Mededeling

Collapse
No announcement yet.

Laptop ongelooflijk traag, bij opstarten en ook bij Word

Collapse
X
Collapse
  •  
  • Page of 2
  • Tijd
  • Show
Clear All
new posts
Vorige 1 2 template Volgende
  • #1

    Laptop ongelooflijk traag, bij opstarten en ook bij Word

    Ik heb al van alles gedaan:
    Norton Suite gedraaid
    Easy cleaner gedraaid, register opgeschoond, overbodige bestanden verwijderd enz.
    Ad Aware en Defender gedraaid
    schijfopruiming en defragmentatie gedaan
    tenslotteHijach This scan gedaan.
    De laptop was altijd al een beetje traag, maar er is een nare virus/trojan opkomen MUSTAFX en MUSTAFX2. Via een truc eraf gehaald, systeemherstel in veilige modus en daarna Norton er overheen, toen was de indringer weg. Maar nu is alles traag als modder.
    Wat kan ik nog doen?
    Dit is mijn HijackThis log:

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 18:31:58, on 21-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
    C:\Program Files\SurfRight\Caretaker\AntispamService.exe
    C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe
    C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\HPConfig.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\carpserv.exe
    C:\WINDOWS\system32\atiptaxx.exe
    C:\WINDOWS\system32\RadioSvr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\SurfRight\Caretaker\Notifier.exe
    C:\Program Files\Spyware Doctor\pctsTray.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\SerExt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Sitecom\Sitecom WL-170 Wireless LAN Card\Installer\WLANUTL.exe
    C:\WINDOWS\winhlp32.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\ZIP-files\HiJackThis_v2.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.my-siemens.com/MySiemens/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat

    5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec

    Shared\coShared\Browser\1.5\NppBho.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec

    Shared\coShared\Browser\1.5\UIBHO.dll
    O4 - HKLM\..\Run: [CARPService] carpserv.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
    O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
    O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\250S Series\lwbwheel.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec

    Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec

    Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [CaretakerNotifier] C:\Program Files\SurfRight\Caretaker\Notifier.exe
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [SerExt] SerExt.exe /unplug
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Sitecom WL-170 Wireless LAN

    Card\Installer\WLANUTL.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -

    C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

    Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -

    http://go.microsoft.com/fwlink/?linkid=39204
    O20 - AppInit_DLLs: C:\WINDOWS\System32\wmfhotfix.dll
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} -

    C:\WINDOWS\System32\browseui.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: Caretaker Antispam Service (CaretakerAntispam) - SurfRight B.V. - C:\Program

    Files\SurfRight\Caretaker\AntispamService.exe
    O23 - Service: Caretaker Proxy (CaretakerProxy) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe
    O23 - Service: Caretaker Service (CaretakerSvc) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
    O23 - Service: Caretaker Updater (CaretakerUpdate) - SurfRight B.V. - C:\Program

    Files\SurfRight\Caretaker\CaretakerUpdater.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec

    Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec

    Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common

    Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec

    Shared\VAScanner\comHost.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google

    Updater\GoogleUpdaterService.exe
    O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
    O23 - Service: HP RF Device Service (HpRfDev) - Hewlett-Packard - C:\WINDOWS\system32\HpRfDev.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet

    Security\isPwdSvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common

    Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec

    Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program

    Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: RadioSvr - Hewlett-Packard - C:\WINDOWS\system32\RadioSvr.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec

    Shared\AppCore\AppSvc32.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy

    Sweeper\SpySweeper.exe

    --
    End of file - 10390 bytes
    Labels: Geen
      • Citaat
    • #2
      Je maakt gebruik van een verouderde versie van Hijackthis. Kun je vanaf nu de nieuwe versie gebruiken:
      • [url=http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe]HijackThis installatiebestand
      • [url=http://www.trendsecure.com/portal/en-US/threat_analytics/HiJackThis.zip]HijackThis ingepakt als .ZIP
      • [url=http://www.trendsecure.com/portal/en-US/threat_analytics/HiJackThis.exe]Directe link naar HijackThis.exe


      Meld ook even hoe het nu met de problemen is.

