Archief - Enorm trage laptop

Laptop loopt de laatste tijd enorm traag, soms met als gevolg dat ik opnieuw moet opstarten, ook staan er enkele onbekende toolbars in IE. Onlangs kon ik ook even niet op internet, moest toen opnieuw opstarten en kon toen wel weer.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:29:52, on 7/11/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Silvercrest MTS2118 driver\KMWDSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\Engine\17.9.0.12\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Norton AntiVirus\Engine\17.9.0.12\ccSvcHst.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Genesys PC Camera Device\GenePccMon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Silvercrest MTS2118 driver\StartAutorun.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Silvercrest MTS2118 driver\KMConfig.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Silvercrest MTS2118 driver\KMProcess.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\prxtbuTo2.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.9.0.12\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: uTorrentBar_NL - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\prxtbuTo2.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\prxtbuTo2.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.7\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [Setup] D:\WSETUP\Setup.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GenePccMon.exe] C:\Program Files\Genesys PC Camera Device\GenePccMon.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe /T:NTRU12
O4 - HKLM\..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
O4 - HKLM\..\Run: [EmbassySecurityCheck] "C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Silvercrest MTS2118 driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.2 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/mjss/MJSS.cab109791.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DF9C24D1-030E-49ED-5EB5-D6610086C313} - http://www.superstarracing.net/miniclip/ChatRepublicPlayer.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updateservice (gupdate1ca097351506916) (gupdate1ca097351506916) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Silvercrest MTS2118 driver\KMWDSrv.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: NTRU TSS v1.2.1.12 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 16269 bytes

Voer de volgende acties eerst uit:
Klik op Start -> (Settings) -> Configuratiescherm -> Software en verwijder het (de) volgende programma(´s):
SearchSettings

ALCMTR.EXE is een onderdeel van de realtek event monitor, en wordt gebruikt om data van de gebruikte drivers van de gebruiker te verkrijgen.
Vandaar dat het bestand vaak voor spyware wordt aangezien.
Als dit bestand of de registersleutel verwijderd wordt is het updaten van de realtek audio driver niet meer mogelijk.
Indien je niet wilt dat het automatisch start, kan je dit beter via MS config uitschakelen.

Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe

Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.



Download LopSD naar je Bureaublad

• Kies Optie N en Enter
• Klik OK bij het informatie venter
• Kies Optie 2 (Fix + Hosts), en Enter
• Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord

Vista gebruikers:rechtsklik op LopSD en kies voor "Als Administrator uitvoeren”
Note:LopSD wordt door sommige virusscanners als virus gezien,deactiveer daarom je scanner

Gelukt. Het programma 'Search Settings' werd echter niet teruggevonden in de software. Dit heb ik dus ook niet kunnen verwijderen.



--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz )
BIOS : Default System BIOS
USER : Ots ( Administrator )
BOOT : Normal boot
Antivirus : Norton AntiVirus 17.9.0.12 (Activated)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:84 Go)
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( wo 09/11/2011|15:56 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ HERSTEL

Verwijderd ! - C:\DOCUME~1\Ots\LOCALS~1\Temp\nsf298.tmp
Verwijderd ! - C:\DOCUME~1\Ots\LOCALS~1\Temp\NSSRT.exe
Verwijderd ! - C:\DOCUME~1\Ots\Cookies\[email protected][2].txt
Verwijderd ! - C:\DOCUME~1\Ots\Cookies\ots@ero-advertising[1].txt

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Beschrijving van mappen in APPLIC~1

[09/10/2008|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[04/10/2011|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[10/04/2010|13:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[03/11/2009|12:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[12/09/2009|11:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[03/10/2008|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[21/01/2009|21:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[21/01/2009|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[17/07/2011|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
[04/10/2011|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Chat Republic Games
[10/12/2008|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[29/09/2011|14:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[17/09/2010|09:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[17/09/2010|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[02/02/2011|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hps
[04/10/2008|10:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[30/09/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[11/01/2009|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[11/01/2009|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[07/11/2011|23:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[08/10/2011|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[08/10/2011|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee Security Scan
[05/06/2010|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/04/2009|17:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[02/05/2010|17:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Norton
[25/12/2009|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[30/09/2008|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NTRU Cryptosystems
[15/03/2009|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[02/08/2009|13:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PCSettings
[04/10/2008|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
[06/02/2010|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SafeNet Sentinel
[04/10/2008|10:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[07/02/2010|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SPSS
[16/09/2009|17:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[30/09/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wave Systems Corp
[17/09/2010|09:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[05/10/2008|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/10/2008|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08/10/2011|15:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\YouTube Downloader
[0|bestand(en)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes
[41|map(pen)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes beschikbaar

