Trage laptop

[djdanvan]

Beste PC Hlpf,

Mijn laptop werkt zeer traag en in het bijzonder Internet, als ik vlug typ is het precies dat de letters een eind achterkomen.

Ik heb hem laten scannen met de aanwezige scanner NOD32, Spybots, Adaware, Malwarebits, en laatst met ComboFix en Hijjack waarvan hieronder de logs.

Wie kan er eens mijn logjes bekijken wat eventueel mag of moet gefixt of verwijderd worden.

Vriendelijk bedankt hoor.

ComboFix 10-08-16.04 - User 17/08/2010 14:55:06.1.1 - FAT32x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.270 [GMT 2:00]

Gestart vanuit: c:\documents and settings\User\Bureaublad\ComboFix.exe

AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-07-17 to 2010-08-17 ))))))))))))))))))))))))))))))

.

2010-08-17 12:48 . 2010-08-17 12:48 -------- d-----w- c:\program files\Trend Micro

2010-08-17 06:25 . 2010-08-17 06:25 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google

2010-08-17 06:24 . 2010-08-17 06:24 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Google

2010-08-17 06:24 . 2010-08-17 06:24 -------- d-----w- c:\windows\system32\IOSUBSYS

2010-08-17 06:23 . 2010-08-17 06:23 -------- d-----w- c:\program files\Google

2010-08-16 19:59 . 2010-08-16 19:59 -------- d-----w- C:\fsaua.data

2010-08-16 19:25 . 2010-08-16 19:25 -------- d--h--r- c:\documents and settings\User\Onlangs geopend

2010-08-16 18:39 . 2010-08-16 18:39 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes

2010-08-16 18:38 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-08-16 18:38 . 2010-08-16 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-08-16 18:38 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-08-16 18:38 . 2010-08-16 18:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-08-16 17:37 . 2010-08-16 17:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2010-08-16 17:37 . 2010-08-16 17:37 -------- d-----w- c:\program files\Spybot - Search & Destroy

2010-08-16 17:23 . 2010-08-16 15:28 15880 ----a-w- c:\windows\system32\lsdelete.exe

2010-08-16 15:32 . 2010-08-16 15:27 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys

2010-08-16 15:32 . 2010-08-16 15:32 -------- d-----w- c:\windows\system32\DRVSTORE

2010-08-16 15:30 . 2010-08-16 15:29 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2010-08-16 15:18 . 2010-02-04 15:53 2954656 ----a-w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe

2010-08-16 15:18 . 2010-08-16 15:18 -------- d--h--w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}

2010-08-16 15:16 . 2010-08-16 15:16 -------- d-----w- c:\program files\Lavasoft

2010-08-16 15:16 . 2010-08-16 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2010-08-16 14:39 . 2010-08-16 14:39 -------- d-----w- C:\Beveiliging

2010-08-16 13:18 . 2010-08-16 13:18 -------- d-----w- c:\program files\CCleaner

2010-08-16 12:56 . 2010-08-16 12:56 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\VS Revo Group

2010-08-16 12:56 . 2009-12-20 15:40 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys

2010-08-16 12:56 . 2010-08-16 12:56 -------- d-----w- c:\program files\VS Revo Group

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-08-13 10:05 . 2004-10-26 09:47 92120 ----a-w- c:\windows\system32\perfc013.dat

2010-08-13 10:05 . 2004-10-26 09:47 512078 ----a-w- c:\windows\system32\perfh013.dat

2010-06-30 12:33 . 2004-10-26 09:46 149504 ----a-w- c:\windows\system32\schannel.dll

2010-06-24 12:27 . 2004-10-26 09:46 916480 ----a-w- c:\windows\system32\wininet.dll

2010-06-24 09:03 . 2004-10-26 09:46 1852032 ----a-w- c:\windows\system32\win32k.sys

2010-06-21 15:27 . 2004-10-26 09:46 354304 ----a-w- c:\windows\system32\drivers\srv.sys

2010-06-17 14:03 . 2004-10-26 09:46 80384 ----a-w- c:\windows\system32\iccvid.dll

2010-06-14 14:31 . 2005-10-03 09:30 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\HelpSvc.exe

