 21:27 525,568 --a--c--- C:\WINDOWS\system32\dllcache\tridxp.dll
      2007-12-19 18:43 . 2001-09-06 18:20 286,432 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
      2007-12-19 18:42 . 2001-09-06 21:26 252,032 --a--c--- C:\WINDOWS\system32\dllcache\sis300iv.dll
      2007-12-19 18:41 . 2001-09-06 21:26 386,560 --a--c--- C:\WINDOWS\system32\dllcache\sgiul50.dll
      2007-12-19 18:41 . 2001-09-06 20:49 161,760 --a--c--- C:\WINDOWS\system32\dllcache\sgsmusb.sys
      2007-12-19 18:41 . 2001-08-17 20:51 98,080 --a--c--- C:\WINDOWS\system32\dllcache\sgiulnt5.sys
      2007-12-19 18:41 . 2001-08-17 20:19 36,480 --a--c--- C:\WINDOWS\system32\dllcache\sfmanm.sys
      2007-12-19 18:41 . 2001-07-21 22:29 18,400 --a--c--- C:\WINDOWS\system32\dllcache\sgsmld.sys
      2007-12-19 18:41 . 2001-09-06 20:47 18,176 --a--c--- C:\WINDOWS\system32\dllcache\sermouse.sys
      2007-12-19 18:41 . 2001-08-17 21:52 11,648 --a--c--- C:\WINDOWS\system32\dllcache\scsiprnt.sys
      2007-12-19 18:41 . 2001-08-17 21:53 10,880 --a--c--- C:\WINDOWS\system32\dllcache\scsiscan.sys
      2007-12-19 18:41 . 2001-09-06 20:47 6,912 --a--c--- C:\WINDOWS\system32\dllcache\serscan.sys
      2007-12-19 18:41 . 2001-08-17 21:53 6,912 --a--c--- C:\WINDOWS\system32\dllcache\seaddsmc.sys
      2007-12-19 18:39 . 2001-09-06 20:29 899,594 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
      2007-12-19 18:38 . 2001-08-17 22:05 351,616 --a--c--- C:\WINDOWS\system32\dllcache\ovcodek2.sys
      2007-12-19 18:37 . 2004-08-04 00:58 2,019,840 --a--c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
      2007-12-19 18:36 . 2001-09-06 19:31 131,072 --a--c--- C:\WINDOWS\system32\dllcache\n100325.sys
      2007-12-19 18:35 . 2001-09-06 18:59 320,384 --a--c--- C:\WINDOWS\system32\dllcache\mgaum.sys
      2007-12-19 18:32 . 2001-08-17 21:28 802,683 --a--c--- C:\WINDOWS\system32\dllcache\ltsm.sys
      2007-12-19 18:31 . 2001-09-06 21:26 242,688 --a--c--- C:\WINDOWS\system32\dllcache\kdsusd.dll
      2007-12-19 18:30 . 2004-08-04 01:03 154,112 --a--c--- C:\WINDOWS\system32\dllcache\irftp.exe
      2007-12-19 18:29 . 2004-08-04 01:03 702,845 --a--c--- C:\WINDOWS\system32\dllcache\i81xdnt5.dll
      2007-12-19 18:28 . 2001-09-07 13:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
      2007-12-19 18:28 . 2001-09-07 13:00 10,096,640 --a--c--- C:\WINDOWS\system32\dllcache\hwxcht.dll
      2007-12-19 18:28 . 2001-09-06 21:26 324,608 --a--c--- C:\WINDOWS\system32\dllcache\hpojwia.dll
      2007-12-19 18:28 . 2001-09-06 21:26 165,888 --a--c--- C:\WINDOWS\system32\dllcache\hpgt53.dll
      2007-12-19 18:28 . 2001-09-06 21:26 68,608 --a--c--- C:\WINDOWS\system32\dllcache\hpgt53tk.dll
      2007-12-19 18:28 . 2001-09-06 21:26 32,768 --a--c--- C:\WINDOWS\system32\dllcache\hpgtmcro.dll
      2007-12-19 18:28 . 2001-08-17 22:07 25,952 --a--c--- C:\WINDOWS\system32\dllcache\hpn.sys
      2007-12-19 18:28 . 2001-09-06 21:26 19,456 --a--c--- C:\WINDOWS\system32\dllcache\hr1w.dll
      2007-12-19 18:28 . 2001-09-06 21:26 13,312 --a--c--- C:\WINDOWS\system32\dllcache\hpsjmcro.dll
      2007-12-19 18:28 . 2001-08-17 21:52 5,760 --a--c--- C:\WINDOWS\system32\dllcache\hpt4qic.sys
      2007-12-19 18:26 . 2001-08-17 20:15 455,680 --a--c--- C:\WINDOWS\system32\dllcache\fus2base.sys
      2007-12-19 18:26 . 2001-08-17 20:14 444,416 --a--c--- C:\WINDOWS\system32\dllcache\fpcibase.sys
      2007-12-19 18:26 . 2001-08-17 20:15 442,240 --a--c--- C:\WINDOWS\system32\dllcache\fpnpbase.sys
      2007-12-19 18:26 . 2001-08-17 20:14 441,728 --a--c--- C:\WINDOWS\system32\dllcache\fpcmbase.sys
      2007-12-19 18:26 . 2001-09-06 21:26 72,192 --a--c--- C:\WINDOWS\system32\dllcache\fnfilter.dll
      2007-12-19 18:26 . 2004-08-03 22:31 34,173 --a--c--- C:\WINDOWS\system32\dllcache\forehe.sys
      2007-12-19 18:26 . 2001-08-17 20:13 27,165 --a--c--- C:\WINDOWS\system32\dllcache\fetnd5.sys
      2007-12-19 18:26 . 2001-08-17 20:10 22,090 --a--c--- C:\WINDOWS\system32\dllcache\fem556n5.sys
      2007-12-19 17:49 . 2001-09-06 19:54 634,198 --a--c--- C:\WINDOWS\system32\dllcache\el656ct5.sys
      2007-12-19 17:48 . 2001-08-17 20:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys
      2007-12-19 17:47 . 2001-09-06 18:59 980,034 --a--c--- C:\WINDOWS\system32\dllcache\cicap.sys
      2007-12-19 17:46 . 2001-09-06 18:55 715,146 --a--c--- C:\WINDOWS\system32\dllcache\cbmdmkxx.sys
      2007-12-19 17:45 . 2001-08-17 21:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\bcmdm.sys
      2007-12-19 17:44 . 2001-09-06 21:26 382,592 --a--c--- C:\WINDOWS\system32\dllcache\atidrab.dll
      2007-12-19 17:43 . 2001-08-17 21:28 762,780 --a--c--- C:\WINDOWS\system32\dllcache\3cwmcru.sys
      2007-12-19 15:15 . 2005-08-09 20:10 110,592 --a------ C:\WINDOWS\system32\usbr38.dll
      2007-12-19 15:15 . 2006-03-24 19:14 33,536 --a------ C:\WINDOWS\system32\drivers\a38usb.sys

