Lhouwel
Lid-
Items
45 -
Registratiedatum
-
Laatst bezocht
PC Specificaties
-
Besturingssysteem
XP
-
Processor
Intel Core2 Duo CPU T7250@2ghz
Lhouwel's prestaties
-
Ik heb hier een laptop waar e.e.a. mis is. We krijgen continu pop-ups en allerlei reclame shit tijdens het surfen. Pagina's die uit zichzelf naar en ander webadres gaan e.d. Kortom, het lijkt me dat deze pc wel wat opschoning kan gebruiken. Weet echter niet zo goed hoe dit aan te pakken Een beetje hulp zou welkom zijn - - - Updated - - - Logfile of random's system information tool 1.09 (written by random/random) Run by eigenaar at 2014-04-13 11:36:33 Microsoft Windows 7 Professional Service Pack 1 System drive C: has 102 GB (36%) free of 288 GB Total RAM: 3066 MB (48% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:36:43, on 13-4-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16521) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Users\eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Garmin\ANT Agent\ANT Agent.exe C:\Program Files\Garmin\Express Tray\ExpressTray.exe C:\Users\eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe C:\windows\system32\taskeng.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\windows\system32\SearchFilterHost.exe C:\Users\eigenaar\Downloads\RSIT.exe C:\Program Files\trend micro\eigenaar.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_NL&c=92&bd=all&pf=cmnb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: ToggleDU Toolbar - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\tbTogg.dll R3 - URLSearchHook: (no name) - {2b0cf91e-63d5-4474-9229-134d0b96fb28} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ANT Agent] C:\Program Files\Garmin\ANT Agent\ANT Agent.exe O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O4 - Startup: Dropbox.lnk = eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com (HKLM) O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM) O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\progra~2\system~1\system~1.dll O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files\MyPC Backup\BackupStack.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\windows\system32\Hpservice.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- End of file - 11500 bytes ======Scheduled tasks folder====== C:\windows\tasks\Adobe Flash Player Updater.job C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3247703916-1682980066-1984721682-1001Core.job C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3247703916-1682980066-1984721682-1001UA.job C:\windows\tasks\GoogleUpdateTaskMachineCore.job C:\windows\tasks\GoogleUpdateTaskMachineUA.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3247703916-1682980066-1984721682-1001Core.job C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3247703916-1682980066-1984721682-1001UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20 4502400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""= [] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-10-17 39408] "Google Update"=C:\Users\eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-15 116648] "iCloudServices"=C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2013-11-20 59720] "ANT Agent"=C:\Program Files\Garmin\ANT Agent\ANT Agent.exe [2013-02-15 14731776] "AppleIEDAV"=C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe [2013-11-15 1326408] "DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480] "GarminExpressTrayApp"=C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2014-04-01 118104] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe [2006-09-14 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent] C:\Program Files\Garmin\ANT Agent\ANT Agent.exe [2013-02-15 14731776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe [2013-02-08 1644680] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-11-20 59720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-04-20 58656] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-01-20 43848] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] C:\Users\eigenaar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-03 138096] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Users\eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-15 116648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_05DB18A64E0C75C5C005333939110632] C:\Program Files\Google\Chrome\Application\chrome.exe [2013-12-04 863184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-25 186904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2013-11-20 59720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2013-05-31 152392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\limewire plus+] C:\Program Files\Limewire Plus+\limewire.exe -h [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC] c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] ~C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-28 288312] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe -atboottime [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe [2012-05-29 115032] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-02-26 295728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-10-17 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk] C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-07-30 795936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] C:\PROGRA~1\WinZip\WZQKPICK.EXE [2011-08-02 610120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^eigenaar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] C:\Users\eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-01-03 30714328] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^eigenaar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk] C:\PROGRA~1\MICROS~1\Office14\ONENOTEM.EXE [2013-06-25 228552] C:\Users\eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\progra~2\system~1\system~1.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* .scr - open - "C:\windows\notepad.exe" "%1" .scr - install - .scr - config - ======List of files/folders created in the last 3 months====== 2014-04-13 11:36:33 ----D---- C:\rsit 2014-04-13 11:36:33 ----D---- C:\Program Files\trend micro 2014-04-13 11:34:30 ----A---- C:\windows\system32\drivers\dhlhb.sys 2014-04-13 11:14:42 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys 2014-04-13 11:14:19 ----D---- C:\ProgramData\Malwarebytes 2014-04-13 11:14:19 ----D---- C:\Program Files\Malwarebytes Anti-Malware 2014-04-13 11:14:19 ----A---- C:\windows\system32\drivers\mwac.sys 2014-04-13 11:14:19 ----A---- C:\windows\system32\drivers\mbamchameleon.sys 2014-04-13 11:14:19 ----A---- C:\windows\system32\drivers\mbam.sys 2014-04-13 09:40:21 ----D---- C:\Program Files\CCleaner 2014-04-10 13:24:32 ----A---- C:\windows\system32\kernel32.dll 2014-04-10 13:24:22 ----A---- C:\windows\system32\drivers\ntfs.sys 2014-04-10 13:24:17 ----A---- C:\windows\system32\drivers\msiscsi.sys 2014-04-10 13:24:16 ----A---- C:\windows\system32\drivers\storport.sys 2014-04-10 13:24:16 ----A---- C:\windows\system32\drivers\Diskdump.sys 2014-04-10 13:24:15 ----A---- C:\windows\system32\iologmsg.dll 2014-04-10 13:24:04 ----A---- C:\windows\system32\mshtml.dll 2014-03-27 10:36:21 ----D---- C:\Users\eigenaar\AppData\Roaming\MyBKS Light 2014-03-27 10:34:47 ----D---- C:\Program Files\MyBKS Light 2014-03-25 23:22:35 ----D---- C:\ProgramData\Package Cache 2014-03-12 07:55:16 ----A---- C:\windows\system32\qedit.dll 2014-03-12 07:55:16 ----A---- C:\windows\system32\jsproxy.dll 2014-03-12 07:55:16 ----A---- C:\windows\system32\iernonce.dll 2014-03-12 07:55:16 ----A---- C:\windows\system32\ieetwproxystub.dll 2014-03-12 07:55:16 ----A---- C:\windows\system32\ieetwcollector.exe 2014-03-12 07:55:15 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe 2014-03-12 07:55:15 ----A---- C:\windows\system32\jscript9diag.dll 2014-03-12 07:55:15 ----A---- C:\windows\system32\ieetwcollectorres.dll 2014-03-12 07:55:15 ----A---- C:\windows\system32\ieapfltr.dll 2014-03-12 07:55:14 ----A---- C:\windows\system32\wininet.dll 2014-03-12 07:55:13 ----A---- C:\windows\system32\ieui.dll 2014-03-12 07:55:12 ----A---- C:\windows\system32\ieUnatt.exe 2014-03-12 07:55:11 ----A---- C:\windows\system32\jscript9.dll 2014-03-12 07:55:11 ----A---- C:\windows\system32\iertutil.dll 2014-03-12 07:55:08 ----A---- C:\windows\system32\urlmon.dll 2014-03-12 07:55:08 ----A---- C:\windows\system32\msfeeds.dll 2014-03-12 07:55:06 ----A---- C:\windows\system32\msrating.dll 2014-03-12 07:55:06 ----A---- C:\windows\system32\ie4uinit.exe 2014-03-12 07:55:05 ----A---- C:\windows\system32\iesetup.dll 2014-03-12 07:55:05 ----A---- C:\windows\system32\ieframe.dll 2014-03-12 07:54:54 ----A---- C:\windows\system32\wwansvc.dll 2014-03-12 07:54:52 ----A---- C:\windows\system32\win32k.sys 2014-03-12 07:54:21 ----A---- C:\windows\system32\WindowsCodecs.dll 2014-03-12 07:54:21 ----A---- C:\windows\system32\wer.dll 2014-03-11 21:05:16 ----D---- C:\Program Files\SearchProtect 2014-03-11 21:04:50 ----A---- C:\windows\system32\drivers\dtsoftbus01.sys 2014-03-11 21:04:41 ----D---- C:\Users\eigenaar\AppData\Roaming\DAEMON Tools Pro 2014-03-11 21:04:28 ----D---- C:\Program Files\DAEMON Tools Pro 2014-03-11 21:01:39 ----D---- C:\ProgramData\DAEMON Tools Pro 2014-03-11 20:59:13 ----D---- C:\Program Files\MyPC Backup 2014-03-11 20:59:10 ----D---- C:\Users\eigenaar\AppData\Roaming\PerformerSoft 2014-03-05 11:23:30 ----D---- C:\Program Files\Common Files\Skype 2014-02-28 08:55:05 ----D---- C:\ProgramData\AllSAver 2014-02-28 08:40:50 ----D---- C:\windows\Migration 2014-02-13 16:41:40 ----D---- C:\windows\nl 2014-02-13 16:40:10 ----D---- C:\Program Files\Windows Live 2014-02-13 16:39:29 ----A---- C:\windows\system32\XAudio2_7.dll 2014-02-13 16:39:29 ----A---- C:\windows\system32\XAPOFX1_5.dll 2014-02-13 16:39:29 ----A---- C:\windows\system32\d3dx11_43.dll 2014-02-13 16:39:29 ----A---- C:\windows\system32\D3DCompiler_43.dll 2014-02-13 16:38:53 ----A---- C:\windows\system32\d3dx10_42.dll 2014-02-12 23:58:10 ----A---- C:\windows\system32\vbscript.dll 2014-02-12 14:56:00 ----A---- C:\windows\system32\msxml3.dll 2014-02-12 14:55:59 ----A---- C:\windows\system32\msxml3r.dll 2014-02-12 14:55:48 ----A---- C:\windows\system32\d3d10warp.dll 2014-02-12 14:55:48 ----A---- C:\windows\system32\d2d1.dll 2014-02-12 14:55:45 ----A---- C:\windows\system32\secproc_isv.dll 2014-02-12 14:55:45 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe 2014-02-12 14:55:45 ----A---- C:\windows\system32\RMActivate_ssp.exe 2014-02-12 14:55:45 ----A---- C:\windows\system32\RMActivate_isv.exe 2014-02-12 14:55:45 ----A---- C:\windows\system32\RMActivate.exe 2014-02-12 14:55:44 ----A---- C:\windows\system32\secproc_ssp_isv.dll 2014-02-12 14:55:44 ----A---- C:\windows\system32\secproc_ssp.dll 2014-02-12 14:55:44 ----A---- C:\windows\system32\secproc.dll 2014-02-12 14:55:44 ----A---- C:\windows\system32\msdrm.dll 2014-01-31 08:50:09 ----D---- C:\ProgramData\TTheBlOcker 2014-01-31 08:50:09 ----D---- C:\ProgramData\hhpidokeamiepfnjeebnofmkfdmlkjah 2014-01-25 01:19:42 ----A---- C:\windows\system32\drivers\MpFilter.sys 2014-01-15 15:54:31 ----A---- C:\windows\system32\drivers\netio.sys 2014-01-15 15:54:30 ----A---- C:\windows\system32\drivers\usbuhci.sys 2014-01-15 15:54:30 ----A---- C:\windows\system32\drivers\usbport.sys 2014-01-15 15:54:30 ----A---- C:\windows\system32\drivers\usbohci.sys 2014-01-15 15:54:30 ----A---- C:\windows\system32\drivers\usbhub.sys 2014-01-15 15:54:30 ----A---- C:\windows\system32\drivers\usbehci.sys 2014-01-15 15:54:30 ----A---- C:\windows\system32\drivers\usbccgp.sys 2014-01-15 15:54:29 ----A---- C:\windows\system32\drivers\usbd.sys ======List of files/folders modified in the last 3 months====== 2014-04-13 11:36:43 ----D---- C:\windows\Prefetch 2014-04-13 11:36:33 ----RD---- C:\Program Files 2014-04-13 11:36:20 ----D---- C:\windows\Temp 2014-04-13 11:34:30 ----D---- C:\windows\system32\drivers 2014-04-13 11:34:30 ----D---- C:\windows\L2Schemas 2014-04-13 11:33:59 ----D---- C:\Program Files\SweetIM 2014-04-13 11:33:28 ----D---- C:\windows\system32\Tasks 2014-04-13 11:33:27 ----D---- C:\windows\Tasks 2014-04-13 11:33:26 ----SHD---- C:\windows\Installer 2014-04-13 11:33:26 ----D---- C:\windows\System32 2014-04-13 11:33:26 ----D---- C:\ProgramData\SEarch-NyewTAeb 2014-04-13 11:33:26 ----D---- C:\ProgramData\NewSavere 2014-04-13 11:33:26 ----D---- C:\ProgramData\cOentinuaetosaeve 2014-04-13 11:33:26 ----D---- C:\ProgramData\CheapMe 2014-04-13 11:14:19 ----HD---- C:\ProgramData 2014-04-13 10:46:19 ----D---- C:\windows\Panther 2014-04-13 10:46:19 ----D---- C:\windows\inf 2014-04-13 10:46:18 ----D---- C:\windows\Minidump 2014-04-13 10:46:18 ----D---- C:\windows\Logs 2014-04-13 10:46:18 ----D---- C:\windows\debug 2014-04-13 10:46:18 ----D---- C:\Windows 2014-04-13 08:06:31 ----D---- C:\windows\system32\config 2014-04-11 08:13:52 ----D---- C:\windows\rescache 2014-04-11 07:44:58 ----A---- C:\windows\system32\PerfStringBackup.INI 2014-04-11 07:41:07 ----D---- C:\Users\eigenaar\AppData\Roaming\Dropbox 2014-04-10 22:14:50 ----D---- C:\windows\winsxs 2014-04-10 22:12:24 ----D---- C:\windows\system32\nl-NL 2014-04-10 22:12:22 ----D---- C:\windows\system32\DriverStore 2014-04-10 14:01:41 ----D---- C:\ProgramData\Microsoft Help 2014-04-10 14:00:23 ----D---- C:\windows\system32\MRT 2014-04-10 13:57:27 ----A---- C:\windows\system32\MRT.exe 2014-04-10 13:56:06 ----SHD---- C:\System Volume Information 2014-04-10 13:21:56 ----D---- C:\windows\system32\catroot 2014-04-10 13:19:02 ----D---- C:\windows\system32\catroot2 2014-04-10 13:09:34 ----D---- C:\ProgramData\Garmin 2014-04-10 13:09:09 ----D---- C:\Program Files\Garmin 2014-04-01 20:44:43 ----D---- C:\Users\eigenaar\AppData\Roaming\Belastingdienst 2014-03-31 11:43:47 ----D---- C:\Program Files\Microsoft Security Client 2014-03-15 14:02:19 ----SD---- C:\Users\eigenaar\AppData\Roaming\Microsoft 2014-03-13 08:16:25 ----RD---- C:\Program Files\Skype 2014-03-13 08:13:46 ----D---- C:\Program Files\Microsoft Silverlight 2014-03-13 08:12:38 ----D---- C:\Program Files\Internet Explorer 2014-03-13 08:04:11 ----D---- C:\Users\eigenaar\AppData\Roaming\Spotify 2014-03-12 14:59:14 ----A---- C:\windows\system32\FlashPlayerApp.exe 2014-03-11 20:59:58 ----D---- C:\Users\eigenaar\AppData\Roaming\Mozilla 2014-03-05 11:23:35 ----D---- C:\ProgramData\Skype 2014-03-05 11:23:30 ----D---- C:\Program Files\Common Files 2014-03-01 14:27:40 ----D---- C:\windows\Microsoft.NET 2014-02-28 08:55:12 ----D---- C:\ProgramData\987523632ff16d40 2014-02-28 08:41:13 ----D---- C:\windows\system32\en-US 2014-02-28 08:40:51 ----SD---- C:\ProgramData\Microsoft 2014-02-13 16:41:42 ----RSD---- C:\windows\assembly 2014-02-13 16:41:03 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2014-02-13 16:40:00 ----D---- C:\Program Files\Common Files\microsoft shared 2014-02-12 23:58:30 ----A---- C:\windows\win.ini 2014-01-24 16:01:48 ----D---- C:\ProgramData\Apple 2014-01-19 09:32:23 ----N---- C:\windows\system32\MpSigStub.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656] R0 iaStor;Intel RAID Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264] R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960] R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368] R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 28032] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 388096] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-11 242240] R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-05-16 214024] R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2009-05-16 55336] R1 MpKsl18bbc78d;MpKsl18bbc78d; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D5503A29-31D7-40FE-89BC-87EC1F1D4AB8}\MpKsl18bbc78d.sys [2014-04-13 39464] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264] R3 5U876UVC;HP Webcam [2 MP series]; C:\windows\system32\DRIVERS\5U876.sys [2009-06-30 118656] R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440] R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\windows\system32\drivers\AtiHdmi.sys [2009-07-24 103440] R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-04 4994048] R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\windows\system32\DRIVERS\bcmwl6.sys [2010-02-01 2506232] R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816] R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416] R3 btwaudio;Bluetooth-audioapparaat; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056] R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072] R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472] R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872] R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336] S0 qoqwi;qoqwi; C:\windows\System32\drivers\dhlhb.sys [2014-04-13 52440] S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776] S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728] S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864] S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480] S3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0; C:\windows\system32\DRIVERS\libusb0.sys [2011-05-17 35776] S3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2014-04-03 23256] S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2009-05-16 79816] S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2009-05-16 35272] S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2009-05-16 34248] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168] S3 PRISM_A02;802.11a/g USB Driver; C:\windows\system32\DRIVERS\WUSB20XP.sys [2004-01-07 339488] S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848] S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\windows\system32\DRIVERS\RTL8192cu.sys [2010-08-10 629760] S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720] S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664] S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 usbscan;Stuurprogramma voor USB-scanner; C:\windows\system32\drivers\usbscan.sys [2013-07-03 36352] S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] S3 vpnva;Cisco AnyConnect VPN Virtual Miniport Adapter for Windows; C:\windows\system32\DRIVERS\vpnva.sys [2010-12-13 19680] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a1851772;System Booster; c:\progra~2\system~1\SystemBoosterSvc.dll [2013-12-27 179024] R2 AdobeActiveFileMonitor5.0;Adobe Active File Monitor V5; C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [2006-09-14 102400] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640] R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2008-07-15 90112] R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-04 176128] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-30 582944] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 20992] R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-04-01 431960] R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 26168] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-25 354840] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216] R2 vpnagent;Cisco AnyConnect VPN Agent; C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-12-13 597752] R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-12 247968] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files\MyPC Backup\BackupStack.exe [2014-02-18 36392] S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-12 193696] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-05 136176] S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-04-03 1809720] S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-04-03 857912] S2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928] S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;ASP.NET-statusservice; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-05 136176] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-13 194032] S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-05-01 229944] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-03-01 108032] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 553288] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752] S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-04-30 74392] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-05-23 1343400] S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
-
CPU gebruik blijft nu idd lager. Zit nu tussen 50 en 55%. Eerder vandaag was dat nog tussen de 90 en 100%. Weet niet wat een normaal gebruik is, maar dit is al stukken beter in ieder geval. Thanks!
