Archief - hijack this log -- computer ontzettend traag

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
a

aveee

Legacy Member
hey guys,
laptop loopt ontzettend traag tegenwoordig en wou es zien of ik et kon fixxe maar lukt niet echt.

hier is hijackthis logj:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:10:16, on 21/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\TeamViewer\Version4\TeamViewer.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\GEBRUIKER\Bureaublad\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - (no file)
O3 - Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [ioloDelayModule] C:\Program Files\iolo\System Mechanic Professional 6\delay.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.isabel.be
O15 - Trusted Zone: *.kbc.be
O15 - Trusted Zone: *.kbcgroup.eu
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261417396468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1192379600734
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Google Updateservice (gupdate1c9c89eb002d5e) (gupdate1c9c89eb002d5e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 7325 bytes
J

Juisterr

Legacy Member
Schakel tijdelijk Windows Defender uit
Want deze kan voor stoorzender spelen bij het fixen met HJT (de fix terug ongedaan maken)
* Open Windows Defender > Klik Tools
* Klik "General Settings" of Options
* Scroll naar "Real Time Protection Options"
* Haal het vinkje weg bij "Turn on Real Time Protection (recommended)" > Klik "Save"
* Sluit Windows Defender
(als de problemen over zijn, logje weer schoon verklaard is, kan je 'm weer aanzetten)




Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - (no file)
O3 - Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - (no file)

Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.




Download LopSD naar je Bureaublad
  • Kies Optie N en Enter
  • Klik OK bij het informatie venter
  • Kies Optie 2 (Fix + Hosts), en Enter
  • Aan het eind verschijnt een log ( LopR.txt ) plaats de inhoud ervan in je volgende antwoord
Vista gebruikers:rechtsklik op LopSD en kies voor "Als Administrator uitvoeren”
Note:LopSD wordt door sommige virusscanners als virus gezien,deactiveer daarom je scanner
a

aveee

Legacy Member
k, hier is dat logj

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Celeron(R) M CPU 420 @ 1.60GHz )
BIOS : Ver 1.00PARTTBL1
USER : GEBRUIKER ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.5 (Activated)
C:\ (Local Disk) - FAT32 - Total:69 Go (Free:25 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( wo 23/12/2009| 0:11 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Beschrijving van mappen in APPLIC~1

[15/04/2005|11:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[15/04/2005|10:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[0|bestand(en)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes
[4|map(pen)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes beschikbaar

[14/10/2007|18:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/09/2008|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alawar Stargaze
[06/11/2008|16:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Arkadium
[23/06/2009|22:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[15/04/2008|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Awem
[02/12/2006|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
[29/11/2006|14:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[30/07/2008|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DivoGames
[13/11/2008|08:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EscapeTheMuseum
[08/06/2008|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
[07/01/2008|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flood Light Games
[08/01/2008|17:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
[25/04/2009|11:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
[15/06/2008|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[12/09/2008|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
[20/07/2009|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii Games
[08/01/2007|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[02/01/2008|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[12/07/2008|08:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[30/07/2009|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HoverBee Studios
[07/10/2009|07:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IntDreams
[26/11/2009|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intenium
[10/05/2007|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
[10/07/2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Isabel Services
[02/11/2007|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[26/05/2009|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mandragora
[15/04/2005|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/03/2009|13:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
[30/04/2009|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mushroom Age
[01/03/2008|17:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\My Games
[23/02/2008|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MythPeople
[09/05/2009|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[13/05/2009|11:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PiddlePup Games
[11/12/2007|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[31/05/2008|09:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayPond
[15/09/2008|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Playrix Entertainment
[26/04/2009|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PoBros
[27/05/2009|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Product
[27/05/2009|15:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickClick
[31/12/2006|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[14/01/2009|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[28/01/2008|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
[05/12/2007|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SugarGames
[15/08/2006|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[04/01/2008|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[29/12/2007|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio
[05/07/2008|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VisualShape
[29/11/2006|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[21/12/2009|12:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[23/03/2009|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WotT
[06/02/2007|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[0|bestand(en)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes
[53|map(pen)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes beschikbaar