      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2007-12-24 15:56 --------- d-----w C:\Documents and Settings\Ivan\Application Data\MailWasherPro
      2007-12-23 19:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2007-12-23 16:46 6,144 --sha-w C:\Program Files\Thumbs.db
      2007-12-23 13:12 --------- d-----w C:\Documents and Settings\Ivan\Application Data\XnView
      2007-12-22 21:11 59 --sh--w C:\Program Files\Desktop.ini
      2007-12-22 21:11 2,238 --sh--w C:\Program Files\FolderMarker.ico
      2007-12-22 18:32 --------- d-----w C:\Documents and Settings\Ivan\Application Data\AVG7
      2007-12-19 21:36 --------- d-----w C:\Documents and Settings\Yvonne\Application Data\XnView
      2007-12-08 10:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
      2007-11-15 09:16 --------- d-----w C:\Program Files\Wondershare dvd burner
      2007-11-12 14:47 --------- d-----w C:\Program Files\HardCopy Pro
      2007-11-12 14:33 --------- d-----w C:\Program Files\Google
      2007-11-12 13:17 47,360 ----a-w C:\Documents and Settings\Ivan\Application Data\pcouffin.sys
      2007-11-12 13:17 --------- d-----w C:\Program Files\vso
      2007-11-12 13:17 --------- d-----w C:\Documents and Settings\Ivan\Application Data\Vso
      2007-11-12 09:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\vsosdk
      2007-11-12 09:04 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
      2007-11-11 19:48 --------- d-----w C:\Program Files\CD Labes disigner
      2007-11-09 19:54 --------- d-----w C:\Program Files\TNT Screen Capture
      2007-11-09 19:54 --------- d-----w C:\Program Files\TCP VIEW
      2007-11-09 19:54 --------- d-----w C:\Program Files\Microsoft Picture It!
      2007-11-09 19:54 --------- d-----w C:\Program Files\IrfanView
      2007-11-08 20:20 --------- d-----w C:\Program Files\Free Audio Pack
      2007-11-08 14:30 --------- d-----w C:\Program Files\Ahead
      2007-11-06 17:28 --------- d-----w C:\Program Files\TuneUp Utilities 2007
      2007-11-04 12:33 --------- d-----w C:\Program Files\Incomplete
      2007-11-04 12:32 --------- d-----w C:\Documents and Settings\Vanessa\Application Data\LimeWire
      2007-11-04 12:30 --------- d-----w C:\Program Files\LimeWire
      2007-11-04 12:18 79,336 ----a-w C:\Documents and Settings\Vanessa\Application Data\GDIPFONTCACHEV1.DAT
      2007-11-01 07:00 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
      2007-10-29 10:57 --------- d-----w C:\Documents and Settings\Yvonne\Application Data\MSN6
      2007-10-29 10:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\MSN6
      2007-10-24 16:36 --------- d-----w C:\Program Files\Clone terminator
      2007-10-10 17:57 108,544 ------w C:\WINDOWS\system32\pxcpyi64.exe
      2007-07-15 16:46 1,733,044 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
      2007-01-25 19:43 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLea.DAT
      2007-01-25 19:23 44,376 ----a-w C:\Documents and Settings\Ivan\Application Data\GDIPFONTCACHEV1.DAT
      2006-07-28 16:42 151,112 ----a-w C:\Documents and Settings\Ivan\mok32.exe
      2006-06-20 18:18 18,784 ----a-w C:\Documents and Settings\Yvonne\Application Data\GDIPFONTCACHEV1.DAT
      2001-02-23 07:38 3,794 ----a-w C:\Program Files\readme.txt
      2001-01-02 12:28 127,705 ----a-w C:\Program Files\favo_src.zip
      2001-01-02 12:10 383,669 ----a-w C:\Program Files\Setup.exe
      2000-06-02 13:18 6,302 ----a-w C:\Program Files\license.txt
      .