-
Zoek.exe v5.0.0.0 Updated 28-December-2013 Tool run by Leo van Houwelingen on zo 29-12-2013 at 12:48:05,26. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Leo van Houwelingen\Bureaublad\zoek\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 29-12-2013 12:51:39 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\VideoLAN deleted successfully C:\Documents and Settings\Leo van Houwelingen\Application Data\dll-files.com deleted successfully C:\Documents and Settings\Leo van Houwelingen\Application Data\Systweak deleted successfully C:\Documents and Settings\Leo van Houwelingen\Application Data\WinRAR deleted successfully C:\Documents and Settings\LocalService\Application Data\Apple Computer deleted successfully C:\Documents and Settings\Leo van Houwelingen\Local Settings\Application Data\cache deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\update Whilokii deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\update Whilokii deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command] @="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" ==== Deleting Files \ Folders ====================== C:\Program Files\Whilokii deleted C:\Documents and Settings\Leo van Houwelingen\daemonprocess.txt deleted C:\Program Files\BonanzaDeals deleted C:\Program Files\BonanzaDealsLive deleted C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar deleted C:\Program Files\Toolbar Cleaner deleted C:\Program Files\MyPC Backup deleted C:\Documents and Settings\Leo van Houwelingen\Application Data\SecureSearch deleted C:\Documents and Settings\Wendy van Moergestel\Application Data\Systweak deleted C:\Documents and Settings\All Users\Application Data\BonanzaDealsLive deleted C:\Documents and Settings\Leo van Houwelingen\Local Settings\Application Data\BonanzaDealsLive deleted C:\Documents and Settings\Leo van Houwelingen\Local Settings\Application Data\adawarebp deleted C:\Documents and Settings\Leo van Houwelingen\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted C:\Documents and Settings\Wendy van Moergestel\Local Settings\Application Data\adawarebp deleted C:\WINDOWS\system32\roboot.exe deleted C:\WINDOWS\System32\searchplugins deleted C:\WINDOWS\System32\Extensions deleted C:\Documents and Settings\Leo van Houwelingen\SendTo\Desk 365.lnk deleted C:\Documents and Settings\Leo van Houwelingen\Mijn documenten\Mobogenie deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\LEOVAN~1\LOCALS~1\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Documents and Settings\Leo van Houwelingen\Application Data ====== ====== C:\Documents and Settings\Leo van Houwelingen ====== 2013-12-29 09:49:36 -------- d--h--r- C:\Documents and Settings\Leo van Houwelingen\Onlangs geopend ====== C: exe-files == 2013-12-29 11:10:43 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Leo van Houwelingen\Mijn documenten\Downloads\RSIT.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-1085031214-839522115-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Documents and Settings\Leo van Houwelingen\Application Data\Spotify\Data\SpotifyWebHelper.exe" "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "KernelFaultCheck"="%systemroot%\system32\dumprep 0 -k" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "20131224"="C:\Program Files\AVAST Software\Avast\setup\emupdate\6795ac9a-4cac-4fdf-b891-38f1eb102fd1.exe /check" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Documents and Settings\Leo van Houwelingen\Application Data\Spotify\Data\SpotifyWebHelper.exe" "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\@OnlineArmor GUI] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="@OnlineArmor GUI" "hkey"="HKLM" "command"="\"C:\\Program Files\\Online Armor\\OAui.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Ad-Aware Browsing Protection] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Ad-Aware Browsing Protection" "hkey"="HKLM" "command"="\"C:\\Documents and Settings\\All Users\\Application Data\\Ad-Aware Browsing Protection\\adawarebp.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KPN Assistent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KPN Assistent" "hkey"="HKLM" "command"="C:\\Program Files\\KPN\\KPN Assistent\\KPN_Assistent.exe /auto" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Wendy van Moergestel^Menu Start^Programma's^Opstarten^Dropbox.lnk] "item"="Dropbox" "path"="C:\\Documents and Settings\\Wendy van Moergestel\\Menu Start\\Programma's\\Opstarten\\Dropbox.lnk" "backup"="C:\\WINDOWS\\pss\\Dropbox.lnkStartup" "command"="C:\\DOCUME~1\\WENDYV~1\\APPLIC~1\\Dropbox\\bin\\Dropbox.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job --a------ C:\PROGRA1\AD-AWA1\AdAwareLauncher.exe [] C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12-12-2013 20:48] C:\WINDOWS\tasks\avast\Undetermined Task.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02-11-2012 21:49] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02-11-2012 21:49] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [22-07-2013 09:22] ==== Firefox Extensions ====================== ExtDir: C:\Documents and Settings\Leo van Houwelingen\Application Data\Mozilla\Firefox\Profiles\extensions - Torntv 3 - %ExtDir%\trtv3@trtv.com.xpi ==== Firefox Plugins ====================== ==== Deleted Firefox Extensions ====================== C:\Documents and Settings\Leo van Houwelingen\Application Data\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iaimhpklononapfjngelgdokckfjekfc - C:\Program Files\Whilokii\iaimhpklononapfjngelgdokckfjekfc.crx[] oejkcgajlodefenbbjdnaiahmbnnoole - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx[] Google Wallet - Leo van Houwelingen - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Whilokii - LocalService - Default\Extensions\iaimhpklononapfjngelgdokckfjekfc Whilokii - Wendy van Moergestel - Default\Extensions\iaimhpklononapfjngelgdokckfjekfc Chrome In-App Payments service - Wendy van Moergestel - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chrome Fix ====================== C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc deleted successfully C:\Documents and Settings\Wendy van Moergestel\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\iaimhpklononapfjngelgdokckfjekfc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\@OnlineArmor GUI deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Leo van Houwelingen\Local Settings\temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Wendy van Moergestel\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Leo van Houwelingen\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Leo van Houwelingen\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully C:\Documents and Settings\Wendy van Moergestel\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4531 folders=60 35774993 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\Documents and Settings\Wendy van Moergestel\Local Settings\Temp emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp emptied successfully C:\Documents and Settings\Leo van Houwelingen\Local Settings\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\LEOVAN~1\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Leo van Houwelingen\Local Settings\Temporary Internet Files\Content.IE5\index.dat" deleted "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on zo 29-12-2013 at 14:04:53,79 ======================
-
Zoek.exe v5.0.0.0 Updated 28-December-2013 Tool run by Leo van Houwelingen on zo 29-12-2013 at 12:48:05,26. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Leo van Houwelingen\Bureaublad\zoek\zoek.exe [scan all users] [script inserted] [Checkboxes used] ===== Runcheck 12:51:01,40 ===== --- Create Environment Variables 12:51:02,29 --- Create System Restore Point 12:51:10,28 --- Checking Input 12:51:45,15 --- AU AppData Check 12:51:53,37 --- Remove From Windows Installer 12:51:57,75 - - - Updated - - - Oh, dat is niet het logje zie ik net. Hij is blijkbaar nog steeds bezig
-
