pc gaat slomer laatste tijd

[Kelinen]

Ik heb toch wel het gevoel dat mijn pc serieus wat trager gaat. Ik heb al gescand met Ad-aware en Spybot S&D.

Alvast bedankt om het logje eens te bekijken:

Ps, de kleurtjes zijn van op een andere site, als je een volledig zwart wilt, kan ik een nieuw logje maken hoor

Logfile of Trend Micro HijackThis v2.0.2
scan saved at 14:33:49, on 19/07/2008
platform: windows vista sp1 (winnt 6.00.1905)
msie: internet explorer v7.00 (7.00.6001.18000)
boot mode: normal
browser: Mozilla Firefox x.x
ColorCoder Build: 4136


Running Processes:
c:\program files (x86)\windows live\messenger\msnmsgr.exe
c:\program files (x86)\skype\phone\skype.exe
c:\program files (x86)\skype\plugin manager\skypepm.exe
c:\program files (x86)\mozilla firefox\firefox.exe
c:\program files (x86)\hamachi\hamachi.exe
c:\program files (x86)\windows media player\wmplayer.exe
c:\program files (x86)\trend micro\hijackthis\hijackthis.exe

R1 - hkcu\software\microsoft\internet explorer\main,search page = http://go.microsoft.com/fwlink/?linkid=54896
R0 - hkcu\software\microsoft\internet explorer\main,start page = http://www.google.be/
R1 - hklm\software\microsoft\internet explorer\main,default_page_url = http://go.microsoft.com/fwlink/?linkid=69157
R1 - hklm\software\microsoft\internet explorer\main,default_search_url = http://go.microsoft.com/fwlink/?linkid=54896
R1 - hklm\software\microsoft\internet explorer\main,search page = http://go.microsoft.com/fwlink/?linkid=54896
R0 - hklm\software\microsoft\internet explorer\main,start page = http://go.microsoft.com/fwlink/?linkid=69157
R0 - hklm\software\microsoft\internet explorer\search,searchassistant =
R0 - hklm\software\microsoft\internet explorer\search,customizesearch =
R0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
F2 - reg:system.ini: userinit=userinit.exe
O1 - hosts: ::1 localhost
O2 - bho: adobe pdf reader help bij koppelingen - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelper.dll
O2 - bho: skype add-on (mastermind) - {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
O2 - bho: groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll
O2 - bho: ssvhelper class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files (x86)\java\jre1.6.0_02\bin\ssv.dll
O2 - bho: (no name) - {7e853d72-626a-48ec-a868-ba8d5e23e045} - (no file)
O4 - hklm\..\runonce: [spybot - search & destroy] "c:\program files (x86)\spybot - search & destroy\spybotsd.exe" /autocheck
O4 - HKCU\..\Run: [wmpnscfg] c:\program files (x86)\windows media player\wmpnscfg.exe
O4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'local service')
O4 - hkus\s-1-5-19\..\run: [windowswelcomecenter] rundll32.exe oobefldr.dll,showwelcomecenter (user 'local service')
O4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'network service')
O8 - extra context menu item: e&xport to microsoft excel - res://c:\progra~2\micros~1\office12\excel.exe/3000
O9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files (x86)\java\jre1.6.0_02\bin\ssv.dll
O9 - extra 'tools' menuitem: sun java console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files (x86)\java\jre1.6.0_02\bin\ssv.dll
O9 - extra button: send to onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~2\micros~1\office12\onbttnie.dll
O9 - extra 'tools' menuitem: s&end to onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~2\micros~1\office12\onbttnie.dll
O9 - extra button: skype - {77bf5300-1474-4ec7-9980-d32b190e9b07} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
O9 - extra button: research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~2\micros~1\office12\refiebar.dll
O13 - gopher prefix:
O16 - dpf: {c3f79a2b-b9b4-4a66-b012-3ee46475b072} (messengerstatsclient class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O18 - protocol: groovelocalgws - {88fed34c-f0ca-4636-a375-3cb6248b04cd} - c:\program files (x86)\microsoft office\office12\groovesystemservices.dll
O18 - protocol: skype4com - {ffc8b962-9b40-4dff-9458-1830c7dd7f5d} - c:\progra~2\common~1\skype\skype4~1.dll
O23 - Service: lavasoft ad-aware service (aawservice) - lavasoft - c:\program files (x86)\lavasoft\ad-aware\aawservice.exe
O23 - Service: @%systemroot%\system32\alg.exe,-112 (alg) - unknown owner - c:\windows\system32\alg.exe (file missing)
O23 - Service: ati external event utility - unknown owner - c:\windows\system32\ati2evxx.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (dfsr) - unknown owner - c:\windows\system32\dfsr.exe (file missing)
O23 - Service: epson v3 service4(01) (epson_pm_rpcv4_01) - seiko epson corporation - c:\programdata\epson\epw!3 ssrp\e_s40rpb.exe
O23 - Service: @keyiso.dll,-100 (keyiso) - unknown owner - c:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (msdtc) - unknown owner - c:\windows\system32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\netlogon.dll,-102 (netlogon) - unknown owner - c:\windows\system32\lsass.exe (file missing)
O23 - Service: pnkbstra - unknown owner - c:\windows\system32\pnkbstra.exe
O23 - Service: cycling manager 2007 drivers auto removal (pr2akt6c) (pr2akt6c) - unknown owner - c:\windows\system32\pr2akt6c.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (protectedstorage) - unknown owner - c:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\locator.exe,-2 (rpclocator) - unknown owner - c:\windows\system32\locator.exe (file missing)
O23 - Service: @%systemroot%\system32\samsrv.dll,-1 (samss) - unknown owner - c:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\slsvc.exe,-101 (slsvc) - unknown owner - c:\windows\system32\slsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\snmptrap.exe,-3 (snmptrap) - unknown owner - c:\windows\system32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (spooler) - unknown owner - c:\windows\system32\spoolsv.exe (file missing)
O23 - Service: @%systemroot%\system32\ui0detect.exe,-101 (ui0detect) - unknown owner - c:\windows\system32\ui0detect.exe (file missing)
O23 - Service: @%systemroot%\system32\vds.exe,-100 (vds) - unknown owner - c:\windows\system32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (vss) - unknown owner - c:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiapsrv) - unknown owner - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
O23 - Service: @%programfiles%\windows media player\wmpnetwk.exe,-101 (wmpnetworksvc) - unknown owner - c:\program files (x86)\windows media player\wmpnetwk.exe (file missing)

--
end of file - 6773 bytes

[Rosty]

Post eens een logje zonder die kleurtjes, aub?

[Kelinen]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:20:48, on 21/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cycling Manager 2007 Drivers Auto Removal (pr2akt6c) (pr2akt6c) - Unknown owner - C:\Windows\system32\pr2akt6c.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6500 bytes

[Rosty]

Hoi,

niets verdachts te zien hoor. Enkel wat leftovers en Java die niet up-to-date is.

Open HijackThis, klik op do a scan only en vink volgende regel aan:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Sluit alle open vensters, behalve HijackThis, en klik op [b]Fix Checked/b]. Sluit HijackThis.

Je Java software is verouderd.
Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.
Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:

* Download Java Runtime Environment (JRE) 6u7.

• Scroll omlaag naar : "Java Runtime Environment (JRE) 6u7".
• Klik op de "Download" knop aan de rechterkant.
• Vink aan: "Accept License Agreement".
• De pagina zal herladen.
• Klik op de link om Windows Offline Installation te downloaden met Meerdere-talen, en bewaar het naar je Bureaublad.
• Sluit alle programma's die eventueel open zijn - Zeker je web browser!
• Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
• Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
• Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
• Herhaal dit tot alle oudere versies verdwenen zijn.
• Na het verwijderen van alle oudere versies, herstart je pc.
• Dubbelklik vervolgens op jre-6u7-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.

Vervolgens,
herstart je je PC en post je een nieuw HijackThis logje. Laat me weten hoe alles werkt.