      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ATnotes.exe"="C:\Program Files\ATnotes\ATnotes.exe" [2005-01-05 14:45]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2004-06-16 04:48]
      "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-10-28 08:56]
      "AME_CSA"="amecsa.cpl" [2002-07-11 14:38 C:\WINDOWS\system32\AmeCSA.cpl]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 01:03]
      "AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2007-10-28 08:57]

      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
      Notification Packages REG_MULTI_SZ :\WINDOWS\syste

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Color Calibration.lnk]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^MagicTune 3.6.lnk]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^NkbMonitor.exe.lnk]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Pinnacle Scheduler.lnk]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Certificate Import]
      2005-10-09 09:25 143360 --a------ C:\Program Files\Belgium Identity Card\beidSystemTray.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
      2001-12-19 23:29 196608 --a------ C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ImInstaller_IncrediMail]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\implib]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Machinex]
      omgs.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
      C:\Program Files\Messenger\msmsgs.exe /background

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
      2001-07-09 11:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
      C:\Program Files\QuickTime\qttask.exe -atboottime

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGEDIT]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UninstalTime]
      chkdisk.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows MS Update 32]
      sucker.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
      "usnjsvc"=3 (0x3)

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"


      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      UxTuneUp

      *Newly Created Service* - CATCHME
      *Newly Created Service* - PROCEXP90
      .
      Inhoud van de 'Gedeelde Taken' map
      "2007-08-03 15:17:00 C:\WINDOWS\Tasks\Easy Onderhoud.job"
      - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
      .
      **************************************************************************

      catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2007-12-24 17:05:18
      Windows 5.1.2600 Service Pack 2 NTFS

      scannen van verborgen processen ...

      scannen van verborgen autostart items ...

      scannen van verborgen bestanden ...