RSIT logje Logfile of random's system information tool 1.09 (written by random/random) Run by Leo van Houwelingen at 2013-12-29 12:11:31 Microsoft Windows XP Professional Service Pack 3 System drive C: has 29 GB (26%) free of 114 GB Total RAM: 2039 MB (61% free) HijackThis download failed ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job C:\WINDOWS\tasks\Adobe Flash Player Updater.job C:\WINDOWS\tasks\avast! Emergency Update.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-19 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-19 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968] "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-03-13 141336] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-03-13 173592] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-03-13 142360] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "20131224"=C:\Program Files\AVAST Software\Avast\setup\emupdate\6795ac9a-4cac-4fdf-b891-38f1eb102fd1.exe [2013-12-29 181136] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"=C:\Documents and Settings\Leo van Houwelingen\Application Data\Spotify\Data\SpotifyWebHelper.exe [2012-11-04 1199576] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\@OnlineArmor GUI] C:\Program Files\Online Armor\OAui.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe [2013-07-15 554384] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPN Assistent] C:\Program Files\KPN\KPN Assistent\KPN_Assistent.exe [2012-11-28 14160352] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Wendy van Moergestel^Menu Start^Programma's^Opstarten^Dropbox.lnk] C:\DOCUME~1\WENDYV~1\APPLIC~1\Dropbox\bin\Dropbox.exe [2013-05-25 27776968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2009-03-09 205824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{4F07DA45-8170-4859-9B5F-037EF2970034}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Wizard Bestanden en instellingen overzetten" "C:\Documents and Settings\Leo van Houwelingen\Application Data\Spotify\spotify.exe"="C:\Documents and Settings\Leo van Houwelingen\Application Data\Spotify\spotify.exe:*:Enabled:Spotify" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Plex\Plex Media Center\Plex.exe"="C:\Program Files\Plex\Plex Media Center\Plex.exe:*:Disabled:Plex Media Center" "C:\Documents and Settings\Wendy van Moergestel\Application Data\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Wendy van Moergestel\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox" "C:\Program Files\KPN\KPN Assistent\KPN Installatie Assistent\KPN_IA.exe"="C:\Program Files\KPN\KPN Assistent\KPN Installatie Assistent\KPN_IA.exe:*:Enabled:KPN Assistent" "C:\Program Files\KPN\KPN Assistent\KPN Draadloos Netwerk Assistent\KPN_WNA.exe"="C:\Program Files\KPN\KPN Assistent\KPN Draadloos Netwerk Assistent\KPN_WNA.exe:*:Enabled:KPN Assistent" "C:\Program Files\KPN\KPN Installatie Assistent\KPN_IA.exe"="C:\Program Files\KPN\KPN Installatie Assistent\KPN_IA.exe:*:Enabled:KPN Installatie Assistent" "C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe"="C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe:*:Enabled:Ad-Aware Security Add-on DTX Broker" "C:\Program Files\KPN\KPN Assistent\KPN_Assistent.exe"="C:\Program Files\KPN\KPN Assistent\KPN_Assistent.exe:*:Enabled:KPN Assistant" "C:\Documents and Settings\Leo van Houwelingen\Mijn documenten\Downloads\tinyumbrella-7.02.01a.exe"="C:\Documents and Settings\Leo van Houwelingen\Mijn documenten\Downloads\tinyumbrella-7.02.01a.exe:*:Enabled:TinyUmbrella - Save your SHSH!" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2013-12-29 11:41:52 ----D---- C:\WINDOWS\LastGood 2013-12-27 20:33:28 ----SHD---- C:\Config.Msi 2013-12-17 22:27:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$ 2013-12-17 22:27:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2893984$ 2013-12-17 22:27:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$ 2013-12-12 22:30:56 ----A---- C:\WINDOWS\system32\bootdelete.exe 2013-12-12 21:02:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$ 2013-12-12 21:02:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$ 2013-12-12 21:01:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$ 2013-12-12 21:01:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$ ======List of files/folders modified in the last 1 month====== 2013-12-29 12:11:48 ----D---- C:\Program Files\Trend Micro 2013-12-29 11:42:04 ----HD---- C:\WINDOWS\inf 2013-12-29 11:41:52 ----D---- C:\WINDOWS 2013-12-29 11:41:50 ----D---- C:\WINDOWS\system32\CatRoot2 2013-12-29 11:00:20 ----D---- C:\WINDOWS\temp 2013-12-29 10:49:37 ----D---- C:\WINDOWS\Debug 2013-12-29 10:46:42 ----D---- C:\Program Files\CCleaner 2013-12-29 10:40:35 ----D---- C:\WINDOWS\system32\drivers 2013-12-27 20:37:21 ----N---- C:\WINDOWS\SchedLgU.Txt 2013-12-27 20:36:13 ----SHD---- C:\WINDOWS\Installer 2013-12-27 20:03:33 ----D---- C:\WINDOWS\system32 2013-12-17 22:32:31 ----D---- C:\WINDOWS\system32\MRT 2013-12-17 22:29:43 ----A---- C:\WINDOWS\system32\MRT.exe 2013-12-17 22:27:37 ----RSHDC---- C:\WINDOWS\system32\dllcache 2013-12-12 22:30:56 ----RD---- C:\Program Files 2013-12-12 21:02:22 ----D---- C:\WINDOWS\Prefetch 2013-12-12 21:01:02 ----D---- C:\Program Files\Internet Explorer 2013-12-12 21:00:02 ----D---- C:\WINDOWS\ie8updates 2013-12-12 20:48:09 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-08-30 49376] R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-08-30 177864] R0 gfibto;gfibto; C:\WINDOWS\system32\drivers\gfibto.sys [2013-08-26 13560] R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696] R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-08-30 49760] R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-30 770344] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-08-30 369584] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-08-30 56080] R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys [] R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 WmiAcpi;Microsoft Windows Beheerinterface voor ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832] R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-08-30 29816] R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys [] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-02-05 281600] R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976] R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-03-09 6278016] R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2008-07-23 44800] R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288] R3 NETw5x32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2009-01-05 3634688] R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] S1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S1 SBRE;SBRE; C:\WINDOWS\system32\drivers\SBREDrv.sys [] S3 b57w2k;Broadcom NetLink Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-12-15 160256] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 gfiark;gfiark; C:\WINDOWS\system32\drivers\gfiark.sys [2013-04-11 41584] S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS [] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [] S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384] S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976] S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808] R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2013-10-31 106280] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-19 182696] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-02 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-12 257416] S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-02 136176] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------
-
Hallo, Mijn laptop is reageert erg traag. Waarschijnlijk vanwege het hoge CPU gebruik. Wat te doen? De laptop draait op windows XP. Het hoge CPU gebruikt wordt met name veroorzaakt door "svchost.exe" en "niet-actieve systeemprocessen"
-
Internetten niet meer mogelijk + algehele traagheid PC
Lhouwel reageerde op Lhouwel's topic in Archief Bestrijding malware & virussen
In ieder geval weer een stuk beter. Nog steeds niet rap, maar vergeleken met eerst een verademing -
Internetten niet meer mogelijk + algehele traagheid PC
Lhouwel reageerde op Lhouwel's topic in Archief Bestrijding malware & virussen
