Ga naar inhoud

PC loopt soms vast en sluit niet meer af


kurt5

Aanbevolen berichten

Oke, heb dit gedaan. Maar ik moet hem wel opstarten via veilige modus want anders opent hij bij het opstarten automatisch internet explorer en blijft terug hangen. Alsof hij maar de helft van zijn werk doet. Zal een logje makjen met Hijack in veilige modus en via een andere pc hierop zetten.

Link naar reactie
Delen op andere sites

  • Reacties 28
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

Hijackthis-log

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:23:53, on 19/11/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E2DC7F5A744E2A3EC2 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - (no file)

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-21-2025429265-1606980848-1957994488-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-18\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\system32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User '?')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\system32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O16 - DPF: Win32 Classes -

--

End of file - 3977 bytes

Ik zei dat hij vastloopt maar in feite stopt hij halverwege en doet dan aan een slakkengangetje de rest van de opstart, maar dat duurt een paar uur, daarmee dat ik dacht dat hij vastliep.

Link naar reactie
Delen op andere sites

Je logje is - helaas - niet volledig. Maar deze items mag je al fixen met HijackThis :

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E2DC7F5A744E2A3EC2 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - (no file)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

... en dan graag een nieuw en volledig logje met HijackThis (als dat je lukt).

Link naar reactie
Delen op andere sites

Heb die 3 items gefixed en een nieuw logje gemaakt.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:06:06, on 20/11/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-21-2025429265-1606980848-1957994488-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-18\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\system32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User '?')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\system32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O16 - DPF: Win32 Classes -

--

End of file - 3462 bytes

Heb goed nagekeken meer staat er echt niet op.

Link naar reactie
Delen op andere sites

Download RSIT.

Sla het op je Bureaublad op.

Dubbelklik op RSIT om het te starten.

Klik op Continue in het disclaimer venster.

Zodra de scan beëindigd is, zullen twee logs openen. Post de inhoud van log.txt (zal gemaximaliseerd zijn) en info.txt (zal geminimaliseerd zijn) in je volgende antwoord.

Link naar reactie
Delen op andere sites

Log.TXT

Logfile of random's system information tool 1.06 (written by random/random)

Run by Administrator at 2009-11-20 16:09:33

WIN_XP Service Pack 3

System drive C: has 6 GB (29%) free of 19 GB

Total RAM: 511 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:09:37, on 20/11/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Administrator\Bureaublad\RSIT.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HijackThis\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-21-2025429265-1606980848-1957994488-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-18\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\system32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User '?')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\system32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O16 - DPF: Win32 Classes -

--

End of file - 3526 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Toepassing Optimalisatie Start.job

C:\WINDOWS\tasks\PCHealth-planner voor gegevensverzameling.job

C:\WINDOWS\tasks\Herinnering voor video.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{7BCB72A0-D63D-49AD-A733-8A6E6878F72F}.job

C:\WINDOWS\tasks\SLOW-PCfighter.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

AcroIEHlprObj Class - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]

ST - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL [2004-08-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]

MSNToolBandBHO - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL [2006-01-17 282624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\MSNTB.DLL [2006-01-17 282624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SystemTray"=C:\WINDOWS\system32\SysTray.Exe [2001-09-07 3072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]

C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2001-07-03 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]

C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\SYSTEM32\UPNPUI.DLL [2008-04-14 239616]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-12-12 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"

======List of files/folders created in the last 2 months======

2009-11-20 16:09:33 ----D---- C:\rsit

2009-11-19 12:15:06 ----SHD---- C:\FOUND.015

2009-11-19 12:04:24 ----SHD---- C:\FOUND.014

2009-11-18 19:46:37 ----A---- C:\WINDOWS\SchedLog.Txt

2009-11-18 19:46:34 ----D---- C:\Program Files\xerox

2009-11-18 17:54:46 ----SHD---- C:\FOUND.013

2009-11-05 15:58:10 ----SHD---- C:\FOUND.012

2009-11-02 11:49:36 ----SHD---- C:\FOUND.011

2009-10-29 20:34:08 ----SHD---- C:\FOUND.010

2009-10-28 15:53:42 ----SHD---- C:\FOUND.009

2009-10-21 17:18:28 ----D---- C:\WINDOWS\All Users\Application Data\Norton

2009-10-21 17:18:15 ----D---- C:\WINDOWS\All Users\Application Data\NortonInstaller

