Ikke
18 January 2006, 21:42
Mijn pc loopt zeer traag en start op of valt uit tijdens een virus scan
Hier is mijn log
Logfile of HijackThis v1.99.1Scan saved at 20:31:51, on 18/01/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\s ystem32\csrss.exeC:\WINDOWS\system32\winlogon.exeC :\WINDOWS\system32\services.exeC:\WINDOWS\system32 \lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOW S\system32\svchost.exeC:\WINDOWS\System32\svchost. exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Syste m32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\P rogram Files\Alwil Software\Avast4\aswUpdSv.exeC:\WINDOWS\System32\At i2evxx.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\Norman\Bin\Zanda.exeC:\W INDOWS\Explorer.EXEC:\WINDOWS\system32\slserv.exeC :\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ wdfmgr.exeC:\WINDOWS\system32\atiptaxx.exeC:\WINDO WS\system32\BELSTA.EXEC:\Norman\bin\ZLH.EXEC:\Prog ram Files\Java\jre1.5.0_06\bin\jusched.exeC:\PROGRA~1\ ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\ctf mon.exeC:\Program Files\MSN Messenger\MsnMsgr.ExeC:\Program Files\CleanMyPC\Registry Cleaner\RCScheduler.exeC:\Program Files\Anyplace Control\apc_host.exeC:\Program Files\Hewlett-Packard\hp deskjet 450 printer\ToolBox\mpm.exeC:\Norman\Nvc\BIN\NVCSCHED. EXEC:\Norman\Nvc\BIN\NIP.EXEC:\Norman\bin\NJEEVES. EXEC:\Norman\Nvc\BIN\nipsvc.exeC:\Norman\Nvc\bin\n vcoas.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\System32\al g.exeC:\Norman\Nvc\bin\cclaw.exeC:\Program Files\Internet Explorer\iexplore.exeE:\hijackthis\hijackthis\Hija ckThis.exeC:\WINDOWS\system32\NOTEPAD.EXER1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.be/0SENLBE/SAOS01R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = KoppelingenR3 - Default URLSearchHook is missingO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll (file missing)O3 - Toolbar: CleanMyPC Toolbar - {04164EC4-1E48-4279-818E-3721931E7636} - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dllO4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exeO4 - HKLM\..\Run: [AtiPTA] atiptaxx.exeO4 - HKLM\..\Run: [BELSTA.EXE] BELSTA.EXE STARTO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASHO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exeO4 - HKLM\..\Run: [ErrorSafe] C:\Program Files\ErrorSafe\ers.exe /scanO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\RunServices: [Cassandra] C:\Documents and Settings\Erwin Haels\Local Settings\Temporary Internet Files\Content.IE5\31E942UV\Cassandra-US[1]\CASSANDRAWEB\engelsk\Cassandra-US.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files\CleanMyPC\Registry Cleaner\RCScheduler.exe" /startupO4 - HKCU\..\Run: [Anyplace Control-Host] C:\Program Files\Anyplace Control\apc_host.exeO4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: Belkin Wireless LAN Utility.lnk = C:\WINDOWS\system32\belsta.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: myPrintMileage.lnk = C:\Program Files\Hewlett-Packard\hp deskjet 450 printer\ToolBox\mpm.exeO8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.htmlO8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dllO9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cabO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://spaces.msn.com//PhotoUpload/MsnPUpld.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cabO16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cabO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exeO23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exeO23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exeO23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXEO23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exeO23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exeO23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXEO23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exeO23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
</PRE>
Hier is mijn log
Logfile of HijackThis v1.99.1Scan saved at 20:31:51, on 18/01/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\s ystem32\csrss.exeC:\WINDOWS\system32\winlogon.exeC :\WINDOWS\system32\services.exeC:\WINDOWS\system32 \lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOW S\system32\svchost.exeC:\WINDOWS\System32\svchost. exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Syste m32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\P rogram Files\Alwil Software\Avast4\aswUpdSv.exeC:\WINDOWS\System32\At i2evxx.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\Norman\Bin\Zanda.exeC:\W INDOWS\Explorer.EXEC:\WINDOWS\system32\slserv.exeC :\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ wdfmgr.exeC:\WINDOWS\system32\atiptaxx.exeC:\WINDO WS\system32\BELSTA.EXEC:\Norman\bin\ZLH.EXEC:\Prog ram Files\Java\jre1.5.0_06\bin\jusched.exeC:\PROGRA~1\ ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\ctf mon.exeC:\Program Files\MSN Messenger\MsnMsgr.ExeC:\Program Files\CleanMyPC\Registry Cleaner\RCScheduler.exeC:\Program Files\Anyplace Control\apc_host.exeC:\Program Files\Hewlett-Packard\hp deskjet 450 printer\ToolBox\mpm.exeC:\Norman\Nvc\BIN\NVCSCHED. EXEC:\Norman\Nvc\BIN\NIP.EXEC:\Norman\bin\NJEEVES. EXEC:\Norman\Nvc\BIN\nipsvc.exeC:\Norman\Nvc\bin\n vcoas.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\System32\al g.exeC:\Norman\Nvc\bin\cclaw.exeC:\Program Files\Internet Explorer\iexplore.exeE:\hijackthis\hijackthis\Hija ckThis.exeC:\WINDOWS\system32\NOTEPAD.EXER1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.be/0SENLBE/SAOS01R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = KoppelingenR3 - Default URLSearchHook is missingO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll (file missing)O3 - Toolbar: CleanMyPC Toolbar - {04164EC4-1E48-4279-818E-3721931E7636} - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dllO4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exeO4 - HKLM\..\Run: [AtiPTA] atiptaxx.exeO4 - HKLM\..\Run: [BELSTA.EXE] BELSTA.EXE STARTO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASHO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exeO4 - HKLM\..\Run: [ErrorSafe] C:\Program Files\ErrorSafe\ers.exe /scanO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\RunServices: [Cassandra] C:\Documents and Settings\Erwin Haels\Local Settings\Temporary Internet Files\Content.IE5\31E942UV\Cassandra-US[1]\CASSANDRAWEB\engelsk\Cassandra-US.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files\CleanMyPC\Registry Cleaner\RCScheduler.exe" /startupO4 - HKCU\..\Run: [Anyplace Control-Host] C:\Program Files\Anyplace Control\apc_host.exeO4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: Belkin Wireless LAN Utility.lnk = C:\WINDOWS\system32\belsta.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: myPrintMileage.lnk = C:\Program Files\Hewlett-Packard\hp deskjet 450 printer\ToolBox\mpm.exeO8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.htmlO8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dllO9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cabO16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://spaces.msn.com//PhotoUpload/MsnPUpld.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cabO16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cabO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exeO23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exeO23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exeO23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXEO23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exeO23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exeO23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXEO23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exeO23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
</PRE>