Hier ben ik weer. Wegens persoonlijke omstandigheden even uit de lucht geweest. Ik heb zoek laten draaien en hier is het logje Zoek.exe Version 4.0.0.5 Updated 22-October-2013 Tool run by Ria on wo 23-10-2013 at 0:29:41,43. Microsoft Windows XP Professional 5.1.2600 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Ria\Bureaublad\zoek\zoek.exe [script inserted] ==== System Restore Info ====================== 23-10-2013 0:33:11 Zoek.exe System Restore Point Created Succesfully. ==== Creating Sample_23-10-2013_0047.zip ====================== Process chrome.exe killed Copied folder C:\Documents and Settings\All Users\Application Data\nView_Profiles to sample\nView_Profiles C:\Documents and Settings\All Users\Bureaublad\sample_23-10-2013_0047.zip created successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] ==== Deleting Files \ Folders ====================== C:\WINDOWS\002236_.tmp deleted C:\WINDOWS\003028_.tmp deleted C:\WINDOWS\SET4.tmp deleted C:\WINDOWS\SET8.tmp deleted C:\WINDOWS\System32\SET20.tmp deleted C:\WINDOWS\System32\SET24.tmp deleted C:\WINDOWS\System32\SET2C.tmp deleted C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 6601-03-07 10:58:02 3201F273ADCACCBA2D134D62AABA71A3 1919 ----a-w- C:\WINDOWS\epplauncher.mif 2013-10-01 21:48:14 5F1BE751FC8515C34BC307DE976F4BF9 41664 ----a-w- C:\WINDOWS\avastSS.scr ====== C:\DOCUME~1\Ria\LOCALS~1\Temp ==== 2013-10-22 21:48:03 AF5B72AB4450E4E76F6F6B99806D0F1C 1185744 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_B59F0.tmp\setup.exe 13929-07-17 08:27:16 76ADBD909FA0898834BE3A8C0EA76609 9186416 ----a-w- C:\Documents and Settings\Ria\Local Settings\Temp\HitmanPro35A.exe ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== 2013-10-01 21:52:25 B9FE438B3CAD82B2014710349A2022F7 29816 ----a-w- C:\WINDOWS\System32\drivers\aswFsBlk.sys 2013-10-01 21:52:24 813024DFD54A41B3AFAE2B1E2796CB80 369584 ----a-w- C:\WINDOWS\System32\drivers\aswSP.sys 2013-10-01 21:52:18 D084D0A7A66619FC29776CBBB9D5FA55 49760 ----a-w- C:\WINDOWS\System32\drivers\aswRdr.sys 2013-10-01 21:52:17 5E18413310134130D7772F0668698CB7 56080 ----a-w- C:\WINDOWS\System32\drivers\aswTdi.sys 2013-10-01 21:52:15 4D53349D848C6BADB3D4ACBE98C27676 770344 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys 2013-10-01 21:52:14 A5F637D61719D37A5B4868C385E363C0 177864 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys 2013-10-01 21:52:13 FA72FA503F580C3C628DD8C7D7622E37 49376 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys 2013-10-01 21:52:09 AE5549DD21F6DE06406031EF1D51ACC3 66336 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys ====== C:\WINDOWS\Tasks ====== 2013-10-01 21:52:22 40C8F2AAE68EFC1FD941699795B06056 358 ---ha-w- C:\WINDOWS\Tasks\avast! Emergency Update.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 6601-03-07 21:41:44 -------- d-----w- C:\Program Files\HitmanPro 2013-10-02 18:51:06 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Documents and Settings\Ria\Application Data ====== ====== C:\Documents and Settings\Ria ====== 6601-03-07 11:04:23 77B78E39B2894B8C5BA43C5651AEDF96 11260760 ----a-w- C:\Documents and Settings\Ria\Mijn documenten\mseinstall.exe 2013-10-03 18:55:40 -------- d--h--r- C:\Documents and Settings\Ria\Onlangs geopend ====== C: exe-files == 6601-03-07 21:41:44 FA734675C96D038C4FFAF273D3291B92 9096848 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe 6601-03-07 21:27:16 84BC7153A1CFA8896CD7390E5C82F3CA 30185256 ----a-w- C:\Documents and Settings\Ria\Bureaublad\Cleanprogjes\OnlineArmorSetup.exe 6601-03-07 11:04:23 77B78E39B2894B8C5BA43C5651AEDF96 11260760 ----a-w- C:\Documents and Settings\Ria\Mijn documenten\mseinstall.exe 32-00-1222 65530:65535:31284 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\Temp\GUR1.exe 2013-10-22 21:48:03 AF5B72AB4450E4E76F6F6B99806D0F1C 1185744 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_B59F0.tmp\setup.exe 2013-10-22 21:46:37 D95B23EFDC39CA7CC40CB36C29C7F0B6 2219360 ----a-w- C:\Program Files\Google\Update\Install\{66D713D4-3AD3-4135-BE23-C14DECCD4D76}\30.0.1599.101_30.0.1599.66_chrome_updater.exe 2013-10-22 21:46:35 D95B23EFDC39CA7CC40CB36C29C7F0B6 2219360 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.101\30.0.1599.101_30.0.1599.66_chrome_updater.exe 2013-10-22 21:32:26 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateBroker.exe 2013-10-22 21:32:26 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe 2013-10-22 21:32:26 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateSetup.exe 2013-10-22 21:32:10 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe 2013-10-22 21:32:10 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdate.exe 2013-10-22 21:32:10 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler64.exe 2013-10-22 21:31:18 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe 13929-07-17 08:27:16 76ADBD909FA0898834BE3A8C0EA76609 9186416 ----a-w- C:\Documents and Settings\Ria\Local Settings\Temp\HitmanPro35A.exe === C: other files == 2013-10-22 22:47:16 8AADC7F78FF6CD8FF6E8EEF7D8655C70 677 ----a-w- C:\Documents and Settings\All Users\Bureaublad\sample_23-10-2013_0047.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-1993962763-1343024091-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "EPLTarget\P0000000000000000"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE /EPT EPLTarget\P0000000000000000 /M XP-205 207 Series /EF HKCU" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" "SoundMan"="SOUNDMAN.EXE" "EEventManager"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "EPLTarget\P0000000000000000"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE /EPT EPLTarget\P0000000000000000 /M XP-205 207 Series /EF HKCU" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AvgUninstallURL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce" "item"="AvgUninstallURL" "hkey"="HKLM" "command"="cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMgBHADMASwAtADgANwBXAFUAVQAtADIAVABWAEgAQQAtAFgANgBEAEYAOAAtAEwANgBQAEEATgA\"&\"inst=NwA3AC0ANAA0ADgAOAA4ADEAMAA3ADQALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0AWABPADkAKwAxAC0ARgA5AE0AMwArADEALQBEAEQAVAArADMAMgAzADkAMAAtAEQARAA5ADAARgArADEALQBTAFQAOQAwAEYAQQBQAFAAKwAxAC0ARgA5ADAATQAxADIARQBOACsAMQAtAFQAQgBOACsAMQAtAEwAOQAwAE0ASgArADIALQBGADkAMABNADEAMgBKAFQAKwAxAC0ARgA5ADAAVQBVAEUAKwAzAC0AUwBUAEYAOQAwAFUAVQBFADEAKwAxAC0AUwBUAEYAOQAwAFUAVQBFADIAKwAxAC0ARgA5ADAATQAxADIAUgArADEAMQAtAFYASQBQADEAMgArADEA\"&\"prod=90\"&\"ver=9.0.894" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MSMSGS" "hkey"="HKCU" "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBJ] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NBJ" "hkey"="HKCU" "command"="\"C:\\PROGRA~1\\Ahead\\NEROBA~1\\NBJ.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleToolbarNotifier" "hkey"="HKCU" "command"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKLM" "command"="\"C:\\Program Files\\TomTom HOME\\TomTomHOME.exe\" -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Logitech Desktop Messenger.lnk" "backup"="C:\\WINDOWS\\pss\\Logitech Desktop Messenger.lnkCommon Startup" "command"="C:\\PROGRA~1\\Logitech\\DESKTO~1\\8876480\\Program\\LOGITE~1.EXE -startup" "item"="Logitech Desktop Messenger" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Microsoft Office.lnk" "backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup" "command"="C:\\PROGRA~1\\MICROS~2\\Office\\OSA9.EXE -b -l" "item"="Microsoft Office" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\avast\Undetermined Task.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [27-11-2010 17:36] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task] ==== Chrome Look ====================== Card number - Ria - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Docs - Wim - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Wim - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Wim - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Wim - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - Wim - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUninstallURL deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Wim\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\Ria\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully C:\Documents and Settings\Ria\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully C:\Documents and Settings\Wim\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Ria\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\Ria\Local Settings\Temporary Internet Files\Content.IE5\index.dat" deleted ==== EOF on wo 23-10-2013 at 8:08:37,37 ====================== -
Internetten niet meer mogelijk + algehele traagheid PC
Lhouwel reageerde op Lhouwel's topic in Archief Bestrijding malware & virussen