[17/09/2010|09:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\HpUpdate
[30/09/2008|19:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[10/12/2009|13:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[30/09/2008|16:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[0|bestand(en)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes
[6|map(pen)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes beschikbaar

[30/09/2008|19:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel
[20/10/2011|15:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee
[30/09/2008|16:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[0|bestand(en)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes
[5|map(pen)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes beschikbaar

[30/09/2008|19:25] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
[13/10/2011|15:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\McAfee
[30/09/2008|16:58] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[04/10/2008|10:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\Roxio
[0|bestand(en)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes
[6|map(pen)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes beschikbaar

[18/10/2008|21:43] C:\DOCUME~1\Ots\APPLIC~1\Adobe
[04/11/2011|12:29] C:\DOCUME~1\Ots\APPLIC~1\AdobeUM
[11/04/2010|19:01] C:\DOCUME~1\Ots\APPLIC~1\Apple Computer
[17/07/2011|12:52] C:\DOCUME~1\Ots\APPLIC~1\Babylon
[17/07/2011|12:56] C:\DOCUME~1\Ots\APPLIC~1\BabylonToolbar
[10/10/2011|11:37] C:\DOCUME~1\Ots\APPLIC~1\dvdcss
[17/07/2011|12:34] C:\DOCUME~1\Ots\APPLIC~1\FrostWire
[04/06/2009|21:52] C:\DOCUME~1\Ots\APPLIC~1\GoodSync
[20/07/2009|20:54] C:\DOCUME~1\Ots\APPLIC~1\Google
[30/05/2009|15:25] C:\DOCUME~1\Ots\APPLIC~1\Help
[17/09/2010|09:24] C:\DOCUME~1\Ots\APPLIC~1\HP
[07/11/2011|23:15] C:\DOCUME~1\Ots\APPLIC~1\HPAppData
[17/09/2010|09:27] C:\DOCUME~1\Ots\APPLIC~1\HpUpdate
[15/03/2011|11:51] C:\DOCUME~1\Ots\APPLIC~1\ICAClient
[01/10/2008|18:32] C:\DOCUME~1\Ots\APPLIC~1\Identities
[09/06/2010|07:49] C:\DOCUME~1\Ots\APPLIC~1\inkscape
[30/09/2008|19:25] C:\DOCUME~1\Ots\APPLIC~1\Intel
[07/08/2010|11:48] C:\DOCUME~1\Ots\APPLIC~1\LimeWire
[11/01/2009|20:04] C:\DOCUME~1\Ots\APPLIC~1\Logitech
[04/10/2008|08:15] C:\DOCUME~1\Ots\APPLIC~1\Macromedia
[07/11/2011|23:14] C:\DOCUME~1\Ots\APPLIC~1\Malwarebytes
[07/11/2011|23:28] C:\DOCUME~1\Ots\APPLIC~1\Microsoft
[07/11/2011|23:20] C:\DOCUME~1\Ots\APPLIC~1\Mozilla
[25/02/2010|16:59] C:\DOCUME~1\Ots\APPLIC~1\OpenOffice.org
[04/10/2008|18:23] C:\DOCUME~1\Ots\APPLIC~1\PDF reDirect
[07/11/2011|23:19] C:\DOCUME~1\Ots\APPLIC~1\PriceGong
[04/10/2008|10:48] C:\DOCUME~1\Ots\APPLIC~1\Roxio
[08/10/2011|16:00] C:\DOCUME~1\Ots\APPLIC~1\Search Settings
[22/10/2008|18:04] C:\DOCUME~1\Ots\APPLIC~1\SmartDraw
[22/12/2008|23:37] C:\DOCUME~1\Ots\APPLIC~1\Sun
[02/08/2009|13:36] C:\DOCUME~1\Ots\APPLIC~1\Symantec
[26/12/2009|10:37] C:\DOCUME~1\Ots\APPLIC~1\Tific
[17/07/2011|12:40] C:\DOCUME~1\Ots\APPLIC~1\Uniblue
[09/11/2011|15:58] C:\DOCUME~1\Ots\APPLIC~1\uTorrent
[09/11/2010|00:15] C:\DOCUME~1\Ots\APPLIC~1\vlc
[01/10/2008|18:33] C:\DOCUME~1\Ots\APPLIC~1\Wave Systems Corp
[09/10/2011|12:39] C:\DOCUME~1\Ots\APPLIC~1\YouTube Downloader
[0|bestand(en)] C:\DOCUME~1\Ots\APPLIC~1\bytes
[39|map(pen)] C:\DOCUME~1\Ots\APPLIC~1\bytes beschikbaar