[15/04/2005|10:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[0|bestand(en)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes
[3|map(pen)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes beschikbaar

[15/04/2005|10:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[27/05/2008|18:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\TeamViewer
[0|bestand(en)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes
[4|map(pen)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes beschikbaar

[15/04/2005|11:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[15/04/2005|10:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[0|bestand(en)] C:\DOCUME~1\ADMINI~1\APPLIC~1\bytes
[4|map(pen)] C:\DOCUME~1\ADMINI~1\APPLIC~1\bytes beschikbaar

[29/11/2006|13:57] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Adobe
[03/12/2006|12:53] C:\DOCUME~1\GEBRUI~1\APPLIC~1\AdobeUM
[11/06/2009|19:51] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Anabel
[23/08/2008|13:46] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Ancient Quest of Saqqarah__oberon
[18/12/2009|19:18] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Awem
[19/05/2009|11:58] C:\DOCUME~1\GEBRUI~1\APPLIC~1\BeachPartyCraze
[12/01/2008|15:25] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Big Fish Games
[04/12/2008|20:30] C:\DOCUME~1\GEBRUI~1\APPLIC~1\BloodTies
[02/12/2006|15:54] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Brother
[25/02/2008|18:47] C:\DOCUME~1\GEBRUI~1\APPLIC~1\CaribbeanHideaway
[20/12/2008|22:13] C:\DOCUME~1\GEBRUI~1\APPLIC~1\cerasus.media
[26/08/2009|08:08] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Coyotes Tale
[29/11/2006|14:09] C:\DOCUME~1\GEBRUI~1\APPLIC~1\CyberLink
[29/04/2009|09:43] C:\DOCUME~1\GEBRUI~1\APPLIC~1\EleFun Games
[12/05/2009|20:46] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Enchanted Katya
[07/01/2008|21:45] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Flood Light Games
[08/01/2008|17:24] C:\DOCUME~1\GEBRUI~1\APPLIC~1\FloodLightGames
[08/10/2009|21:13] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Friday's games
[10/07/2008|13:03] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Gamelab
[16/10/2008|20:30] C:\DOCUME~1\GEBRUI~1\APPLIC~1\GamesCafe
[20/07/2009|18:32] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Gogii Games
[28/07/2009|13:36] C:\DOCUME~1\GEBRUI~1\APPLIC~1\GOL_byHasbro
[08/01/2007|20:20] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Google
[02/01/2008|19:50] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Grisoft
[04/12/2006|20:40] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Help
[15/04/2005|11:02] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Identities
