Mededeling

Collapse
No announcement yet.

Pc soms erg traag en instabiel

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Pc soms erg traag en instabiel

    Goedemiddag,

    Specs systeem:
    Pentium IV D805 2,8 Ghz
    1 gb intern geheugen (geloof DDR-II)
    250 GB harddisk

    Ik probeer mijn PC zo schoon en snel mogelijk te houden door zo weinig mogelijk onzin te laten opstarten met windows (via msconfig of services)

    Sinds enige tijd is mijn pc soms ERG traag. AVG blijft dan op 50% cpu hangen bij elke actie die ik van hem vraag.
    Hierop heb ik AVG opnieuw geïnstalleerd, maar het probleem blijft.
    Hierop AVG gedeïnstalleerd en Avira geïnstalleerd. Dit werkt beter.
    Soms is ook mijn outlook (Office2007) ERG traag, en nu mis ik ineens mijn leesvenster (het blijft blauw)
    Daarnaast knalt mijn pc met het spelen van Call of Duty 2 regelmatig terug naar desktop, zonder aanwijsbare reden.

    Kortom: ik verdenk mijn pc ervan besmet te zijn en daarom heb ik Hijackthis gedownload en een log gemaakt:


    Kan iemand die hier verstand van heeft er even naar kijken?

    Log:
    Logfile of HijackThis v1.99.1
    Scan saved at 13:38:15, on 8-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\smax4.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Pinnacle\PCTV USB2\Remote\remoterm.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Microsoft office 2007\Office12\OUTLOOK.EXE
    C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\BitComet\tools\BitCometBHO_1.1.3.28.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: SysShield IE Popup Blocker - {9A23B8A4-C6C9-4A68-8FA6-5F905DC8FF80} - D:\Archieven\eraser\Internet Eraser\pkext.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: AbsoluteShield - {EE9DD090-902D-4623-9360-FB7D8666202B} - D:\Archieven\eraser\Internet Eraser\AbsoluteBar.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [PCTVUSB2Remote] C:\Program Files\Pinnacle\PCTV USB2\Remote\remoterm.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Pinnacle Scheduler.lnk = ?
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {32C11E38-E587-4BE9-9ABB-D69158C21CE5} (Moonlight MPEG-4 Video Decoder) - http://hoefweg.axiscam.net/activex/decoder/mpeg4_dec.cab
    O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader4.cab
    O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    Ik ben erg benieuwd
    Labels: Geen
    • Citaat
  • #2
    Vanmiddag heb ik het een en ander gedownload en geinstalleerd. Daarnaast zag ik dat er een nieuwere versie van HJT was dan ik gebruikte.

    Dus hierna heb ik een nieuwe log gemaakt, zie hieronder:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:28:41, on 8-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Analog Devices\SoundMAX\smax4.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Pinnacle\PCTV USB2\Remote\remoterm.exe
    C:\Program Files\ZoneAlarm\zlclient.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\Adware\aawservice.exe
    C:\Program Files\Microsoft office 2007\Office12\OUTLOOK.EXE
    C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmjb.exe
    C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
    C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_director.exe
    C:\PROGRA~1\MUSICM~1\MUSICM~2\MM_TDM~1.EXE
    C:\Program Files\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\BitComet\tools\BitCometBHO_1.1.3.28.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: SysShield IE Popup Blocker - {9A23B8A4-C6C9-4A68-8FA6-5F905DC8FF80} - D:\Archieven\eraser\Internet Eraser\pkext.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: AbsoluteShield - {EE9DD090-902D-4623-9360-FB7D8666202B} - D:\Archieven\eraser\Internet Eraser\AbsoluteBar.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [PCTVUSB2Remote] C:\Program Files\Pinnacle\PCTV USB2\Remote\remoterm.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Pinnacle Scheduler.lnk = ?
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
    O16 - DPF: {32C11E38-E587-4BE9-9ABB-D69158C21CE5} (Moonlight MPEG-4 Video Decoder) - http://hoefweg.axiscam.net/activex/decoder/mpeg4_dec.cab
    O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader4.cab
    O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Adware\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 8050 bytes
    Last edited by Error; 08-01-08, 18:33. Reden: nieuwere versie HJT
    • Citaat

    Comment

    • #3
      Het hijackthislogje vertoont geen rare dingen.

      Download combofix.exe: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
      Plaats het op je bureaublad.
      Dubbelklik er op om het programma te starten.
      In het scherm dat verschijnt tik je een 1 in om het cleaning- en analysesproces te laten uitvoeren.
      Volg de instructies op het scherm.
      Als het tooltje klaar is, opent er een logfile (combofix.txt).
      Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.
      • Citaat

      Comment

      • #4
        Combofix-log:

        ComboFix 08-01-09.2 - Prive 2008-01-09 13:51:30.1 - NTFSx86
        Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.464 [GMT 1:00]
        Gestart vanuit: C:\Documents and Settings\Prive\Bureaublad\ComboFix.exe
        * Nieuw herstelpunt werd aangemaakt
        .