      Succes
        • Citaat

        Comment

        • #3
          downlaods blijven op 99% hangen, wat nu?

          bedankt voor je reactie rve123.
          Ik heb de drie links aangeklikt en voor download opslaan gekozen, maar alles blijft op 99% steken.
          Kan ik die versies dan toch gebruiken?

          Toch maar geprobeerd.
          Dit is mijn nieuwe log:

          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 21:27:23, on 25-1-2008
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
          Boot mode: Normal

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\Program Files\Windows Defender\MsMpEng.exe
          C:\WINDOWS\System32\svchost.exe
          C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
          C:\Program Files\SurfRight\Caretaker\AntispamService.exe
          C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe
          C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe
          C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          C:\WINDOWS\Explorer.EXE
          C:\WINDOWS\system32\carpserv.exe
          C:\WINDOWS\system32\atiptaxx.exe
          C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
          C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
          C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
          C:\WINDOWS\system32\spoolsv.exe
          C:\WINDOWS\System32\Ati2evxx.exe
          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
          C:\WINDOWS\system32\dla\tfswctrl.exe
          C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
          C:\Program Files\Common Files\Symantec

          Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
          C:\Program Files\SurfRight\Caretaker\Notifier.exe
          C:\Program Files\Spyware Doctor\pctsTray.exe
          C:\Program Files\Windows Defender\MSASCui.exe
          C:\WINDOWS\system32\SerExt.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
          C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
          C:\Program Files\Messenger\msmsgs.exe
          C:\Program Files\Sitecom\Sitecom WL-170 Wireless LAN Card\Installer\WLANUTL.exe
          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          C:\WINDOWS\system32\HPConfig.exe
          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
          C:\WINDOWS\system32\RadioSvr.exe
          C:\WINDOWS\System32\svchost.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

          http://www.hp.com/info/homepage-o
          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
          R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

          http://www.my-siemens.com/MySiemens/
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

          Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
          O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common

          Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
          O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -

          C:\PROGRA~1\SPYBOT~1\SDHelper.dll
          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

          files\google\googletoolbar2.dll
          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program

          files\google\googletoolbar2.dll
          O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program

          Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
          O4 - HKLM\..\Run: [CARPService] carpserv.exe
          O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
          O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
          O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
          O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook

          Utilities\hptasks.exe /s
          O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
          O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
          O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
          O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation

          Ready\PresRdy.exe -r
          O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
          O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\250S Series\lwbwheel.exe
          O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
          O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
          O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
          O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec

          Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common

          Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
          O4 - HKLM\..\Run: [CaretakerNotifier] C:\Program Files\SurfRight\Caretaker\Notifier.exe
          O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
          O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
          O4 - HKLM\..\Run: [SerExt] SerExt.exe /unplug
          O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft

          ActiveSync\WCESCOMM.EXE"
          O4 - HKCU\..\Run: [swg] C:\Program

          Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale

          service')
          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User

          'Netwerkservice')
          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
          O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft

          Office\Office\OSA9.EXE
          O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Sitecom WL-170

          Wireless LAN Card\Installer\WLANUTL.exe
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

          C:\WINDOWS\System32\msjava.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

          C:\WINDOWS\System32\msjava.dll
          O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
          O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} -

          C:\PROGRA~1\MICROS~4\INetRepl.dll
          O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -

          C:\PROGRA~1\MICROS~4\INetRepl.dll
          O9 - Extra 'Tools' menuitem: Create Mobile Favorite... -

          {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

          Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

          C:\Program Files\Messenger\msmsgs.exe
          O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
          O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation

          Tool) - http://go.microsoft.com/fwlink/?linkid=39204
          O20 - AppInit_DLLs: C:\WINDOWS\System32\wmfhotfix.dll
          O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program

          Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
          O23 - Service: Caretaker Antispam Service (CaretakerAntispam) - SurfRight B.V. - C:\Program