[23/06/2009|14:36] C:\DOCUME~1\GEBRUI~1\APPLIC~1\IObit
[10/05/2007|10:40] C:\DOCUME~1\GEBRUI~1\APPLIC~1\iolo
[26/07/2008|18:08] C:\DOCUME~1\GEBRUI~1\APPLIC~1\iWin
[14/05/2008|14:34] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Jane s Hotel Family Hero
[10/07/2008|14:26] C:\DOCUME~1\GEBRUI~1\APPLIC~1\KBC-Online for Business
[29/11/2006|14:29] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Lavasoft
[29/11/2006|11:21] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Macromedia
[07/12/2007|13:36] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Magic Academy
[12/12/2008|18:53] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Meridian93
[15/04/2005|10:38] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Microsoft
[30/06/2008|14:42] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Mozilla
[21/07/2008|20:27] C:\DOCUME~1\GEBRUI~1\APPLIC~1\My Games
[26/10/2009|13:24] C:\DOCUME~1\GEBRUI~1\APPLIC~1\MysteryStudio
[24/01/2007|21:04] C:\DOCUME~1\GEBRUI~1\APPLIC~1\OLYMPUS
[01/06/2009|15:26] C:\DOCUME~1\GEBRUI~1\APPLIC~1\panoramik
[10/04/2009|16:47] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Pharaohs Secret
[16/03/2008|13:43] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Pirateville
[11/12/2007|17:38] C:\DOCUME~1\GEBRUI~1\APPLIC~1\PlayFirst
[23/09/2008|13:20] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Playrix Entertainment
[26/04/2009|08:56] C:\DOCUME~1\GEBRUI~1\APPLIC~1\PoBros
[16/04/2009|17:14] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Sahmon Games
[12/03/2007|21:46] C:\DOCUME~1\GEBRUI~1\APPLIC~1\ScanSoft
[15/12/2008|19:49] C:\DOCUME~1\GEBRUI~1\APPLIC~1\SecretIslandEng
[19/09/2008|09:50] C:\DOCUME~1\GEBRUI~1\APPLIC~1\SpinTop Games
[05/07/2008|20:31] C:\DOCUME~1\GEBRUI~1\APPLIC~1\SprillBermudeEng
[02/12/2006|16:34] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Sun
[27/05/2008|18:28] C:\DOCUME~1\GEBRUI~1\APPLIC~1\TeamViewer
[30/06/2008|14:42] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Thunderbird
[27/08/2009|20:50] C:\DOCUME~1\GEBRUI~1\APPLIC~1\TMInc
[08/06/2008|11:39] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Total Eclipse
[16/10/2007|10:02] C:\DOCUME~1\GEBRUI~1\APPLIC~1\U3
[17/09/2009|18:58] C:\DOCUME~1\GEBRUI~1\APPLIC~1\V-Games
[23/12/2008|15:41] C:\DOCUME~1\GEBRUI~1\APPLIC~1\ViquaSoft
[05/07/2008|10:01] C:\DOCUME~1\GEBRUI~1\APPLIC~1\VisualShape
[22/10/2007|19:40] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Zylom
[21/09/2009|17:45] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Zylom 3 Days Zoo Mystery
[16/04/2009|19:44] C:\DOCUME~1\GEBRUI~1\APPLIC~1\Zylom DressUpRush
[0|bestand(en)] C:\DOCUME~1\GEBRUI~1\APPLIC~1\bytes
[65|map(pen)] C:\DOCUME~1\GEBRUI~1\APPLIC~1\bytes beschikbaar