--------------------\\ Geplande Taken gelocaliseerd in C:\WINDOWS\Tasks

[07/11/2011 17:12][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[09/11/2011 15:50][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{71E75DCF-BF67-4E51-9CFD-03AFA66A5FB8}.job
[08/11/2011 17:56][--ah-----] C:\WINDOWS\tasks\Norton Security Scan for Ots.job
[09/11/2011 15:56][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[09/11/2011 15:43][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[09/11/2011 15:39][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[08/11/2011 00:00][--a------] C:\WINDOWS\tasks\OGADaily.job
[09/11/2011 15:46][--a------] C:\WINDOWS\tasks\OGALogon.job
[09/11/2011 15:45][--a------] C:\WINDOWS\tasks\SDMsgUpdate (TE).job
[09/11/2011 15:43][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Beschrijving van mappen in C:\Program Files

[03/10/2008|18:20] C:\Program Files\Adobe
[22/07/2010|12:30] C:\Program Files\Apple Software Update
[08/10/2011|15:29] C:\Program Files\Application Updater
[22/01/2010|19:54] C:\Program Files\Atari
[17/07/2011|12:52] C:\Program Files\BabylonToolbar
[08/10/2011|15:29] C:\Program Files\Common Files
[30/09/2008|16:54] C:\Program Files\ComPlus Applications
[20/03/2011|12:11] C:\Program Files\Conduit
[30/09/2008|19:14] C:\Program Files\CONEXANT
[26/11/2008|13:49] C:\Program Files\Disc2Phone
[04/10/2008|10:41] C:\Program Files\DivX
[23/11/2009|17:39] C:\Program Files\EA Games
[02/02/2011|19:23] C:\Program Files\Fotoservice
[17/07/2011|12:31] C:\Program Files\FrostWire
[30/09/2008|19:22] C:\Program Files\Genesys PC Camera Device
[13/07/2011|16:43] C:\Program Files\Google
[17/09/2010|09:16] C:\Program Files\HP
[09/06/2010|07:45] C:\Program Files\Inkscape
[11/01/2009|19:54] C:\Program Files\InstallShield Installation Information
[30/09/2008|19:24] C:\Program Files\Intel
[30/09/2008|19:32] C:\Program Files\Intel Desktop Board
[17/10/2011|09:34] C:\Program Files\Internet Explorer
[22/07/2010|12:35] C:\Program Files\iPod
[22/07/2010|12:36] C:\Program Files\iTunes
[24/01/2009|21:40] C:\Program Files\Java
[25/03/2011|14:38] C:\Program Files\LimeWire
[11/01/2009|19:54] C:\Program Files\Logitech
[07/11/2011|23:14] C:\Program Files\Malwarebytes' Anti-Malware
[13/10/2011|15:29] C:\Program Files\McAfee Security Scan
[21/11/2008|18:44] C:\Program Files\Messenger
[16/09/2009|14:21] C:\Program Files\Microsoft
[30/09/2008|16:58] C:\Program Files\microsoft frontpage
[30/04/2009|17:24] C:\Program Files\Microsoft Office
[17/10/2011|09:50] C:\Program Files\Microsoft Silverlight
[16/09/2009|14:19] C:\Program Files\Microsoft SQL Server Compact Edition
[16/09/2009|14:20] C:\Program Files\Microsoft Sync Framework
[13/08/2010|17:33] C:\Program Files\Movie Maker
[09/11/2011|10:25] C:\Program Files\Mozilla Firefox
[25/08/2009|12:47] C:\Program Files\MSBuild
[12/05/2009|18:23] C:\Program Files\MSECache
[30/09/2008|16:54] C:\Program Files\MSN Gaming Zone
[03/10/2008|20:53] C:\Program Files\MSXML 4.0
[03/10/2008|20:58] C:\Program Files\MSXML 6.0
[17/07/2011|12:35] C:\Program Files\Netlog Uploader
[21/11/2008|18:37] C:\Program Files\NetMeeting
[12/09/2009|12:02] C:\Program Files\Norton AntiVirus
[02/05/2010|17:00] C:\Program Files\Norton Security Scan
[28/10/2009|19:49] C:\Program Files\Norton Support
[16/09/2009|17:00] C:\Program Files\NortonInstaller
[30/09/2008|19:34] C:\Program Files\NTRU Cryptosystems
[30/09/2008|16:56] C:\Program Files\Online Services
[25/02/2010|16:57] C:\Program Files\OpenOffice.org 3
[16/12/2010|08:26] C:\Program Files\Outlook Express
[04/10/2008|18:23] C:\Program Files\PDF reDirect
[28/12/2008|22:25] C:\Program Files\PokerStars.NET
[22/07/2010|12:35] C:\Program Files\QuickTime
[30/09/2008|19:07] C:\Program Files\Realtek
[25/08/2009|12:47] C:\Program Files\Reference Assemblies
[04/10/2008|10:56] C:\Program Files\Roxio
[09/08/2010|16:15] C:\Program Files\Safari
[04/06/2009|21:54] C:\Program Files\Siber Systems
[13/01/2009|18:42] C:\Program Files\Silvercrest MTS2118 driver
[29/03/2009|13:14] C:\Program Files\SmartDraw 2009
[07/02/2010|16:04] C:\Program Files\SPSSInc
[30/09/2008|19:34] C:\Program Files\STMicroelectronics
[25/12/2009|13:59] C:\Program Files\Symantec
[30/09/2008|19:26] C:\Program Files\Toshiba
[07/11/2011|23:28] C:\Program Files\Trend Micro
[17/07/2011|12:40] C:\Program Files\Uniblue
[30/09/2008|17:03] C:\Program Files\Uninstall Information
[29/03/2011|16:50] C:\Program Files\uTorrent
[22/09/2011|11:36] C:\Program Files\uTorrentBar_NL
[08/11/2010|22:44] C:\Program Files\VideoLAN
[30/09/2008|19:39] C:\Program Files\Wave Systems Corp
[30/09/2008|19:17] C:\Program Files\Winbond Electronics Corp
[07/02/2011|11:48] C:\Program Files\Windows Live
[16/09/2009|14:16] C:\Program Files\Windows Live SkyDrive
[28/11/2008|19:59] C:\Program Files\Windows Media Connect 2
[23/01/2010|12:34] C:\Program Files\Windows Media Player
[21/11/2008|18:37] C:\Program Files\Windows NT
[12/09/2009|12:01] C:\Program Files\Windows Sidebar
[30/09/2008|16:56] C:\Program Files\WindowsUpdate
[30/09/2008|16:58] C:\Program Files\xerox
[08/10/2011|15:29] C:\Program Files\YouTube Downloader
[08/10/2011|15:29] C:\Program Files\YouTube Downloader Toolbar
[0|bestand(en)] C:\Program Files\bytes
[87|map(pen)] C:\Program Files\bytes beschikbaar