2009-10-15 18:58:08 ----SHD---- C:\FOUND.008

2009-10-15 17:29:02 ----SHD---- C:\FOUND.007

2009-10-13 20:34:44 ----SHD---- C:\FOUND.006

2009-10-13 20:24:20 ----SHD---- C:\FOUND.005

2009-09-27 22:10:16 ----SHD---- C:\FOUND.004

======List of files/folders modified in the last 2 months======

2009-11-20 12:10:10 ----A---- C:\Log.txt

2009-11-19 17:35:12 ----SH---- C:\boot.ini

2009-11-19 17:35:12 ----A---- C:\WINDOWS\win.ini

2009-11-19 17:35:12 ----A---- C:\WINDOWS\system.ini

2009-10-21 21:43:12 ----A---- C:\WINDOWS\PhotoImpression.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-12-12 14720]

R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-12-12 10368]

R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-12-12 12288]

R3 NtApm;NT Apm/Legacy-interfacestuurprogramma; C:\WINDOWS\system32\DRIVERS\NtApm.sys [2001-09-06 9472]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]

R3 rtl8139;NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]

R3 RTPP2K;RTPP2K; C:\WINDOWS\system32\DRIVERS\rtpp2k.sys [2001-04-29 87374]

R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-12-12 32128]

R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-12-12 59520]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-12-12 20608]

R3 VIAudio;VIA AC'97 Audio-controller (WDM); C:\WINDOWS\system32\drivers\ac97via.sys [2008-04-13 84480]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-03-20 49920]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-03-20 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-03-20 21568]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 usbstor;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-12-12 26368]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-12-12 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-12-12 82944]

S4 ACPI;ACPI; C:\WINDOWS\system32\drivers\ACPI.sys []

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Log.TXT

info.txt logfile of random's system information tool 1.06 2009-11-20 16:09:39

======Uninstall list======

-->"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:IE50 /UNINSTALL /PROMPT

-->C:\WINDOWS\IsUn0413.exe -fC:\WINDOWS\mrun32.isu

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\ENGINE\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\SETUP.EXE" UNINSTALL

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

ACDSee-->C:\PROGRA~1\ACDSYS~1\ACDSEE\UNWISE.EXE C:\PROGRA~1\ACDSYS~1\ACDSEE\INSTALL.LOG

Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}

Adobe Acrobat 4.0-->C:\WINDOWS\ISUN0413.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\98\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\98\Uninst.dll"

Adobe Acrobat and Reader 6.0.3 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000603}

Adobe Acrobat and Reader 6.0.4 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000604}

Adobe Acrobat and Reader 6.0.5 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000605}

Adobe Acrobat and Reader 6.0.6 Update-->MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000606}

Adobe Flash Player ActiveX-->C:\WINDOWS\SYSTEM32\MACROMED\FLASH\uninstall_activeX.exe

Adobe Reader 6.0.1 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A00000000001}

Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log

Ahead Nero - Burning Rom-->C:\WINDOWS\UNNERO.exe /UNINSTALL

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

Easy Computing's Grote Encyclopedie 2000-->C:\WINDOWS\IsUn0413.exe -f"C:\Program Files\EASY COMPUTING\De Grote Encyclopedie 2000\Uninst.isu"

Hercules WebCam Station-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\ENGINE\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D208F4A7-6B73-4C2A-8B1E-8756FCBA831E}\SETUP.EXE" -l0x13

HijackThis 2.0.2-->"C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HijackThis.exe" /uninstall

HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat

HP DeskJet 840C Series (Remove only)-->C:\Program Files\HP DeskJet 840C Series\hpfiui.exe -c -vdivid=HPF -vpnum=90 -vinstport=LPT1: -vproduct=840C -huninstall

HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat

HP Officejet Pro K5300/5400 Series-->C:\Program Files\HP\Digital Imaging\{AAF42A99-B684-49B1-AEBC-AE5B287CB98D}\setup\hpzscr01.exe -datfile hpwscr06.dat