Ik heb em opnieuw laten draaien. Hierbij het logje log.txt Logfile of random's system information tool 1.09 (written by random/random) Run by Ria at 2013-10-03 19:43:30 Microsoft Windows XP Professional Service Pack 2 System drive C: has 20 GB (59%) free of 35 GB Total RAM: 511 MB (48% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:43:53, on 3-10-2013 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\WINDOWS\system32\EscSvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Epson Software\Event Manager\EEventManager.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\cdfoon\cdftray.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE C:\Documents and Settings\Ria\Bureaublad\RSIT.exe C:\Program Files\trend micro\Ria.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMgBHADMASwAtADgANwBXAFUAVQAtADIAVABWAEgAQQAtAFgANgBEAEYAOAAtAEwANgBQAEEATgA"&"inst=NwA3AC0ANAA0ADgAOAA4ADEAMAA3ADQALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0AWABPADkAKwAxAC0ARgA5AE0AMwArADEALQBEAEQAVAArADMAMgAzADkAMAAtAEQARAA5ADAARgArADEALQBTAFQAOQAwAEYAQQBQAFAAKwAxAC0ARgA5ADAATQAxADIARQBOACsAMQAtAFQAQgBOACsAMQAtAEwAOQAwAE0ASgArADIALQBGADkAMABNADEAMgBKAFQAKwAxAC0ARgA5ADAAVQBVAEUAKwAzAC0AUwBUAEYAOQAwAFUAVQBFADEAKwAxAC0AUwBUAEYAOQAwAFUAVQBFADIAKwAxAC0ARgA5ADAATQAxADIAUgArADEAMQAtAFYASQBQADEAMgArADEA"&"prod=90"&"ver=9.0.894 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [CDFoon System-Tray] C:\cdfoon\cdftray.exe O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-205 207 Series" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\WINDOWS\system32\EscSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe -- End of file - 6911 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\avast! Emergency Update.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Help bij koppelingen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 319488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 319488] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-02-23 3026944] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536] "EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2011-10-31 1058400] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"=cmd.exe /c start Uninstallation survey | AVG Nederland [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "CDFoon System-Tray"=C:\cdfoon\cdftray.exe [2002-05-02 163840] "EPLTarget\P0000000000000000"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE [2012-02-29 249440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ] C:\PROGRA~1\Ahead\NEROBA~1\NBJ.exe [2005-07-14 1961984] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files\TomTom HOME\TomTomHOME.exe [2006-10-23 3576488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk] C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2010-08-03 67128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [2000-01-21 65588] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\Program Files\EPSON Software\Event Manager\EEventManager.exe"="C:\Program Files\EPSON Software\Event Manager\EEventManager.exe:*:Disabled:EEventManager Application" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv ======List of files/folders created in the last 1 month====== 6601-03-07 23:59:25 ----D---- C:\Documents and Settings\Ria\Application Data\Malwarebytes 6601-03-07 23:58:51 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 6601-03-07 23:58:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 6601-03-07 23:58:42 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 6601-03-07 23:41:44 ----D---- C:\Program Files\HitmanPro 6601-03-07 23:40:51 ----D---- C:\Documents and Settings\All Users\Application Data\HitmanPro 2013-10-03 00:43:44 ----D---- C:\AdwCleaner 2013-10-02 20:51:06 ----D---- C:\Program Files\trend micro 2013-10-02 20:50:16 ----D---- C:\rsit 2013-10-01 23:52:25 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys 2013-10-01 23:52:24 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys 2013-10-01 23:52:18 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys 2013-10-01 23:52:17 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys 2013-10-01 23:52:15 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys 2013-10-01 23:52:14 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys 2013-10-01 23:52:13 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys 2013-10-01 23:52:09 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys 2013-10-01 23:52:07 ----A---- C:\WINDOWS\system32\aswBoot.exe 2013-10-01 23:48:14 ----A---- C:\WINDOWS\avastSS.scr 2013-10-01 23:43:03 ----D---- C:\Program Files\AVAST Software 2013-10-01 23:42:25 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software ======List of files/folders modified in the last 1 month====== 9999-07-17 11:03:01 ----SD---- C:\Documents and Settings\Ria\Application Data\Microsoft 9999-07-17 10:50:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 6601-03-08 00:21:18 ----D---- C:\Program Files\Google 6601-03-07 23:40:07 ----D---- C:\Documents and Settings\All Users\Application Data\Google 6601-03-07 23:33:14 ----D---- C:\WINDOWS\Debug 6601-03-07 13:00:10 ----D---- C:\WINDOWS\Help 6601-03-07 12:51:17 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2013-10-03 19:43:16 ----D---- C:\WINDOWS\Prefetch 2013-10-03 19:30:46 ----D---- C:\WINDOWS\Temp 2013-10-03 19:25:38 ----A---- C:\WINDOWS\SchedLgU.Txt 2013-10-03 19:25:32 ----D---- C:\WINDOWS\system32\CatRoot2 2013-10-03 00:46:42 ----SD---- C:\WINDOWS\Tasks 2013-10-03 00:46:41 ----RD---- C:\Program Files 2013-10-03 00:35:16 ----D---- C:\WINDOWS 2013-10-03 00:29:37 ----HD---- C:\WINDOWS\inf 2013-10-03 00:18:24 ----SHD---- C:\WINDOWS\Installer 2013-10-03 00:12:19 ----D---- C:\Config.Msi 2013-10-03 00:00:32 ----D---- C:\WINDOWS\system32\drivers 2013-10-01 23:56:53 ----D---- C:\WINDOWS\system32 2013-10-01 23:50:10 ----D---- C:\WINDOWS\WinSxS 2013-10-01 23:49:46 ----D---- C:\Program Files\QuickTime ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agp440.sys [2004-08-03 42368] R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-08-30 49376] R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-08-30 177864] R0 Vmodem;XP Vmodem; C:\WINDOWS\System32\DRIVERS\vmodem.sys [2001-08-17 604253] R0 Vpctcom;XP Vpctcom; C:\WINDOWS\System32\DRIVERS\vpctcom.sys [2001-08-17 397502] R0 Vvoice;XP Vvoice; C:\WINDOWS\System32\DRIVERS\vvoice.sys [2001-08-17 64605] R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-08-30 49760] R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-30 770344] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-08-30 369584] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-08-30 56080] R1 crlscsi;crlscsi; C:\WINDOWS\system32\drivers\crlscsi.sys [1995-11-07 6144] R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-04 40192] R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-08-30 29816] R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys [] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368] R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-09-07 9600] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-01-23 34576] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-01-23 33296] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-09-06 12288] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-02-23 1624491] R3 rtl8139;NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992] R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616] R3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360] S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928] S3 Dot4Scan;Stuurprogramma voor scannerklasse voor IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704] S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-09-06 23936] S3 Ptserlp;PCTEL Serial Device Driver for PCI; C:\WINDOWS\System32\DRIVERS\ptserlp.sys [2001-08-17 112574] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856] S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808] R2 EpsonScanSvc;Epson Scanner Service; C:\WINDOWS\system32\EscSvc.exe [2011-12-12 122000] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-07-20 61440] R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-02-23 77824] R2 Pctspk;PCTEL Speaker Phone; C:\WINDOWS\system32\pctspk.exe [2001-09-06 86016] S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-27 136176] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-27 136176] S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] -----------------EOF----------------- -
Internetten niet meer mogelijk + algehele traagheid PC
Lhouwel reageerde op Lhouwel's topic in Archief Bestrijding malware & virussen
Hierbij ook nog een MBAM logje: Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2013.10.01.09 Windows XP Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.18702 Ria :: MOERGESTEL [administrator] Bescherming: Ingeschakeld 2-10-2013 23:09:50 mbam-log-2013-10-02 (23-09-50).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 234793 Verstreken tijd: 22 minuut/minuten, 4 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) -
Internetten niet meer mogelijk + algehele traagheid PC
Lhouwel reageerde op Lhouwel's topic in Archief Bestrijding malware & virussen