--------------------\\ Beschrijving van mappen in C:\Program Files\Common Files

[03/10/2008|19:48] C:\Program Files\Common Files\Adobe
[22/07/2010|12:35] C:\Program Files\Common Files\Apple
[01/10/2008|12:37] C:\Program Files\Common Files\DESIGNER
[26/08/2010|20:23] C:\Program Files\Common Files\Hewlett-Packard
[26/08/2010|20:27] C:\Program Files\Common Files\HP
[04/10/2008|10:42] C:\Program Files\Common Files\InstallShield
[04/10/2008|07:51] C:\Program Files\Common Files\Java
[11/01/2009|19:56] C:\Program Files\Common Files\Logishrd
[06/07/2011|12:51] C:\Program Files\Common Files\Microsoft Shared
[30/09/2008|16:55] C:\Program Files\Common Files\MSSoap
[30/09/2008|18:48] C:\Program Files\Common Files\ODBC
[04/10/2008|10:56] C:\Program Files\Common Files\Roxio Shared
[30/09/2008|16:56] C:\Program Files\Common Files\Services
[30/09/2008|18:48] C:\Program Files\Common Files\SpeechEngines
[08/10/2011|15:29] C:\Program Files\Common Files\Spigot
[07/02/2010|16:06] C:\Program Files\Common Files\SPSS
[17/09/2009|10:22] C:\Program Files\Common Files\Symantec Shared
[30/04/2009|16:59] C:\Program Files\Common Files\System
[29/03/2009|13:43] C:\Program Files\Common Files\Windows Live
[04/10/2008|08:58] C:\Program Files\Common Files\WindowsLiveInstaller
[0|bestand(en)] C:\Program Files\Common Files\bytes
[22|map(pen)] C:\Program Files\Common Files\bytes beschikbaar

--------------------\\ Process

( 74 Processes )

... OK !

--------------------\\ Zoeken met S_Lop

Geen Lop mappen gevonden !

--------------------\\ Zoeken naar Lop Bestanden - Mappen

Geen Lop mappen gevonden !

--------------------\\ Zoeken doorheen het Register

..... OK !

--------------------\\ Nazicht van het Hosts bestand

Hosts bestand IN ORDE


--------------------\\ Zoeken naar verborgen bestanden met Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-11-09 16:01:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Zoeken naar andere infecties


Geen andere infecties gevonden !

[F:3420][D:210]-> C:\DOCUME~1\Ots\LOCALS~1\Temp
[F:1956][D:0]-> C:\DOCUME~1\Ots\Cookies
[F:987][D:55]-> C:\DOCUME~1\Ots\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - wo 09/11/2011|16:03 - Option : [2]

--------------------\\ Scan voltooid om 16:03:41

Nice, hoe gaat het nu ?

Ik heb de indruk dat mijn pc vlotter werkt. Bedankt!