zeer trage explorer en verkenner.....

Status
Niet open voor verdere reacties.
H

herold

Gebruiker
Lid geworden
24 jun 2004
Berichten
14
HELPHELP...ik sukkel al een mooi poosje met een zeer trage verkenner en explorer tot ik op deze site terecht kwam....heb HijackThis gedownload en krijg de volgende merldingen...wie weet hier iets van af?????

Logfile of HijackThis v1.98.2
Scan saved at 1:05:18, on 31-10-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
E:\Programma's\AVG 6.0\avgcc32.exe
C:\WorkPad\HOTSYNC.EXE
C:\Program Files\Wireless\Client Manager\CMags.EXE
E:\PROGRA~1\AVG6~1.0\avgserv.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
E:\Programma's\eDonkey2000\edonkey2000.exe
E:\Programma's\WinAce\WinAce.exe
E:\Programma's\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O1 - Hosts: 213.239.0.226 crackspider.com
O1 - Hosts: 213.239.0.226 www.crackspider.com
O1 - Hosts: 213.239.0.226 crackspider.com
O1 - Hosts: 213.239.0.226 www.crackspider.com
O1 - Hosts: 213.239.0.226 crackspider.com
O1 - Hosts: 213.239.0.226 www.crackspider.com
O2 - BHO: DAPBHO Class - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - E:\Programma's\DAP\DAP\DAPIEBar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\programma's\adobe\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVG_CC] E:\Programma's\AVG 6.0\avgcc32.exe /startup
O4 - HKLM\..\RunServices: [Win32 Configuration] videosd32.exe
O4 - HKLM\..\RunServices: [Win32 USB2.0 Driver] 386.exe
O4 - HKLM\..\RunServices: [Reg Services] WINBOOT32.EXE
O4 - HKCU\..\Run: [Piracy] "C:\WINDOWS\SysUtil.exe" /PIRACY
O4 - Global Startup: HotSync Manager.lnk = C:\WorkPad\HOTSYNC.EXE
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: &Download with &DAP - E:\PROGRA~1\DAP\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Download &all with DAP - E:\PROGRA~1\DAP\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Search cracks at CrackSpider.NET - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://crackspider.net/ie/btn.php (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Search cracks at CrackSpider.NET - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://crackspider.net/ie/btn.php (file missing) (HKCU)
 
1. Scan met HijackThis en vink de volgende items aan:
O1 - Hosts: 213.239.0.226 crackspider.com
O1 - Hosts: 213.239.0.226 www.crackspider.com
O1 - Hosts: 213.239.0.226 crackspider.com
O1 - Hosts: 213.239.0.226 www.crackspider.com
O1 - Hosts: 213.239.0.226 crackspider.com
O1 - Hosts: 213.239.0.226 www.crackspider.com

O4 - HKLM\..\RunServices: [Win32 Configuration] videosd32.exe
O4 - HKLM\..\RunServices: [Win32 USB2.0 Driver] 386.exe
O4 - HKLM\..\RunServices: [Reg Services] WINBOOT32.EXE
O4 - HKCU\..\Run: [Piracy] "C:\WINDOWS\SysUtil.exe" /PIRACY

O9 - Extra button: Search cracks at CrackSpider.NET - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://crackspider.net/ie/btn.php (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Search cracks at CrackSpider.NET - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - http://crackspider.net/ie/btn.php (file missing) (HKCU)
Klik om te vergroten...
Sluit alle vensters behalve HijackThis zelf en klik op "Fix checked".

2. Herstart de pc in veilige modus.
Mocht je niet weten hoe dat moet, kijk dan hier even: http://www.virushelp.nl/veilige_modus.htm

Zorg ervoor dat verborgen bestanden en mappen worden weergegeven.
Hier kun je lezen hoe dat moet: http://users.telenet.be/marcvn/spyware/1117602.htm

Verwijder nu, in veilige modus dus, het volgende bestand (indien nog aanwezig):

C:\WINDOWS\SysUtil.exe <- dat bestand

3. Herstart de pc in 'normale modus'.

4. Maak een nieuw log en plaats dat hier.
 
sorry..duurde ff....

Logfile of HijackThis v1.98.2
Scan saved at 2:12:09, on 31-10-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
E:\PROGRA~1\AVG6~1.0\avgserv.exe
C:\WINDOWS\system32\cisvc.exe
E:\Programma's\AVG 6.0\avgcc32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WorkPad\HOTSYNC.EXE
C:\Program Files\Wireless\Client Manager\CMags.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
E:\Programma's\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: DAPBHO Class - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - E:\Programma's\DAP\DAP\DAPIEBar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\programma's\adobe\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVG_CC] E:\Programma's\AVG 6.0\avgcc32.exe /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - Global Startup: HotSync Manager.lnk = C:\WorkPad\HOTSYNC.EXE
O4 - Global Startup: Wireless Client Manager.lnk = ?
O8 - Extra context menu item: &Download with &DAP - E:\PROGRA~1\DAP\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Download &all with DAP - E:\PROGRA~1\DAP\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Gelijkwaardige pagina's - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

En??????
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan Onderaan