          Files\SurfRight\Caretaker\AntispamService.exe
          O23 - Service: Caretaker Proxy (CaretakerProxy) - SurfRight B.V. - C:\Program

          Files\SurfRight\Caretaker\CaretakerProxy.exe
          O23 - Service: Caretaker Service (CaretakerSvc) - SurfRight B.V. - C:\Program

          Files\SurfRight\Caretaker\CaretakerService.exe
          O23 - Service: Caretaker Updater (CaretakerUpdate) - SurfRight B.V. - C:\Program

          Files\SurfRight\Caretaker\CaretakerUpdater.exe
          O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program

          Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program

          Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation -

          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common

          Files\Symantec Shared\VAScanner\comHost.exe
          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program

          Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard -

          C:\WINDOWS\system32\HPConfig.exe
          O23 - Service: HP RF Device Service (HpRfDev) - Hewlett-Packard -

          C:\WINDOWS\system32\HpRfDev.exe
          O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation -

          C:\Program Files\Norton Internet Security\isPwdSvc.exe
          O23 - Service: LiveUpdate - Symantec Corporation -

          C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
          O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation -

          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common

          Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
          O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program

          Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
          O23 - Service: RadioSvr - Hewlett-Packard - C:\WINDOWS\system32\RadioSvr.exe
          O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program

          Files\Spyware Doctor\pctsAuxs.exe
          O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program

          Files\Spyware Doctor\pctsSvc.exe
          O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec

          Shared\CCPD-LC\symlcsvc.exe
          O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program

          Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
          O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software,

          Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

          --
          End of file - 10249 bytes
          Last edited by CorneliaW; 25-01-08, 20:32. Reden: nieuwe versie Hijack this gedraaid en log geplant.
            • Citaat

            Comment

            • #4
              Lijkt te zijn gelukt zo te zien.
              Ga naar Start -> uitvoeren en voer daar het volgende in:

              notepad

              Bevestig via OK.
              Kies voor Opmaak en klik op Automatische terugloop
              Controleren even of het vinkje is verdwenen.

              Maak daarna een nieuw Hijackthislogje en post deze.

              Succes
                • Citaat

                Comment

                • #5
                  Gedaan zoals je dat zei.
                  (Ik heb geen idee waar dat voor helpt.)
                  Dit is mijn nieuwe log:

                  Logfile of Trend Micro HijackThis v2.0.2
                  Scan saved at 19:44:23, on 27-1-2008
                  Platform: Windows XP SP2 (WinNT 5.01.2600)
                  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
                  Boot mode: Normal