      **************************************************************************
      .
      Voltooingstijd: 2007-12-24 17:08:08
      C:\ComboFix2.txt ... 2006-09-04 15:37


      en de HijackThis log...

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 17:21:36, on 24/12/2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      C:\WINDOWS\System32\ZoneLabs\isafe.exe
      C:\WINDOWS\system32\crypserv.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\ZoneLabs\vsmon.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\ATnotes\ATnotes.exe
      C:\Program Files\Outlook Express\msimn.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\WINDOWS\system32\NOTEPAD.EXE
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
      O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
      O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
      O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User '?')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
      O4 - HKUS\S-1-5-21-602162358-1606980848-1060284298-1003\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe (User '?')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
      O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
      O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
      O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
      O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
      O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
      O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
      O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
      O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink.com/winxp/CheckDVD.cab
      O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader4.cab
      O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.be/ImageUploader4.cab
      O16 - DPF: {DAF94F73-2AA6-44D8-A562-A28831820D34} (Pixum EasyUploadX Control) - http://www.pixum.de/int/EasyUpload/ImgUploader.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{1C738F1C-B6D4-4023-B565-15E96946B25F}: NameServer = 194.119.228.67 193.74.208.135
      O17 - HKLM\System\CS1\Services\Tcpip\..\{1C738F1C-B6D4-4023-B565-15E96946B25F}: NameServer = 194.119.228.67 193.74.208.135
      O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      O23 - Service: Belgium Identity Card Service (BELGIUM_ID_CARD_SERVICE) - Zetes - C:\WINDOWS\System32\Belpic PCSC Service.exe
      O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\System32\ZoneLabs\isafe.exe
      O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

      --
      End of file - 5970 bytes


      Alvast bedankt en nog prettige eindejaarsfeesten...

      Ivan
      • Citaat

      Comment

      • #4
        Logjes zien er schoon uit, probeer onderstaande even.

        Leeg je Temp-mappen (Let op : de mappen leegmaken, niet verwijderen !!):


        Open de verkenner ("Mijn Computer") en kies Extra -> Mapopties...
        Controleer onder Weergave de volgende instellingen:

        Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen)
        Uitzetten: Extensies voor bekende bestandstypen verbergen

        Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP)
        Selecteer: Verborgen bestanden en mappen weergeven

        C:\Windows\Temp
        C:\Documents and Settings\<user>\Local Settings\Temp
        C:\Documents and Settings\<user>\Local Settings\Temporary Internet Files
        C:\Documents and Settings\<user>\Local Settings\Temporary Internet Files\content.ie5
        <user> staat hier voor je profielnaam !!
        Als de laatste map niet wordt weergegeven, ga dan naar de map Temporary Internet Files en type er \content.ie5 achter in de adresbalk en klik enter.

        Maak je prullenbak leeg.

        vertel even hoe het nu gaat.

        Windows 10 opstarten in Veilige Modus
        • Citaat

        Comment

        • #5
          Juisterr,

          Het gaat nu al een flink stuk beter na uw raadgevingen, heb ook de pc teruggezet naar een herstelpunt uit november, waardoor het ook nog een stukje verbeterd is......
          Hiemede nogmaals m'n dank en zal de topic afsluiten....

          Groeten

          Ivan
          • Citaat

          Comment

          • #6
            Heel fijn, fijne feestdagen en happy surfing.

            Windows 10 opstarten in Veilige Modus
            • Citaat

            Comment

            Vorige template Volgende
            Sorry, you are not authorized to view this page
            Working...
            X