        (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
        .

        C:\Documents and Settings\Prive\Application Data\macromedia\Flash Player\#SharedObjects\YM7DXD5C\iforex.com
        C:\Documents and Settings\Prive\Application Data\macromedia\Flash Player\#SharedObjects\YM7DXD5C\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
        C:\Documents and Settings\Prive\Application Data\macromedia\Flash Player\#SharedObjects\YM7DXD5C\www.broadcaster.com
        C:\Documents and Settings\Prive\Application Data\macromedia\Flash Player\#SharedObjects\YM7DXD5C\www.broadcaster.com\played_list.sol
        C:\Documents and Settings\Prive\Application Data\macromedia\Flash Player\#SharedObjects\YM7DXD5C\www.broadcaster.com\video_queue.sol
        C:\Documents and Settings\Prive\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
        C:\Documents and Settings\Prive\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol
        C:\Documents and Settings\Prive\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
        C:\Documents and Settings\Prive\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol

        .
        (((((((((((((((((((( Bestanden Gemaakt van 2007-12-09 to 2008-01-09 ))))))))))))))))))))))))))))))
        .

        2008-01-09 13:50 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
        2008-01-09 09:45 . 2008-01-09 09:45 <DIR> d-------- C:\WINDOWS\LastGood
        2008-01-08 19:28 . 2008-01-08 19:28 <DIR> d-------- C:\Program Files\Trend Micro
        2008-01-08 16:07 . 2008-01-08 16:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
        2008-01-08 14:36 . 2008-01-09 13:54 9,437,216 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
        2008-01-08 14:36 . 2008-01-08 14:36 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
        2008-01-08 14:32 . 2008-01-08 14:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
        2008-01-08 14:31 . 2008-01-09 13:49 <DIR> d-------- C:\WINDOWS\Internet Logs
        2008-01-08 14:29 . 2008-01-08 14:34 <DIR> d-------- C:\Program Files\Zonealarm
        2008-01-08 14:06 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
        2008-01-08 14:01 . 2008-01-08 14:07 <DIR> d-------- C:\Program Files\Spywareblaster
        2008-01-04 21:09 . 2008-01-04 21:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
        2008-01-04 21:04 . 2008-01-04 21:09 <DIR> d-------- C:\Program Files\Avira
        2007-12-29 17:49 . 2007-12-29 17:49 63 --a------ C:\WINDOWS\PixieTool.INI
        2007-12-29 17:13 . 1998-11-02 20:57 196,096 --------- C:\WINDOWS\system32\MACD32.DLL
        2007-12-29 17:13 . 1998-11-02 20:57 138,752 --------- C:\WINDOWS\system32\MASE32.DLL
        2007-12-29 17:13 . 1998-11-02 20:57 136,192 --------- C:\WINDOWS\system32\MAMC32.DLL
        2007-12-29 17:13 . 1998-11-02 20:57 57,856 --------- C:\WINDOWS\system32\MASD32.DLL
        2007-12-29 17:13 . 2004-02-16 16:56 49,152 --------- C:\WINDOWS\system32\PCLEGetGuid.dll
        2007-12-29 17:13 . 1998-11-02 20:57 27,648 --------- C:\WINDOWS\system32\MA32.DLL
        2007-12-29 17:13 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
        2007-12-29 17:13 . 2004-08-03 22:58 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys
        2007-12-29 17:11 . 2002-01-05 14:48 974,848 --------- C:\WINDOWS\system32\MFC70.DLL
        2007-12-29 17:10 . 2008-01-08 19:30 <DIR> d-------- C:\Program Files\Pinnacle
        2007-12-29 17:10 . 2007-12-29 17:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
        2007-12-27 15:03 . 2007-12-27 15:03 258 --a------ C:\WINDOWS\game.ini
        2007-12-27 14:52 . 2007-12-27 14:52 <DIR> d--hs---- C:\WINDOWS\ftpcache
        2007-12-17 19:39 . 2007-12-17 19:39 <DIR> d-------- C:\Documents and Settings\Prive\WINDOWS
        2007-12-17 19:39 . 1997-06-02 12:32 314,880 --a------ C:\WINDOWS\IsUninst.exe
        2007-12-17 19:26 . 2007-12-17 19:38 47,104 --a------ C:\WINDOWS\system32\KMVIDC32.DLL
        2007-12-14 13:25 . 2007-12-14 13:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\UDL
        2007-12-14 13:23 . 2007-12-14 13:23 <DIR> d-------- C:\Program Files\ABBYY FineReader 6.0 Sprint
        2007-12-14 13:20 . 2007-12-14 13:20 <DIR> d-------- C:\Documents and Settings\Prive\Application Data\InstallShield
        2007-12-14 13:19 . 2007-12-14 13:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Epson
        2007-12-14 13:19 . 2006-12-08 03:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCDE.DLL
        2007-12-14 13:19 . 2006-04-19 03:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCDE.DLL
        2007-12-14 13:19 . 2004-09-10 21:12 49,152 --a------ C:\WINDOWS\system32\E_DCINST.DLL
        2007-12-14 13:18 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
        2007-12-14 13:18 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
        2007-12-14 13:18 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
        2007-12-14 13:18 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
        2007-12-14 13:17 . 2007-12-14 13:17 25 --a------ C:\WINDOWS\CDE DX7400DEFGIPS.ini
        2007-12-14 13:16 . 2007-12-14 13:24 <DIR> d-------- C:\Program Files\Epson
        2007-12-14 13:16 . 2007-03-27 00:00 67,072 --a------ C:\WINDOWS\system32\escwiad.dll