                  Running processes:
                  C:\WINDOWS\System32\smss.exe
                  C:\WINDOWS\system32\winlogon.exe
                  C:\WINDOWS\system32\services.exe
                  C:\WINDOWS\system32\lsass.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\Program Files\Windows Defender\MsMpEng.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
                  C:\Program Files\SurfRight\Caretaker\AntispamService.exe
                  C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe
                  C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe
                  C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                  C:\WINDOWS\system32\spoolsv.exe
                  C:\WINDOWS\System32\Ati2evxx.exe
                  C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                  C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                  C:\WINDOWS\system32\HPConfig.exe
                  C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
                  C:\WINDOWS\Explorer.EXE
                  C:\WINDOWS\system32\RadioSvr.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
                  C:\WINDOWS\system32\carpserv.exe
                  C:\WINDOWS\system32\atiptaxx.exe
                  C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
                  C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
                  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                  C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
                  C:\WINDOWS\system32\dla\tfswctrl.exe
                  C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
                  C:\Program Files\Common Files\Symantec Shared\ccApp.exe
                  C:\Program Files\SurfRight\Caretaker\Notifier.exe
                  C:\Program Files\Spyware Doctor\pctsTray.exe
                  C:\Program Files\Windows Defender\MSASCui.exe
                  C:\WINDOWS\system32\SerExt.exe
                  C:\WINDOWS\system32\ctfmon.exe
                  C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
                  C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
                  C:\Program Files\Messenger\msmsgs.exe
                  C:\Program Files\Sitecom\Sitecom WL-170 Wireless LAN Card\Installer\WLANUTL.exe
                  C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
                  C:\WINDOWS\system32\wuauclt.exe
                  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
                  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.my-siemens.com/MySiemens/
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
                  O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
                  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
                  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
                  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
                  O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
                  O4 - HKLM\..\Run: [CARPService] carpserv.exe
                  O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
                  O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
                  O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
                  O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
                  O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
                  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                  O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
                  O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
                  O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
                  O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\250S Series\lwbwheel.exe
                  O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
                  O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
                  O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
                  O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
                  O4 - HKLM\..\Run: [CaretakerNotifier] C:\Program Files\SurfRight\Caretaker\Notifier.exe
                  O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
                  O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
                  O4 - HKLM\..\Run: [SerExt] SerExt.exe /unplug
                  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
                  O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
                  O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
                  O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
                  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
                  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
                  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
                  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
                  O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Sitecom WL-170 Wireless LAN Card\Installer\WLANUTL.exe
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
                  O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
                  O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
                  O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
                  O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
                  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
                  O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
                  O20 - AppInit_DLLs: C:\WINDOWS\System32\wmfhotfix.dll
                  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                  O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
                  O23 - Service: Caretaker Antispam Service (CaretakerAntispam) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\AntispamService.exe
                  O23 - Service: Caretaker Proxy (CaretakerProxy) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe
                  O23 - Service: Caretaker Service (CaretakerSvc) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
                  O23 - Service: Caretaker Updater (CaretakerUpdate) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe
                  O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                  O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                  O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                  O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
                  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                  O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
                  O23 - Service: HP RF Device Service (HpRfDev) - Hewlett-Packard - C:\WINDOWS\system32\HpRfDev.exe
                  O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
                  O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
                  O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                  O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
                  O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
                  O23 - Service: RadioSvr - Hewlett-Packard - C:\WINDOWS\system32\RadioSvr.exe
                  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
                  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
                  O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
                  O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
                  O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

                  --
                  End of file - 10265 bytes
                    • Citaat

                    Comment

                    • #6
                      Het logje is nu dudielijker leesbaar

                      Open Hijackthis en kies voor Do a system scan only.
                      Vink nu de volgende regels aan:
                      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
                      O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

                      Sluit alle open vensters en klik op Fix Checked.

                      2. Download [url=http://www.atribune.org/ccount/click.php?id=1]ATF cleaner (by Atribune) naar je bureaublad
                      • Dubbelklik op ATF cleaner om het programma te starten.
                        Op het tabblad "Main", plaats je een vinkje bij Select All.
                        Klik op de knop Empty Selected.

                        Gebruik je ook Firefox als browser:
                        Klik op tabblad "Firefox", plaats een vinkje bij Select All.
                        Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                        (dit verwijdert het vinkje bij "Firefox saved passwords")
                        Klik op de knop Empty Selected.

                        Gebruik je ook Opera als browser:
                        Klik op tabblad "Opera", plaats een vinkje bij Select All.
                        Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                        Klik op de knop Empty Selected.
                        Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.


                      Herstart daarna de computer.
                      Post een nieuw Hijackthislogje en kijk of er verbetering is qua snelheid.

                      Succes
                        • Citaat

                        Comment

                        • #7
                          Bedankt voor je reactie.

                          Ik heb alles gedaan, maar de laptop is nog steeds heel traag.
                          Voordat het opstarten klaar is en Word gestart (dat duurt ongeveer een kwart tot de helft van de tijd) zijn we zo 12 minuten verder.
                          Hier is mijn nieuwe log.

                          Logfile of Trend Micro HijackThis v2.0.2
                          Scan saved at 17:07:37, on 28-1-2008
                          Platform: Windows XP SP2 (WinNT 5.01.2600)
                          MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
                          Boot mode: Normal

                          Running processes:
                          C:\WINDOWS\System32\smss.exe
                          C:\WINDOWS\system32\winlogon.exe
                          C:\WINDOWS\system32\services.exe
                          C:\WINDOWS\system32\lsass.exe
                          C:\WINDOWS\system32\svchost.exe
                          C:\Program Files\Windows Defender\MsMpEng.exe
                          C:\WINDOWS\System32\svchost.exe
                          C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
                          C:\Program Files\SurfRight\Caretaker\AntispamService.exe
                          C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe
                          C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe
                          C:\WINDOWS\Explorer.EXE
                          C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                          C:\WINDOWS\system32\spoolsv.exe
                          C:\WINDOWS\System32\Ati2evxx.exe
                          C:\WINDOWS\system32\carpserv.exe
                          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                          C:\WINDOWS\system32\atiptaxx.exe
                          C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
                          C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
                          C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                          C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
                          C:\WINDOWS\system32\dla\tfswctrl.exe
                          C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
                          C:\Program Files\Common Files\Symantec Shared\ccApp.exe
                          C:\Program Files\SurfRight\Caretaker\Notifier.exe
                          C:\Program Files\Spyware Doctor\pctsTray.exe
                          C:\Program Files\Windows Defender\MSASCui.exe
                          C:\WINDOWS\system32\SerExt.exe
                          C:\WINDOWS\system32\ctfmon.exe
                          C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
                          C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
                          C:\Program Files\Messenger\msmsgs.exe
                          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                          C:\WINDOWS\system32\HPConfig.exe
                          C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
                          C:\Program Files\Sitecom\Sitecom WL-170 Wireless LAN Card\Installer\WLANUTL.exe
                          C:\WINDOWS\system32\RadioSvr.exe
                          C:\WINDOWS\System32\svchost.exe
                          C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
                          C:\WINDOWS\system32\wuauclt.exe
                          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
                          C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
                          C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
                          C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
                          C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
                          C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe

                          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
                          R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.my-siemens.com/MySiemens/
                          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                          O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
                          O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
                          O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
                          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
                          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
                          O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
                          O4 - HKLM\..\Run: [CARPService] carpserv.exe
                          O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
                          O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
                          O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
                          O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
                          O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
                          O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                          O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
                          O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
                          O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
                          O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\250S Series\lwbwheel.exe
                          O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
                          O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
                          O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
                          O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
                          O4 - HKLM\..\Run: [CaretakerNotifier] C:\Program Files\SurfRight\Caretaker\Notifier.exe
                          O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
                          O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
                          O4 - HKLM\..\Run: [SerExt] SerExt.exe /unplug
                          O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
                          O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
                          O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
                          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
                          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
                          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
                          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
                          O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
                          O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Sitecom WL-170 Wireless LAN Card\Installer\WLANUTL.exe
                          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
                          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
                          O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
                          O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
                          O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
                          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                          O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
                          O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
                          O20 - AppInit_DLLs: C:\WINDOWS\System32\wmfhotfix.dll
                          O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                          O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
                          O23 - Service: Caretaker Antispam Service (CaretakerAntispam) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\AntispamService.exe
                          O23 - Service: Caretaker Proxy (CaretakerProxy) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerProxy.exe
                          O23 - Service: Caretaker Service (CaretakerSvc) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerService.exe
                          O23 - Service: Caretaker Updater (CaretakerUpdate) - SurfRight B.V. - C:\Program Files\SurfRight\Caretaker\CaretakerUpdater.exe
                          O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                          O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                          O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                          O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
                          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                          O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
                          O23 - Service: HP RF Device Service (HpRfDev) - Hewlett-Packard - C:\WINDOWS\system32\HpRfDev.exe
                          O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
                          O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
                          O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                          O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
                          O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
                          O23 - Service: RadioSvr - Hewlett-Packard - C:\WINDOWS\system32\RadioSvr.exe
                          O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
                          O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
                          O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
                          O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
                          O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

                          --
                          End of file - 10315 bytes
                            • Citaat

                            Comment

                            • #8
                              Kun je de computer is defragmenteren. Indien mogelijk in Veilige Modus ([url=http://www.nucia.eu/forum/showthread.php?t=21312]Veilige Modus).

                              Herstart daarna naar Normale Modus en meld of er verbetering is.

                              Succes
                                • Citaat

                                Comment

                                • #9
                                  Laptop blijft traag

                                  Hallo rve123,
                                  Ik had kort geleden al gedefragmenteerd, maar niet in de veilige modus.
                                  Nu dus wel gedaan, volgens de analyse was het niet nodig maar toch wel gedefragmenteerd.
                                  maar het helpt niet.
                                  Alles nog steeds even traag, het Windowsscherm verschijnt wel na een redelijk tijdje, maar daarna begint het gepruttel van allerlei software die wordt geladen (of zoiets) en dat duurt eeuwen.
                                  daarna is zoiets eenvoudigs als word 4 minuten bezig om op te starten.
                                  Kan ik niet iets doen zodat dst niet gebeurt.
                                  Ik kan wellicht allerlei software om malware op te sporen eraf gooien.
                                  maar is het mogelijk om softwaren wel op de harde schijf te laten staan en dat het toch niet bij het opstarten al geactiveerd wordt.
                                  Hoe weet ik wat ik mag doen?
                                  Groet van
                                    • Citaat

                                    Comment

                                    • #10
                                      Kun je met behulp van het volgende topic de opstartitems uitzoeken:
                                      http://www.nucia.eu/forum/showthread.php?t=114

                                      Post daarna ook een nieuw Hijackthislogje.

                                      Succes
                                        • Citaat

                                        Comment

                                        • #11
                                          het blijft traag traag traag

                                          Hallo rve123,
                                          Ik had even moeite om Startup te downloaden, maar dat is nu gedaan.
                                          Ik zie geen afwijkendende opstartbestanden, ook nog een paar curieuze namen gechecked. Niets aan de hand.

                                          Wel twee andere rare zaken opgemerkt: AFT-cleaner gedraaid, alles weggegooid.
                                          kwartier later kon het programma weer 150.000kb weggooien terwijl ik op dat omet geen internet had aanstaan, wel de verbinding.
                                          Ook raar is dat ik 103 mappen heb in de Windows-map met namen zoals:
                                          $NtUninstallKB887472$ en andere nummers.
                                          Ik heb ik een map WinSxS met mappen manifest, X86-policy, X86-Microsoft.Tool.VisualPlusPlus enz.
                                          Kan dat kwaad, kan ik die deleten?
                                          Ik heb ook even weer een logje gemaakt:


                                          Logfile of Trend Micro HijackThis v2.0.2
                                          Scan saved at 23:08:38, on 5-2-2008
                                          Platform: Windows XP SP2 (WinNT 5.01.2600)
                                          MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
                                          Boot mode: Normal