info.txt logfile of random's system information tool 1.09 2013-10-02 21:06:42 ======Uninstall list====== -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNNMP.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Aangifte inkomstenbelasting 2011-->C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2011\ib2011u.exe ABBYY FineReader 9.0 Sprint-->MsiExec.exe /I {F9000000-0018-0000-0000-074957833700} ABBYY FineReader 9.0 Sprint-->MsiExec.exe /X{F9000000-0018-0000-0000-074957833700} Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -maintain activex Adobe Reader XI (11.0.04) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001} Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe" Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Beveiligingsupdate for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe" Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe" Beveiligingsupdate voor Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB971032)-->"C:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Beveiligingsupdate voor Windows XP (KB981350)-->"C:\WINDOWS\$NtUninstallKB981350$\spuninst\spuninst.exe" CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA} CD-foongids-->C:\WINDOWS\unvise32.exe C:\cdfoon\uninstal.log Compatibiliteitspakket voor het 2007 Microsoft Office system-->MsiExec.exe /X{90120000-0020-0413-0000-0000000FF1CE} Corel Applications-->C:\WINDOWS\Corel\Uninstal.exe Easy Computing - Wenskaarten-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{220912DC-336B-4908-8961-79E658DDFF43}\Setup.exe" -l0x13 Epson Easy Photo Print 2-->"C:\Program Files\InstallShield Installation Information\{30E01116-5666-4807-8EF1-D80E9FF16717}\SETUP.EXE" -runfromtemp -l0x0413 UNINST -removeonly Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)-->"C:\Program Files\InstallShield Installation Information\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}\setup.exe" -runfromtemp -l0x0413 -removeonly Epson Event Manager-->MsiExec.exe /X{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932} EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r EPSON XP-205 207 Series Printer Uninstall-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FINSILE.EXE /R /APD /P:"EPSON XP-205 207 Series" EpsonNet Print-->C:\Program Files\InstallShield Installation Information\{3E31400D-274E-4647-916C-2CACC3741799}\ENPSETUP.exe -runfromtemp -l0x0009 -EPSON -removeonly Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe Google Chrome-->"C:\Program Files\Google\Chrome\Application\29.0.1547.76\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Earth-->MsiExec.exe /X{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe" Hotfix voor Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Hotfix voor Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix voor Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Hotfix voor Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" KhalSetup-->MsiExec.exe /I{C89C8D86-4423-4A58-AA40-DD259ACE07C1} Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x13 UNINSTALL Logitech SetPoint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x13 -removeonly Malwarebytes Anti-Malware versie 1.75.0.1300-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft Office 2000 SR-1 Standard-->MsiExec.exe /I{00020413-78E1-11D2-B60F-006097C998E7} Microsoft Publisher 97-->C:\Program Files\Microsoft Publisher\Setup\Setup.exe /m Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID="" Netwerkhandleiding EPSON XP-205 207 Series-->"C:\Program Files\Epson Software\Epson Manual\EPSON XP-205 207 Series\nl\Netg\DocUnins.exe" NVIDIA Display Driver-->C:\WINDOWS\system32\nvudisp.exe Uninstall C:\WINDOWS\system32\nvdisp.nvu,NVIDIA Display Driver OLYMPUS CAMEDIA Master 4.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\setup.exe" CAMEDIA Master 4.2 PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall QuickTime-->MsiExec.exe /I{E7004147-2CCA-431C-AA05-2AB166B9785D} Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x13 -removeonly Software Updater-->MsiExec.exe /X{7B3A525D-9D3D-4618-AE52-A31DE98C8AC3} TomTom HOME-->C:\Program Files\InstallShield Installation Information\{CE325D55-FCAF-4273-BB79-069BB8747270}\setup.exe -runfromtemp -l0x0013 -removeonly -removeonly Update voor Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Update voor Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe" Update voor Windows Internet Explorer 8 (KB980302)-->"C:\WINDOWS\ie8updates\KB980302-IE8\spuninst\spuninst.exe" Update voor Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Update voor Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Update voor Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Update voor Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Update voor Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Update voor Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Update voor Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Update voor Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Update voor Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Update voor Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Update voor Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe" Update voor Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Update voor Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update voor Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update voor Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update voor Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update voor Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update voor Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Update voor Windows XP (KB980182)-->"C:\WINDOWS\$NtUninstallKB980182$\spuninst\spuninst.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" ======Security center information====== AV: avast! Antivirus ======System event log====== Computer Name: MOERGESTEL Event Code: 7036 Message: De SSDP Discovery-service-service heeft nu de status Wordt uitgevoerd. Record Number: 2209 Source Name: Service Control Manager Time Written: 20130609101637.000000+120 Event Type: Gegevens User: Computer Name: MOERGESTEL Event Code: 7035 Message: De SSDP Discovery-service-service is naar een Starten-besturingselement verzonden. Record Number: 2208 Source Name: Service Control Manager Time Written: 20130609101634.000000+120 Event Type: Gegevens User: NT AUTHORITY\SYSTEM Computer Name: MOERGESTEL Event Code: 7035 Message: De Terminal Services-service is naar een Starten-besturingselement verzonden. Record Number: 2207 Source Name: Service Control Manager Time Written: 20130609101634.000000+120 Event Type: Gegevens User: NT AUTHORITY\SYSTEM Computer Name: MOERGESTEL Event Code: 6005 Message: De Event Log-service is gestart. Record Number: 2206 Source Name: EventLog Time Written: 20130609101514.000000+120 Event Type: Gegevens User: Computer Name: MOERGESTEL Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free. Record Number: 2205 Source Name: EventLog Time Written: 20130609101514.000000+120 Event Type: Gegevens User: =====Application event log===== Computer Name: MOERGESTEL Event Code: 0 Message: Record Number: 5 Source Name: gusvc Time Written: 20130323163925.000000+060 Event Type: Gegevens User: Computer Name: MOERGESTEL Event Code: 1800 Message: De Windows Security Center-service is gestart. Record Number: 4 Source Name: SecurityCenter Time Written: 20130323163917.000000+060 Event Type: Gegevens User: Computer Name: MOERGESTEL Event Code: 1 Message: Record Number: 3 Source Name: avg9emc Time Written: 20130323163909.000000+060 Event Type: Gegevens User: Computer Name: MOERGESTEL Event Code: 4 Message: The LightScribe Service started successfully. Record Number: 2 Source Name: LightScribeService Time Written: 20130323163849.000000+060 Event Type: Gegevens User: Computer Name: MOERGESTEL Event Code: 0 Message: Record Number: 1 Source Name: gupdate Time Written: 20130323163839.000000+060 Event Type: Gegevens User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=0207 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip -----------------EOF----------------- - - - Updated - - - Gisteravond heb ik trouwens nog handmatig de klok aangepast. Daarna werkte de browsers weer -
Ik heb hier een pc van mijn schoonouders. Volgens mij mankeert er nogal wat aan. Ten eerste is de pc echt retetraag. Als de pc is opgestart en ik probeer Internet Explorer of Google Chrome te openen dan krijg ik een melding (Explorer: er is een probleem met het beveiligingscertificaat van deze website (site is google.com) / Chrome: het beveiligingscertificaat van de site is verlopen (ook staat in de adresbalk https in het rood met een rode streep er doorheen en krijg ik melding dat de klok verkeerd staat ingesteld)) Er staat wel Ccleaner op en die heb ik laten daaien om alvast wat rommel op te ruimen. Door het probleem met de browsers zal er wel meer aan de hand zijn (virus?) Ook viel me op dat de klok van de pv nu op zaterdag 17 juli 9999 11:13uur staat (het is nu 1 oktober 23:28) Welke stappen kan ik het beste uitvoeren om deze pc op te schonen en weer in orde te maken?