        .
        ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2008-01-08 15:07 --------- d-----w C:\Program Files\Adware
        2008-01-08 15:06 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
        2008-01-04 20:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg7
        2008-01-04 10:02 --------- d-----w C:\Documents and Settings\Prive\Application Data\AVG7
        2007-12-29 16:11 --------- d--h--w C:\Program Files\InstallShield Installation Information
        2007-12-26 14:29 --------- d-----w C:\Documents and Settings\Prive\Application Data\U3
        2007-12-14 12:27 --------- d-----w C:\Program Files\Common Files\InstallShield
        2007-12-12 21:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
        2007-11-14 15:05 75,248 ----a-w C:\WINDOWS\zllsputility.exe
        2007-11-14 15:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
        2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
        2007-10-29 22:41 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
        2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
        2007-05-07 08:44 47 --sh--r C:\Program Files\Common Files\desSktop.ini
        .

        ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        REGEDIT4
        *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-06 10:25 67128]
        "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-02 13:00 15360]
        "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 21:53 204288]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 14:21 61952 C:\WINDOWS\system32\HdAShCut.exe]
        "JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-04-06 22:00 385024]
        "SoundMax"="C:\Program Files\Analog Devices\SoundMAX\smax4.exe" [2005-09-07 14:35 716800]
        "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 10:11 925696]
        "avgnt"="C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-04 21:10 249896]
        "PCTVUSB2Remote"="C:\Program Files\Pinnacle\PCTV USB2\Remote\remoterm.exe" [2004-04-20 17:33 61440]
        "ZoneAlarm Client"="C:\Program Files\ZoneAlarm\zlclient.exe" [2007-11-14 16:05 919016]

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
        "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-02 13:00 15360]

        C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
        Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-03-06 10:25:52]
        Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2006-07-15 20:02:08]
        Pinnacle Scheduler.lnk - C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe [2007-12-29 17:11:40]

        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
        "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
        "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
        "DisableStatusMessages"= 1 (0x1)

        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
        "AllowLegacyWebView"= 1 (0x1)
        "AllowUnhashedWebView"= 1 (0x1)

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
        "NoSMMyPictures"= 1 (0x1)

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AAWTray]

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
        --a------ 2007-03-22 15:09 63712 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
        --a------ 2007-10-10 19:51 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
        --a------ 2005-08-17 21:40 64512 C:\WINDOWS\ehome\ehtray.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
        --a------ 2006-10-26 23:47 31016 C:\Program Files\Microsoft office 2007\Office12\GrooveMonitor.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
        --a------ 2006-01-17 12:03 53248 C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
        --a------ 2007-05-10 23:03 8429568 C:\WINDOWS\system32\NvCpl.dll

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
        --a------ 2007-05-10 23:03 81920 C:\WINDOWS\system32\NvMcTray.dll

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
        --a------ 2007-05-10 23:03 1626112 C:\WINDOWS\system32\nwiz.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
        --a------ 2003-10-31 18:42 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
        --a------ 2007-07-12 03:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
        --------- 2006-11-02 21:53 204288 C:\Program Files\Windows Media Player\WMPNSCFG.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
        "odserv"=3 (0x3)
        "Microsoft Office Groove Audit Service"=3 (0x3)
        "aawservice"=3 (0x3)
        "Netlogon"=3 (0x3)
        "MSIServer"=3 (0x3)
        "MSDTC"=3 (0x3)
        "mnmsrvc"=3 (0x3)
        "aspnet_state"=3 (0x3)
        "AppMgmt"=3 (0x3)
        "stisvc"=2 (0x2)

        R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 04:38]

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ac73115-1bb5-11db-a48c-001731c7121f}]
        \Shell\AutoRun\command - F:\LaunchU3.exe

        *Newly Created Service* - PROCEXP90
        .
        **************************************************************************

        catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-01-09 13:53:59
        Windows 5.1.2600 Service Pack 2 NTFS

        scannen van verborgen processen ...

        scannen van verborgen autostart items ...

        scannen van verborgen bestanden ...