HP Photo Printing Software-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Printing\Uninstall.isu" -c"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Printing\hpiunPC.dll

HP Precisionscan Pro 3.1-->MsiExec.exe /I{6B36DEBF-27D0-4B1E-858D-D397091C6C7D}

HP Share-to-Web-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{748F4870-8350-11D3-B0BF-080009FB4A19}\setup.exe" --MAIN -l19

HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}

HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat

IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe

Microsoft .NET Framework 1.1 Dutch Language Pack-->MsiExec.exe /X{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}

Microsoft .NET Framework 1.1 Service Pack 1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - NLD-->MsiExec.exe /I{220C5102-2566-337F-9E9B-C81C5C761BA2}

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Dutch Language Pack-->MsiExec.exe /X{64371D22-A18B-436E-863B-2E12DA8042FF}

Microsoft .NET Framework 3.0 Nederlands taalpakket-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Dutch Language Pack\setup.exe

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 Language Pack - nld-->MsiExec.exe /I{A395750A-78D7-36D1-A59D-1A0B601D4BDC}

Microsoft .NET Framework 3.5 Service Pack 1 Nederlands taalpakket-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - nld\setup.exe

Microsoft .NET Framework 3.5 Service Pack 1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf

Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}

Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}

Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}

Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}

Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}

MPM-->MsiExec.exe /X{8F9D71EC-A86E-4001-A108-D2055591451A}

MSN Messenger 7.0-->MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}

MSN Toolbar-->C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\NL\mtbs.exe c

MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{988B6E93-EAE9-44C2-A226-A4631C57B2AF}

Patience 1.01-->"C:\Program Files\Bureau-accessoires\Patience\unins000.exe"

SPAMfighter-->"C:\Program Files\SPAMfighter\uninstall.exe" Remove

Spy Sweeper-->"C:\Program Files\Webroot\Spy Sweeper\unins000.exe"

Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows XP verwijderen-->%SYSTEMROOT%\system32\osuninst.exe

WinRAR-->C:\PROGRAM FILES\WINRAR\UNINSTALL.EXE

WinZip-->"C:\PROGRAM FILES\WINZIP\WINZIP32.EXE" /uninstall

=====HijackThis Backups=====

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) [2009-11-20]

O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E2DC7F5A744E2A3EC2 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - (no file) [2009-11-20]

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) [2009-11-20]

======Hosts File======

127.0.0.1 localhost

127.0.0.1 i.i.com.com

Securitycenter WMI appears to be broken

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SYSTEMROOT%\system32;%SYSTEMROOT%;%SYSTEMROOT%\COMMAND;C:\PROGRA~1\COMMON~1\AUTODE~1;%SYSTEMROOT%\system32\WBEM

"windir"=C:\WINDOWS

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 4 Stepping 2, AuthenticAMD

"PROCESSOR_REVISION"=0402

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=C:\WINDOWS\TEMP

"TMP"=C:\WINDOWS\TEMP

"winbootdir"=C:\WINDOWS

"PROMPT"=$p$g

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Download HostsXpert

Unzip het programma naar je Bureaublad.

Open de map en dubbelklik op Hoster.exe

Klik op "Restore Microsofts Original Hosts File"

Klik op "OK" en sluit het programma.

Verwijder alle mappen met de volgende vorm : van C:\FOUND.000 … tot C:\FOUND.015

En laat dan maar opnieuw weten hoe de situatie momenteel is ?

Link naar reactie
Delen op andere sites

Oké, heb alles juist gedaan maar er zijn geen mappen met deze naam C:\FOUND.000 gevonden. Heb toch nog eens opnieuw opgestart en probleem hetzelfde.
Probleem blijft dat je logjes nog steeds - om onverklaarbare redenen - onvolledig zijn en dus geen duidelijk beeld geven van de problemen op je PC. En zie - na wat we al gedaan hebben - niet meteen een oplossing om dit recht te zetten. Even Windows nakijken is nog een laatste optie : Start -> Uitvoeren -> typ sfc /scannow Onderwerg zal (normaal) naar de Windows-CD gevraagd worden. Hou die al maar bij de hand indien nodig.
Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.