2010-06-14 07:43 . 2004-10-26 09:46 1172480 ----a-w- c:\windows\system32\msxml3.dll

2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-05-25 5562368]

"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2004-10-15 356352]

"nwiz"="nwiz.exe" [2005-05-25 1495040]

"RTHDCPL"="RTHDCPL.EXE" [2005-05-25 14477312]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-04-09 2029640]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-12-21 688218]

"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-12-21 98394]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

ASUS ChkMail.lnk - c:\program files\ASUS\Asus ChkMail\ChkMail.exe [2005-10-3 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]

2004-10-15 09:27 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2009-02-27 15:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]

2003-09-19 10:54 172032 ----a-w- c:\program files\ASUS\ASUS Live Update\ALU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControl]

2005-05-12 01:15 102400 ----a-w- c:\windows\ATK0100\HControl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2008-12-08 13:50 54576 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]

2004-10-15 09:27 385024 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 20:33 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2009-02-06 16:52 3885408 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear]

2004-09-21 14:55 81920 ----a-w- c:\program files\ASUS\Power4 Gear\BatteryLife.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console]

2005-03-02 19:52 57344 ----a-w- c:\program files\ASUS\Wireless Console\wcourier.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\ASUS\\ASUS Live Update\\LiveUpdt.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [16/08/2010 17:32 64288]

R0 R592;R592;c:\windows\system32\drivers\R592.sys [15/10/2004 19:26 57088]

R0 risdpntk;risdpntk;c:\windows\system32\drivers\risdpntk.sys [15/10/2004 19:26 27264]

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [9/04/2009 15:18 107256]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [9/04/2009 15:21 94360]

R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [9/04/2009 15:19 731840]

R3 SynMini;USB2.0 1.3M Web Cam;c:\windows\system32\drivers\SynMini.sys [3/10/2005 11:41 702326]

R3 SynScan;USB2.0 1.3M Web Cam Still Image;c:\windows\system32\drivers\SynScan.sys [3/10/2005 11:41 4790]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [4/02/2010 17:52 1352832]

S3 Asushwio;Asushwio;c:\windows\system32\drivers\ASUSHWIO.SYS [20/10/2005 20:28 5824]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [16/08/2010 14:56 27064]

.

Inhoud van de 'Gedeelde Taken' map

2010-08-17 c:\windows\Tasks\User_Feed_Synchronization-{4BF88277-393B-4FFC-90B2-BF9DE814E942}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]

2010-08-17 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:26]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

.

- - - - ORPHANS VERWIJDERD - - - -

AddRemove-CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431966 - c:\program files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431966\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_10431966

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-08-17 14:58

Windows 5.1.2600 Service Pack 3 FAT NTAPI

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]

"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]

"3140AC1900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(1488)

c:\program files\Intel\Wireless\Bin\LgNotify.dll

- - - - - - - > 'explorer.exe'(1736)

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Voltooingstijd: 2010-08-17 15:00:33

ComboFix-quarantined-files.txt 2010-08-17 13:00

Pre-Run: 23.743.168.512 bytes beschikbaar

Post-Run: 23.863.361.536 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - E2ADF98C7DFA17251E510A045E61A716

-------------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:48:48, on 17/08/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe

C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Microsoft Windows Update

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1129811289649

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://virusscanner.telenet.be/fscax.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--

End of file - 6822 bytes

[kape]

Beide logjes zien er nochtans prima uit !

[djdanvan]

Beste Kape,

Dank voor het vlugge antw.

Ik heb NOD32 tijdelijk uitgeschakeld en Adaware die steeds mee opstarte verwijderd en ik moet zeggen dit is veel verbeterd

Het toestelletje is (Intel pent 1.73GHz met 512Mb Ram) k'weet nie of ik daar meer mag van verwachten?. Wat denk je?

groeten djdanvan

[kape]

Wonderen moet je daar zeker niet van verwachten, dat klopt ;-)

Verwijder alvast Combofix van de PC via Start -> Uitvoeren en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

17 augustus 2010 aangepast door kape

[djdanvan]

Kape,

vele dank

djdanvan