--------------------\\ Geplande Taken gelocaliseerd in C:\WINDOWS\Tasks

[22/12/2009 15:27][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[23/12/2009 00:04][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[04/12/2009 00:02][--a------] C:\WINDOWS\tasks\OGADaily.job
[23/12/2009 00:05][--a------] C:\WINDOWS\tasks\OGALogon.job
[22/12/2009 11:08][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[23/12/2009 00:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/09/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Beschrijving van mappen in C:\Program Files

[15/08/2006|13:35] C:\Program Files\Acer Inc
[15/08/2006|13:48] C:\Program Files\Adobe
[27/05/2008|18:02] C:\Program Files\AVG
[21/12/2009|12:32] C:\Program Files\CCleaner
[15/04/2005|10:38] C:\Program Files\Common Files
[15/04/2005|10:44] C:\Program Files\ComPlus Applications
[29/11/2006|11:18] C:\Program Files\CyberLink
[10/07/2008|14:13] C:\Program Files\DIFX
[04/01/2008|21:27] C:\Program Files\Gamenext
[23/10/2009|09:31] C:\Program Files\Garmin
[07/01/2007|18:44] C:\Program Files\Google
[15/08/2006|13:15] C:\Program Files\InstallShield Installation Information
[15/08/2006|13:11] C:\Program Files\Intel
[15/04/2005|10:46] C:\Program Files\Internet Explorer
[24/01/2007|14:42] C:\Program Files\IObit
[23/01/2007|17:20] C:\Program Files\iolo
[29/11/2006|14:40] C:\Program Files\Java
[02/12/2006|16:35] C:\Program Files\KBC-Online
[10/07/2008|14:14] C:\Program Files\KBC-Online for Business
[29/11/2006|11:21] C:\Program Files\Launch Manager
[15/04/2005|10:43] C:\Program Files\Messenger
[12/01/2009|21:34] C:\Program Files\Meteo
[26/05/2009|19:44] C:\Program Files\Microsoft
[14/10/2007|18:47] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[15/04/2005|10:49] C:\Program Files\microsoft frontpage
[15/01/2007|11:59] C:\Program Files\Microsoft Office
[10/11/2009|17:48] C:\Program Files\Microsoft Silverlight
[25/05/2009|20:08] C:\Program Files\Microsoft SQL Server Compact Edition
[26/05/2009|19:49] C:\Program Files\Microsoft Sync Framework
[03/02/2007|21:49] C:\Program Files\Microsoft.NET
[15/04/2005|10:43] C:\Program Files\Movie Maker
[14/01/2009|19:52] C:\Program Files\Mozilla Firefox
[14/10/2007|17:43] C:\Program Files\MSBuild
[18/02/2009|09:48] C:\Program Files\MSECache
[15/04/2005|10:43] C:\Program Files\MSN Gaming Zone
[01/01/2007|13:30] C:\Program Files\MSXML 4.0
[14/10/2007|17:45] C:\Program Files\MSXML 6.0
[15/04/2005|10:46] C:\Program Files\NetMeeting
[30/06/2008|14:42] C:\Program Files\Netscape
[15/08/2006|13:35] C:\Program Files\NewTech Infosystems
[06/11/2008|13:16] C:\Program Files\Oberon Media
[31/12/2006|14:08] C:\Program Files\OLYMPUS
[15/04/2005|10:46] C:\Program Files\Online Services
[15/04/2005|10:46] C:\Program Files\Outlook Express
[24/01/2007|15:20] C:\Program Files\Panda Software
[30/06/2008|14:42] C:\Program Files\Qualcomm
[31/12/2006|14:03] C:\Program Files\QuickTime
[15/08/2006|13:15] C:\Program Files\Realtek
[24/01/2007|19:15] C:\Program Files\RealVNC
[14/10/2007|17:39] C:\Program Files\Reference Assemblies
[15/08/2006|14:00] C:\Program Files\Symantec
[15/08/2006|13:15] C:\Program Files\Synaptics
[24/06/2009|09:30] C:\Program Files\TeamViewer
[15/04/2005|11:02] C:\Program Files\Uninstall Information
[09/06/2007|20:29] C:\Program Files\Visserij Gegevens 2007
[29/11/2006|14:38] C:\Program Files\Windows Defender
[29/11/2006|13:40] C:\Program Files\Windows Media Connect 2
[15/04/2005|10:43] C:\Program Files\Windows Media Player
[15/04/2005|10:43] C:\Program Files\Windows NT
[15/04/2005|10:43] C:\Program Files\Windows Plus
[15/04/2005|10:46] C:\Program Files\WindowsUpdate
[16/10/2007|10:07] C:\Program Files\WinZip
[15/04/2005|10:49] C:\Program Files\xerox
[23/02/2008|17:12] C:\Program Files\Xvid
[29/11/2006|11:27] C:\Program Files\Yahoo!
[0|bestand(en)] C:\Program Files\bytes
[67|map(pen)] C:\Program Files\bytes beschikbaar