        Scan succesvol afgerond
        verborgen bestanden: 0

        **************************************************************************
        .
        Voltooingstijd: 2008-01-09 13:54:45
        ComboFix-quarantined-files.txt 2008-01-09 12:54:41
        .
        2007-12-12 21:45:01 --- E O F ---


        Nieuwe HJT-log

        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 13:56:24, on 9-1-2008
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v7.00 (7.00.6000.16574)
        Boot mode: Normal

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\system32\ZoneLabs\vsmon.exe
        C:\Program Files\Adware\aawservice.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avguard.exe
        C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\sched.exe
        C:\Program Files\Analog Devices\SoundMAX\smax4.exe
        C:\Program Files\Analog Devices\Core\smax4pnp.exe
        C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avgnt.exe
        C:\Program Files\Pinnacle\PCTV USB2\Remote\remoterm.exe
        C:\Program Files\ZoneAlarm\zlclient.exe
        C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\Windows Media Player\WMPNSCFG.exe
        C:\Program Files\Logitech\SetPoint\SetPoint.exe
        C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
        C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
        C:\Program Files\Internet Explorer\iexplore.exe
        C:\WINDOWS\explorer.exe
        C:\Program Files\HijackThis\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
        O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
        O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\BitComet\tools\BitCometBHO_1.1.3.28.dll
        O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
        O2 - BHO: SysShield IE Popup Blocker - {9A23B8A4-C6C9-4A68-8FA6-5F905DC8FF80} - D:\Archieven\eraser\Internet Eraser\pkext.dll
        O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
        O3 - Toolbar: AbsoluteShield - {EE9DD090-902D-4623-9360-FB7D8666202B} - D:\Archieven\eraser\Internet Eraser\AbsoluteBar.dll
        O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
        O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
        O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
        O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
        O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
        O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
        O4 - HKLM\..\Run: [PCTVUSB2Remote] C:\Program Files\Pinnacle\PCTV USB2\Remote\remoterm.exe
        O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\ZoneAlarm\zlclient.exe"
        O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
        O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
        O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
        O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
        O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
        O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
        O4 - Global Startup: Pinnacle Scheduler.lnk = ?
        O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
        O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
        O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
        O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
        O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
        O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
        O16 - DPF: {32C11E38-E587-4BE9-9ABB-D69158C21CE5} (Moonlight MPEG-4 Video Decoder) - http://hoefweg.axiscam.net/activex/decoder/mpeg4_dec.cab
        O16 - DPF: {AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader4.cab
        O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/74914090/activex/IPSUploader.cab
        O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
        O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
        O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Adware\aawservice.exe
        O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\sched.exe
        O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira\AntiVir PersonalEdition Classic\avguard.exe
        O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
        O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

        --
        End of file - 7563 bytes


        In de HJT-log zie ik een ding wat er uitkan: O16 axiscam (dit was een webcam op de bouwplaats van het huis van mn broer.)

        Kan ik die aanvinken en "fix checked" doen?
        • Citaat

        Comment

        • #5
          En die twee andere "O-16-s", weet iemand wat dat is? kan dit ook weg?
          • Citaat

          Comment

          • #6
            Die O-16 sleutels mag je verwijderen.
            Indien ze nodig zijn, worden ze weer aangemaakt.
            Logjes zien er goed uit.
            Zijn er nog problemen?
            • Citaat

            Comment

            • #7
              Oh oke, bedankt.

              Verder weinig problemen alleen knalt ie soms achter elkaar IE eruit, dan kom ik weer terug op desktop. Als ik het dan 5 minuten later weer probeer doet ie het wel???
              Of moet ik dit gewoon onder windows-eigenaardigheden wegschrijven?

              En met O-16's weggooien: ik neem aan via HJT en dan fix checked?
              • Citaat

              Comment

              • #8
                Die O16 sleutels mag je met hijackthis fixen.
                Geeft IE een fouutmelding?
                • Citaat

                Comment

                • #9
                  Nee, maar dat komt omdat ik dat heb uitgezet in groupedit. Maar misschien moet ik dat dan even inschakelen. Het zou kunnen dat ie dan deze keer wel iets nuttigs te vertellen heeft.
                  Dat mijn pc schoon is ben ik al blij om. Ik kijk IE nog even aan, deze thread kan wat mij betreft dicht en bedankt!
                  • Citaat

                  Comment

                  • #10
                    Indien het probleem met IE niet opgelost geraakt, kan ik je wel wat laten proberen.
                    Let me know.
                    • Citaat

                    Comment

                    Vorige template Volgende
                    Sorry, you are not authorized to view this page
                    Working...
                    X