                                          Running processes:
                                          C:\WINDOWS\System32\smss.exe
                                          C:\WINDOWS\system32\winlogon.exe
                                          C:\WINDOWS\system32\services.exe
                                          C:\WINDOWS\system32\lsass.exe
                                          C:\WINDOWS\system32\svchost.exe
                                          C:\Program Files\Windows Defender\MsMpEng.exe
                                          C:\WINDOWS\System32\svchost.exe
                                          C:\WINDOWS\system32\spoolsv.exe
                                          C:\WINDOWS\System32\Ati2evxx.exe
                                          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                                          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                                          C:\WINDOWS\system32\HPConfig.exe
                                          C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
                                          C:\WINDOWS\Explorer.EXE
                                          C:\WINDOWS\system32\RadioSvr.exe
                                          C:\WINDOWS\System32\svchost.exe
                                          C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
                                          C:\WINDOWS\system32\carpserv.exe
                                          C:\WINDOWS\system32\atiptaxx.exe
                                          C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
                                          C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
                                          C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                                          C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
                                          C:\WINDOWS\system32\dla\tfswctrl.exe
                                          C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
                                          C:\Program Files\Common Files\Symantec Shared\ccApp.exe
                                          C:\Program Files\Spyware Doctor\pctsTray.exe
                                          C:\Program Files\Windows Defender\MSASCui.exe
                                          C:\WINDOWS\system32\ctfmon.exe
                                          C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
                                          C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
                                          C:\Program Files\Sitecom\Sitecom WL-170 Wireless LAN Card\Installer\WLANUTL.exe
                                          C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
                                          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                                          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
                                          R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.my-siemens.com/MySiemens/
                                          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                                          O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
                                          O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
                                          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
                                          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
                                          O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
                                          O4 - HKLM\..\Run: [CARPService] carpserv.exe
                                          O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
                                          O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
                                          O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
                                          O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
                                          O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
                                          O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                                          O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
                                          O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
                                          O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
                                          O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\250S Series\lwbwheel.exe
                                          O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
                                          O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
                                          O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
                                          O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
                                          O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
                                          O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
                                          O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
                                          O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
                                          O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
                                          O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
                                          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
                                          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
                                          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
                                          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
                                          O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
                                          O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Sitecom WL-170 Wireless LAN Card\Installer\WLANUTL.exe
                                          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
                                          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
                                          O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
                                          O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
                                          O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
                                          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                                          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                                          O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
                                          O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
                                          O20 - AppInit_DLLs: C:\WINDOWS\System32\wmfhotfix.dll
                                          O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
                                          O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                                          O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                                          O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                                          O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
                                          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                                          O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
                                          O23 - Service: HP RF Device Service (HpRfDev) - Hewlett-Packard - C:\WINDOWS\system32\HpRfDev.exe
                                          O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
                                          O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
                                          O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                                          O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
                                          O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
                                          O23 - Service: RadioSvr - Hewlett-Packard - C:\WINDOWS\system32\RadioSvr.exe
                                          O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
                                          O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
                                          O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
                                          O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

                                          --
                                          End of file - 8695 bytes
                                            • Citaat

                                            Comment

                                            • #12
                                              De mappen die je noemt hebben te maken met de undate's van Windows. Deze kun je gewoon laten voor wat het is.

                                              Gaf ATF Cleaner het aantal opgeruimte bestanden in bytes of in kb??

                                              Kun je aangeven hoe het is met de hoeveelheid vrije ruimte op de schijf??
                                                • Citaat

                                                Comment

                                                • #13
                                                  Opgeven?

                                                  Hallo RVE123
                                                  Ik was even een weekje weg.
                                                  Op de harde schijf is nog 18 GB van de 28 GB beschikbaar.
                                                  De ATF cleaner geeft zijn vuinis weer in KBs, net alles gecleaned voordat ik aan dit mailtje begon, nu alweer 476,000KBs weg te gooien.
                                                  Maar misschien is dat allemaal wel normaal.
                                                  WORD disc er eens ingedaan en herstellen aangeklikt, lijkt Word weer ietsiepietsie sneller te starten.
                                                  What next?
                                                  groetjes
                                                    • Citaat

                                                    Comment

                                                    • #14
                                                      Post even een nieuw Hijackthislogje en meld daarbij zo precies mogelijk wat de huidige problemen zijn.

                                                      Succes
                                                        • Citaat

                                                        Comment

                                                        • #15
                                                          Het blijft zo traag na het opstarten.

                                                          Hallo RVE123,
                                                          De laptop was altijd al een beetje traag, maar er was een nare virus/trojan opkomen MUSTAFX en MUSTAFX2. Via een truc eraf gehaald, systeemherstel in veilige modus en daarna Norton er overheen, toen leek de indringer weg. Maar daar ga ik aan twijfelen, is die zooi wel uit mijn computer?
                                                          Nu is alles traag als modder.
                                                          Windows start wel redelijk snel op, maar daarna lijkt het of hij nog vanalles inlaadt, de Harde schijf blijft maar ratelen.
                                                          Ik wil eigenlijk alleen Windows opstarten. En pas als ik Internet Explorer of Word ga gebruiken dat hij die opstart.
                                                          Wat kan ik nog doen?


                                                          Dit is mijn HijackThis log:

                                                          Logfile of Trend Micro HijackThis v2.0.2
                                                          Scan saved at 18:15:42, on 19-2-2008
                                                          Platform: Windows XP SP2 (WinNT 5.01.2600)
                                                          MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
                                                          Boot mode: Normal

                                                          Running processes:
                                                          C:\WINDOWS\System32\smss.exe
                                                          C:\WINDOWS\system32\winlogon.exe
                                                          C:\WINDOWS\system32\services.exe
                                                          C:\WINDOWS\system32\lsass.exe
                                                          C:\WINDOWS\system32\svchost.exe
                                                          C:\WINDOWS\System32\svchost.exe
                                                          C:\WINDOWS\system32\spoolsv.exe
                                                          C:\WINDOWS\System32\Ati2evxx.exe
                                                          C:\WINDOWS\Explorer.EXE
                                                          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                                                          C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                                                          C:\WINDOWS\system32\HPConfig.exe
                                                          C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
                                                          C:\WINDOWS\system32\carpserv.exe
                                                          C:\WINDOWS\system32\atiptaxx.exe
                                                          C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
                                                          C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
                                                          C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                                                          C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
                                                          C:\WINDOWS\system32\dla\tfswctrl.exe
                                                          C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
                                                          C:\Program Files\Common Files\Symantec Shared\ccApp.exe
                                                          C:\WINDOWS\system32\RadioSvr.exe
                                                          C:\WINDOWS\System32\svchost.exe
                                                          C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
                                                          C:\WINDOWS\system32\ctfmon.exe
                                                          C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
                                                          C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
                                                          C:\Program Files\Messenger\msmsgs.exe
                                                          C:\Program Files\Sitecom\Sitecom WL-170 Wireless LAN Card\Installer\WLANUTL.exe
                                                          C:\WINDOWS\system32\wuauclt.exe
                                                          C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
                                                          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
                                                          C:\WINDOWS\system32\wuauclt.exe
                                                          C:\WINDOWS\SoftwareDistribution\Download\1dc5097bf31817d5b1cce920944d9190\update\update.exe

                                                          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                                                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
                                                          R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.my-siemens.com/MySiemens/
                                                          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                                                          O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
                                                          O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
                                                          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
                                                          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
                                                          O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
                                                          O4 - HKLM\..\Run: [CARPService] carpserv.exe
                                                          O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
                                                          O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
                                                          O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
                                                          O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
                                                          O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
                                                          O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                                                          O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
                                                          O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
                                                          O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
                                                          O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\250S Series\lwbwheel.exe
                                                          O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
                                                          O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
                                                          O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
                                                          O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
                                                          O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
                                                          O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
                                                          O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
                                                          O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
                                                          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                                                          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
                                                          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
                                                          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
                                                          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
                                                          O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
                                                          O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files\Sitecom\Sitecom WL-170 Wireless LAN Card\Installer\WLANUTL.exe
                                                          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
                                                          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
                                                          O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
                                                          O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
                                                          O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
                                                          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                                                          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                                                          O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
                                                          O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
                                                          O20 - AppInit_DLLs: C:\WINDOWS\System32\wmfhotfix.dll
                                                          O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
                                                          O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                                                          O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                                                          O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                                                          O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
                                                          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                                                          O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
                                                          O23 - Service: HP RF Device Service (HpRfDev) - Hewlett-Packard - C:\WINDOWS\system32\HpRfDev.exe
                                                          O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
                                                          O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
                                                          O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
                                                          O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
                                                          O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
                                                          O23 - Service: RadioSvr - Hewlett-Packard - C:\WINDOWS\system32\RadioSvr.exe
                                                          O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
                                                          O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

                                                          --
                                                          End of file - 8436 bytes
                                                            • Citaat

                                                            Comment

                                                            Vorige 1 2 template Volgende
                                                            Sorry, you are not authorized to view this page
                                                            Working...
                                                            X
                                                            😀
                                                            🥰
                                                            🤢
                                                            😎
                                                            😡
                                                            👍
                                                            👎