--------------------\\ Beschrijving van mappen in C:\Program Files\Common Files

[29/11/2006|13:57] C:\Program Files\Common Files\Adobe
[03/02/2007|21:49] C:\Program Files\Common Files\DESIGNER
[15/08/2006|13:14] C:\Program Files\Common Files\InstallShield
[10/07/2008|14:14] C:\Program Files\Common Files\Isabel
[10/07/2008|14:14] C:\Program Files\Common Files\Isabel CSP
[29/11/2006|14:39] C:\Program Files\Common Files\Java
[15/04/2005|10:38] C:\Program Files\Common Files\Microsoft Shared
[15/04/2005|10:46] C:\Program Files\Common Files\MSSoap
[15/08/2006|13:36] C:\Program Files\Common Files\muvee Technologies
[15/08/2006|13:35] C:\Program Files\Common Files\NewTech Infosystems
[04/01/2008|21:27] C:\Program Files\Common Files\Oberon Media
[15/04/2005|10:38] C:\Program Files\Common Files\ODBC
[24/01/2007|15:19] C:\Program Files\Common Files\Panda Software
[15/04/2005|10:46] C:\Program Files\Common Files\Services
[15/04/2005|10:38] C:\Program Files\Common Files\SpeechEngines
[15/08/2006|14:00] C:\Program Files\Common Files\Symantec Shared
[15/04/2005|10:46] C:\Program Files\Common Files\System
[21/12/2009|16:29] C:\Program Files\Common Files\Windows Live
[25/05/2009|20:00] C:\Program Files\Common Files\WindowsLiveInstaller
[10/07/2008|14:12] C:\Program Files\Common Files\Wise Installation Wizard
[0|bestand(en)] C:\Program Files\Common Files\bytes
[22|map(pen)] C:\Program Files\Common Files\bytes beschikbaar

--------------------\\ Process

( 49 Processes )

... OK !

--------------------\\ Zoeken met S_Lop

Geen Lop mappen gevonden !

--------------------\\ Zoeken naar Lop Bestanden - Mappen

Geen Lop mappen gevonden !

--------------------\\ Zoeken doorheen het Register

..... OK !

--------------------\\ Nazicht van het Hosts bestand

Hosts bestand IN ORDE


--------------------\\ Zoeken naar verborgen bestanden met Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-12-23 00:14:04
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Zoeken naar andere infecties


Geen andere infecties gevonden !

[F:130][D:9]-> C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp
[F:11][D:0]-> C:\DOCUME~1\GEBRUI~1\Cookies
[F:554][D:5]-> C:\DOCUME~1\GEBRUI~1\LOCALS~1\TEMPOR~1\content.IE5
[F:295][D:90]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - wo 23/12/2009| 0:14 - Option : [2]

--------------------\\ Scan voltooid om 0:14:50
a

aveee

Legacy Member
hier is het hijackthis logje

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:45:41, on 23/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\GEBRUIKER\Bureaublad\HijackThis.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\TeamViewer\Version4\TeamViewer.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iolo\System Mechanic Professional 6\SysMech6.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\dllhost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [ioloDelayModule] C:\Program Files\iolo\System Mechanic Professional 6\delay.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.isabel.be
O15 - Trusted Zone: *.kbc.be
O15 - Trusted Zone: *.kbcgroup.eu
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261417396468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1192379600734
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Google Updateservice (gupdate1c9c89eb002d5e) (gupdate1c9c89eb002d5e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 7046 bytes
J

Juisterr

Legacy Member
Schakel tijdelijk Windows Defender uit
Want deze kan voor stoorzender spelen bij het fixen met HJT (de fix terug ongedaan maken)
* Open Windows Defender > Klik Tools
* Klik "General Settings" of Options
* Scroll naar "Real Time Protection Options"
* Haal het vinkje weg bij "Turn on Real Time Protection (recommended)" > Klik "Save"
* Sluit Windows Defender
(als de problemen over zijn, logje weer schoon verklaard is, kan je 'm weer aanzetten)

Installeer hijackthis.exe bijv. in C:\Program Files\Hijackthis
Dit in verband met de backups die dit programma maakt.

Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

O15 - Trusted Zone: *.isabel.be
O15 - Trusted Zone: *.kbc.be
O15 - Trusted Zone: *.kbcgroup.eu

Klik op 'Fix checked' om de items te verwijderen.
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan