Mededeling

Collapse
No announcement yet.

pc loopt weer traag

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • pc loopt weer traag

    hallo

    mijn pc loopt weer traag, ik heb alles op jullie website gelezen maar dat werkt niet op één van de menier niet.
    kunnen jullie even naar mijn logje kijken, mischien licht het niet aan de logje.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:09:36, on 16-3-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Philips ToUcam Camera\VProperty.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
    C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\FinePixViewer\QuickDCF.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.robintimo.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
    O4 - HKLM\..\Run: [REGSHAVE] "C:\Program Files\REGSHAVE\REGSHAVE.EXE" /AUTORUN
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE" /FU "C:\WINDOWS\TEMP\E_S115B.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Exif Launcher.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

    --
    End of file - 3973 bytes

  • #2
    Hallo,

    Logje ziet er schoon uit.

    Kan je wel het schoonmaakplan aanbieden.

    Leeg je Temp-mappen (Let op : de mappen leegmaken, niet verwijderen !!):


    Open de verkenner ("Mijn Computer") en kies Extra -> Mapopties...
    Controleer onder Weergave de volgende instellingen:

    Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen)
    Uitzetten: Extensies voor bekende bestandstypen verbergen

    Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP)
    Selecteer: Verborgen bestanden en mappen weergeven

    C:\Windows\Temp
    C:\Documents and Settings\<user>\Local Settings\Temp
    C:\Documents and Settings\<user>\Local Settings\Temporary Internet Files
    C:\Documents and Settings\<user>\Local Settings\Temporary Internet Files\content.ie5
    <user> staat hier voor je profielnaam !!
    Als de laatste map niet wordt weergegeven, ga dan naar de map Temporary Internet Files en type er \content.ie5 achter in de adresbalk en klik enter.

    Maak je prullenbak leeg.

    Loop ook de stappen door op deze pagina.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      hallo

      ik heb klein stukje gedaan maar ik kom hier niet uit,
      Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP)
      Selecteer: Verborgen bestanden en mappen weergeven

      C:\Windows\Temp
      C:\Documents and Settings\<user>\Local Settings\Temp
      C:\Documents and Settings\<user>\Local Settings\Temporary Internet Files
      C:\Documents and Settings\<user>\Local Settings\Temporary Internet Files\content.ie5
      <user> staat hier voor je profielnaam !!
      Als de laatste map niet wordt weergegeven, ga dan naar de map Temporary Internet Files en type er \content.ie5 achter in de adresbalk en klik enter.

      Comment


      • #4
        Probeer dit maar even aub.

        Download ATF cleaner (gemaakt door Atribune)
        Dubbelklik op ATF cleaner om het programma te starten.
        Op het tabblad "Main", plaats je een vinkje bij Select All.
        Klik op de knop Empty Selected.

        Het volgende doen als je ook FireFox als browser hebt:
        Klik op tabblad "Firefox", plaats een vinkje bij Select All.
        Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
        (dit haalt het vinkje weer weg bij "Firefox saved passwords")
        Klik op de knop Empty Selected.

        Het volgende doen als je ook Opera als browser hebt:
        Klik op tabblad "Opera", plaats een vinkje bij Select All.
        Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
        Klik op de knop Empty Selected.
        Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          hoi

          ik heb het program geduownloud en ik heb het uit gevoert maar bij "main" als ik op "Empty Selected" druk de krijg ik een venster met de tekst "Done Cleaning!! ATF Cleaner has freed 16,000 KBs" dan druk ik op "OK" maar dan kom ik niet verder in de map "Firefox" of "Opera".

          groet robin

          Comment


          • #6
            Normaal betekent dat je geen firefox of opera gebruikt.

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              oke, ik moet het zo laten, of moet ik iets anders doen.

              m.v.g robin

              Comment


              • #8
                Hangt er van af, hoe is het met je problemen ?

                Windows 10 opstarten in Veilige Modus

                Comment


                • #9
                  op dit moment is mijn computer erg traag, en sluit niet hellemaal af. ik heb ccleaner plus ad aware 2007 over heen laten loopen en hij is een stukje sneller maar nog niet hellemaal.

                  m.v.g robin

                  Comment


                  • #10
                    Eens kijken of we wat vinden kunnen dan maar.

                    Volg de instructies zoals beschreven op de volgende pagina: hoe-dient-combofix-gebruikt-te-worden

                    Gebruik je Vista, dan hoeft de Recovery Console niet te worden geinstalleerd.
                    Is er iets niet duidelijk, dan vraag je het.
                    Als het tooltje klaar is, opent er een logfile (C:\combofix.txt).
                    Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.

                    Windows 10 opstarten in Veilige Modus

                    Comment


                    • #11
                      log.txh

                      Please help us improve HijackThis by reporting this error

                      Click 'Yes' to submit

                      Error Details:

                      An unexpected error has occurred at procedure: modRegistry_IniGetString(sFile=system.ini, sSection=boot, sValue=Shell)
                      Error #5 - Invalid procedure call or argument

                      Windows version: Windows NT 5.01.2600
                      MSIE version: 6.0.2900.2180
                      HijackThis version: 2.0.2


                      hijackthis.log

                      Logfile of Trend Micro HijackThis v2.0.2
                      Scan saved at 17:53:47, on 23-3-2008
                      Platform: Windows XP SP2 (WinNT 5.01.2600)
                      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
                      Boot mode: Normal

                      Running processes:
                      C:\WINDOWS\System32\smss.exe
                      C:\WINDOWS\system32\winlogon.exe
                      C:\WINDOWS\system32\services.exe
                      C:\WINDOWS\system32\lsass.exe
                      C:\WINDOWS\system32\svchost.exe
                      C:\WINDOWS\System32\svchost.exe
                      C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                      C:\WINDOWS\system32\spoolsv.exe
                      C:\Program Files\Eset\nod32krn.exe
                      C:\WINDOWS\System32\svchost.exe
                      C:\WINDOWS\system32\wscntfy.exe
                      C:\WINDOWS\system32\WgaTray.exe
                      C:\Program Files\Philips ToUcam Camera\VProperty.exe
                      C:\Program Files\QuickTime\qttask.exe
                      C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
                      C:\Program Files\MSN Messenger\msnmsgr.exe
                      C:\Program Files\FinePixViewer\QuickDCF.exe
                      C:\WINDOWS\System32\svchost.exe
                      C:\WINDOWS\system32\wuauclt.exe
                      C:\WINDOWS\explorer.exe
                      C:\Program Files\Internet Explorer\iexplore.exe
                      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.robintimo.nl/
                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
                      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
                      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
                      O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
                      O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
                      O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
                      O4 - HKLM\..\Run: [REGSHAVE] "C:\Program Files\REGSHAVE\REGSHAVE.EXE" /AUTORUN
                      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
                      O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
                      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
                      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
                      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
                      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
                      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
                      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
                      O4 - Global Startup: Exif Launcher.lnk = ?
                      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
                      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
                      O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
                      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                      O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
                      O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                      O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

                      --
                      End of file - 4032 bytes

                      Comment


                      • #12
                        Kan je dat nog een keer proberen ?

                        Windows 10 opstarten in Veilige Modus

                        Comment


                        • #13
                          log.txt

                          ComboFix 08-03-22.3 - Robin 2008-03-24 11:09:58.3 - NTFSx86
                          Gestart vanuit: C:\Documents and Settings\Robin\Bureaublad\ComboFix.exe
                          * Resident AV is active


                          WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
                          .
                          -- Other TimeOuts --
                          CF7936.exe /c " dir /a/s/b C:\_desktop.ini C:\desktop_.ini C:\cnsmin* C:\_install.exe >DirRoot"

                          ((((((((((((((((((((((((( Files Created from 2008-02-24 to 2008-03-24 )))))))))))))))))))))))))))))))
                          .

                          2008-03-23 21:21 . 2008-03-24 11:00 <DIR> dr-h----- C:\Documents and Settings\Robin\Onlangs geopend
                          2008-02-28 17:04 . 2007-12-14 01:59 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
                          2008-02-28 17:01 . 2008-02-28 17:04 <DIR> d-------- C:\Program Files\Java
                          2008-02-28 17:01 . 2008-02-28 17:01 <DIR> d-------- C:\Program Files\Common Files\Java

                          .
                          (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
                          .
                          2008-02-20 16:27 --------- dc----w C:\Documents and Settings\All Users\Application Data\Lavasoft
                          2008-02-20 16:21 --------- d-----w C:\Program Files\Lavasoft
                          2008-02-20 16:06 --------- d-----w C:\Program Files\Hitman Pro
                          2008-02-20 16:03 --------- d-----w C:\Program Files\Microsoft AntiSpyware
                          2008-02-20 15:57 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
                          2008-02-19 19:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
                          2008-02-19 15:47 --------- d-----w C:\Program Files\Trend Micro
                          2008-02-19 07:18 --------- d-----w C:\Program Files\ESET
                          2004-03-03 12:06 266 -csh--w C:\Program Files\desktop.ini
                          .

                          ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
                          .
                          .
                          *Note* empty entries & legit default entries are not shown
                          REGEDIT4

                          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                          "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 11:54 5674352]

                          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                          "ToUcamVProperty"="C:\Program Files\Philips ToUcam Camera\VProperty.exe" [2003-04-02 07:56 131072]
                          "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 21:32 53248]
                          "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-10 12:55 282624]
                          "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2006-08-12 12:22 921600]
                          "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]

                          [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
                          "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03 15360]

                          C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
                          Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe [2006-05-28 09:52:22 282624]

                          [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
                          Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

                          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
                          path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
                          backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

                          [HKLM\~\startupfolder\C:^Documents and Settings^Robin^Menu Start^Programma's^Opstarten^PowerReg Scheduler.exe]
                          path=C:\Documents and Settings\Robin\Menu Start\Programma's\Opstarten\PowerReg Scheduler.exe
                          backup=C:\WINDOWS\pss\PowerReg Scheduler.exeStartup

                          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
                          C:\Program Files\Ares Lite Edition\Ares.exe

                          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
                          --------- 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe

                          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
                          C:\Program Files\Hitman Pro\surfright.exe

                          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snelkiezer]
                          C:\WINDOWS\Snelkiezer_.exe

                          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]
                          --a------ 2006-03-13 16:35 5445176 C:\program files\voipbuster.com\voipbuster\voipbuster.exe

                          [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
                          "%windir%\\system32\\sessmgr.exe"=
                          "C:\\Program Files\\VoipBuster.com\\VoipBuster\\voipbuster.exe"=
                          "C:\\Program Files\\WS_FTP\\WS_FTP95.exe"=
                          "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
                          "C:\\Program Files\\MSN Messenger\\livecall.exe"=
                          "C:\\Program Files\\Windows Media Player\\wmplayer.exe"=

                          R3 trid3d;trid3d;C:\WINDOWS\system32\DRIVERS\trid3dm.sys [2001-08-17 21:51]
                          R3 ZD1201U;ZyDAS ZD1201 IEEE 802.11b Wireless LAN Driver (USB);C:\WINDOWS\system32\DRIVERS\zd1201u.sys [2003-06-12 07:54]
                          S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;C:\WINDOWS\system32\DRIVERS\ADM8511.SYS [2001-08-17 19:11]
                          S3 camvid20;Philips ToUcam Camera; Video;C:\WINDOWS\system32\DRIVERS\camdrv21.sys

                          .
                          Contents of the 'Scheduled Tasks' folder
                          "2008-03-24 08:56:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
                          - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
                          .
                          **************************************************************************

                          catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
                          Rootkit scan 2008-03-24 11:21:42
                          Windows 5.1.2600 Service Pack 2 NTFS

                          scanning hidden processes ...

                          scanning hidden autostart entries ...

                          HKLM\Software\Microsoft\Windows\CurrentVersion\Run
                          ToUcamVProperty = C:\Program Files\Philips ToUcam Camera\VProperty.exe??U?c?a?m? ?C?a?m?e?r?a?\?V?P?r?o?p?e?r?t?y?.?e?x?e???????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????

                          scanning hidden files ...

                          scan completed successfully
                          hidden files: 0

                          **************************************************************************
                          .
                          --------------------- DLLs Loaded Under Running Processes ---------------------

                          PROCESS: C:\WINDOWS\system32\lsass.exe
                          -> C:\Program Files\Eset\pr_imon.dll
                          .
                          ------------------------ Other Running Processes ------------------------
                          .
                          C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                          C:\Program Files\Eset\nod32krn.exe
                          C:\WINDOWS\system32\wscntfy.exe
                          C:\WINDOWS\system32\WgaTray.exe
                          .
                          **************************************************************************
                          .
                          Completion time: 2008-03-24 11:26:08 - machine was rebooted
                          ComboFix-quarantined-files.txt 2008-03-24 10:25:59
                          ComboFix2.txt 2008-03-23 16:46:51
                          ComboFix3.txt 2008-03-23 16:23:21
                          .
                          2008-03-12 19:50:02 --- E O F ---

                          en de hijackthis.log

                          Logfile of Trend Micro HijackThis v2.0.2
                          Scan saved at 11:30:21, on 24-3-2008
                          Platform: Windows XP SP2 (WinNT 5.01.2600)
                          MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
                          Boot mode: Normal

                          Running processes:
                          C:\WINDOWS\System32\smss.exe
                          C:\WINDOWS\system32\winlogon.exe
                          C:\WINDOWS\system32\services.exe
                          C:\WINDOWS\system32\lsass.exe
                          C:\WINDOWS\system32\svchost.exe
                          C:\WINDOWS\System32\svchost.exe
                          C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                          C:\WINDOWS\system32\spoolsv.exe
                          C:\Program Files\Eset\nod32krn.exe
                          C:\WINDOWS\System32\svchost.exe
                          C:\WINDOWS\system32\wscntfy.exe
                          C:\WINDOWS\system32\WgaTray.exe
                          C:\Program Files\Philips ToUcam Camera\VProperty.exe
                          C:\Program Files\QuickTime\qttask.exe
                          C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
                          C:\Program Files\MSN Messenger\msnmsgr.exe
                          C:\Program Files\FinePixViewer\QuickDCF.exe
                          C:\WINDOWS\System32\svchost.exe
                          C:\WINDOWS\system32\wuauclt.exe
                          C:\WINDOWS\explorer.exe
                          C:\Program Files\Internet Explorer\iexplore.exe
                          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.robintimo.nl/
                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
                          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                          O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
                          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
                          O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
                          O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
                          O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
                          O4 - HKLM\..\Run: [REGSHAVE] "C:\Program Files\REGSHAVE\REGSHAVE.EXE" /AUTORUN
                          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
                          O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
                          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
                          O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
                          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
                          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
                          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
                          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
                          O4 - Global Startup: Exif Launcher.lnk = ?
                          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
                          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
                          O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
                          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                          O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
                          O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                          O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

                          --
                          End of file - 4032 bytes

                          Comment


                          • #14
                            Ziet er gezond uit, nog problemen ?

                            Windows 10 opstarten in Veilige Modus

                            Comment


                            • #15
                              hallo

                              waar kommen die probleem dan vandaan, met de traag heid.

                              groet

                              robin

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X