-
Delta Homes niet te verwijderen
Lhouwel reageerde op Lhouwel's topic in Archief Bestrijding malware & virussen
Met F8 kan ik in ieder geval weer opstarten. Thanks. Via de opstart- en herstelunstellingen kon ik gewoon het "standaard besturingssysteem" kiezen. Deze stond op "MS Windows xp professional setup" en die heb ik nu gewijzigd in "MS Windows xp professional"/noexecute=optin /fastdetect Volgens mij werkt ie nu weer goed. Iedereen weer bedankt voor de hulp!! -
Delta Homes niet te verwijderen
Lhouwel reageerde op Lhouwel's topic in Archief Bestrijding malware & virussen
De keuze blijft nu inderdaad weg. Probleem is alleen dat ik nu automatisch in de setup (laatste optie terecht kom) Enige manier om daaruit te komen is dmv twee f3 de setup af te sluiten. Daarna start de laptop opnieuw op en herhaalt dot verhaal zich weer. Kortom, nu kom ik helemaal niet meer verder dan mijn blauwe scherm 😞 -
Delta Homes niet te verwijderen
Lhouwel reageerde op Lhouwel's topic in Archief Bestrijding malware & virussen
Volgens mij was het me al gelukt om Delta Homes weg te krijgen, maar hieronder toch het logje van RSIT Logfile of random's system information tool 1.09 (written by random/random) Run by Leo van Houwelingen at 2013-09-19 20:21:56 Microsoft Windows XP Professional Service Pack 3 System drive C: has 33 GB (29%) free of 114 GB Total RAM: 2039 MB (66% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:22:06, on 19-9-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HitmanPro\hmpsched.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe C:\Documents and Settings\Leo van Houwelingen\Application Data\Spotify\Data\SpotifyWebHelper.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\AD-AWA~1\AdAware.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\Leo van Houwelingen\Bureaublad\RSIT.exe C:\Program Files\trend micro\Leo van Houwelingen.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Google\Update\GoogleUpdate.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe" O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run O4 - HKCU\..\Run: [spotify Web Helper] "C:\Documents and Settings\Leo van Houwelingen\Application Data\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1351885167167 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- End of file - 5971 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\avast! Emergency Update.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968] "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-03-13 141336] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-03-13 173592] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-03-13 142360] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-05-31 152392] "Ad-Aware Browsing Protection"=C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe [2013-07-15 554384] "Ad-Aware Antivirus"=C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher --windows-run [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"=C:\Documents and Settings\Leo van Houwelingen\Application Data\Spotify\Data\SpotifyWebHelper.exe [2012-11-04 1199576] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPN Assistent] C:\Program Files\KPN\KPN Assistent\KPN_Assistent.exe [2012-11-28 14160352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2009-03-09 205824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBAMSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Wizard Bestanden en instellingen overzetten" "C:\Documents and Settings\Leo van Houwelingen\Application Data\Spotify\spotify.exe"="C:\Documents and Settings\Leo van Houwelingen\Application Data\Spotify\spotify.exe:*:Enabled:Spotify" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service" "C:\Program Files\Plex\Plex Media Center\Plex.exe"="C:\Program Files\Plex\Plex Media Center\Plex.exe:*:Disabled:Plex Media Center" "C:\Documents and Settings\Wendy van Moergestel\Application Data\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Wendy van Moergestel\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox" "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit" "C:\Program Files\KPN\KPN Assistent\KPN Installatie Assistent\KPN_IA.exe"="C:\Program Files\KPN\KPN Assistent\KPN Installatie Assistent\KPN_IA.exe:*:Enabled:KPN Assistent" "C:\Program Files\KPN\KPN Assistent\KPN Draadloos Netwerk Assistent\KPN_WNA.exe"="C:\Program Files\KPN\KPN Assistent\KPN Draadloos Netwerk Assistent\KPN_WNA.exe:*:Enabled:KPN Assistent" "C:\Program Files\KPN\KPN Installatie Assistent\KPN_IA.exe"="C:\Program Files\KPN\KPN Installatie Assistent\KPN_IA.exe:*:Enabled:KPN Installatie Assistent" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe"="C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe:*:Enabled:Ad-Aware Security Add-on DTX Broker" "C:\Program Files\KPN\KPN Assistent\KPN_Assistent.exe"="C:\Program Files\KPN\KPN Assistent\KPN_Assistent.exe:*:Enabled:KPN Assistant" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2013-09-19 20:21:56 ----D---- C:\rsit 2013-09-18 21:17:51 ----SHD---- C:\RECYCLER 2013-09-18 21:10:25 ----A---- C:\DelFix.txt 2013-09-18 21:07:05 ----D---- C:\WINDOWS\temp 2013-09-18 20:57:53 ----ASH---- C:\pagefile.sys 2013-09-18 20:44:53 ----RASHD---- C:\cmdcons 2013-09-18 20:40:20 ----D---- C:\WINDOWS\erdnt 2013-09-17 23:43:25 ----D---- C:\$WIN_NT$.~BT 2013-09-17 22:56:07 ----A---- C:\Boot.bak 2013-09-17 22:55:48 ----A---- C:\WINDOWS\UPGRADE.TXT 2013-09-17 22:55:43 ----D---- C:\WINDOWS\setup.pss 2013-09-17 22:16:56 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys 2013-09-17 22:15:54 ----HD---- C:\Documents and Settings\All Users\Application Data\Common Files 2013-09-13 21:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$ 2013-09-13 20:59:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$ 2013-09-13 20:59:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$ 2013-09-06 22:21:25 ----A---- C:\WINDOWS\system32\bootdelete.exe 2013-09-01 22:41:39 ----D---- C:\Documents and Settings\Leo van Houwelingen\Application Data\dll-files.com 2013-09-01 22:41:32 ----D---- C:\Documents and Settings\All Users\Application Data\Logs 2013-09-01 20:32:35 ----A---- C:\WINDOWS\system32\drivers\gfiark.sys 2013-09-01 20:19:35 ----D---- C:\AdwCleaner 2013-09-01 20:13:58 ----D---- C:\Program Files\Trend Micro 2013-09-01 20:09:58 ----A---- C:\WINDOWS\system32\drivers\sbapifs.sys 2013-09-01 20:09:58 ----A---- C:\WINDOWS\system32\drivers\sbaphd.sys 2013-09-01 20:09:55 ----D---- C:\WINDOWS\system32\drivers\VDD 2013-09-01 18:23:41 ----D---- C:\Program Files\HitmanPro 2013-09-01 18:18:50 ----D---- C:\Documents and Settings\All Users\Application Data\Hitman Pro 2013-08-27 23:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$ 2013-08-26 21:51:27 ----D---- C:\Documents and Settings\Leo van Houwelingen\Application Data\LavasoftStatistics 2013-08-26 21:50:59 ----D---- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus 2013-08-26 21:33:04 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2013-08-26 21:33:02 ----D---- C:\Program Files\Ad-Aware Antivirus 2013-08-26 21:32:40 ----D---- C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2013-08-26 21:32:38 ----D---- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection 2013-08-26 21:32:28 ----D---- C:\Program Files\Toolbar Cleaner 2013-08-26 21:32:25 ----D---- C:\Documents and Settings\Leo van Houwelingen\Application Data\SecureSearch 2013-08-26 21:32:19 ----D---- C:\Program Files\Lavasoft 2013-08-26 21:28:58 ----A---- C:\WINDOWS\system32\drivers\gfibto.sys 2013-08-26 21:28:57 ----D---- C:\Documents and Settings\Leo van Houwelingen\Application Data\Ad-Aware Antivirus 2013-08-20 17:47:20 ----D---- C:\WINDOWS\system32\MRT 2013-08-20 17:39:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$ 2013-08-20 17:39:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$ 2013-08-20 17:38:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$ 2013-08-20 17:38:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2849470$ ======List of files/folders modified in the last 1 month====== 2013-09-19 20:15:31 ----D---- C:\WINDOWS\system32\drivers 2013-09-19 20:12:05 ----D---- C:\WINDOWS 2013-09-18 23:20:54 ----N---- C:\WINDOWS\SchedLgU.Txt 2013-09-18 23:02:35 ----D---- C:\Documents and Settings\All Users\Application Data\Spotnet 2013-09-18 21:18:51 ----D---- C:\WINDOWS\system32\CatRoot2 2013-09-18 21:17:51 ----D---- C:\WINDOWS\Minidump 2013-09-18 20:58:30 ----A---- C:\WINDOWS\system.ini 2013-09-18 20:58:12 ----D---- C:\WINDOWS\system32\drivers\etc 2013-09-18 20:50:10 ----D---- C:\WINDOWS\system32 2013-09-18 20:49:02 ----D---- C:\WINDOWS\AppPatch 2013-09-18 20:48:50 ----D---- C:\Program Files\Common Files 2013-09-18 20:45:00 ----RASH---- C:\boot.ini 2013-09-18 19:39:03 ----RD---- C:\Program Files 2013-09-18 15:01:33 ----D---- C:\Program Files\VideoLAN 2013-09-18 14:58:28 ----SD---- C:\WINDOWS\Tasks 2013-09-18 14:56:31 ----SHD---- C:\WINDOWS\Installer 2013-09-18 14:46:10 ----D---- C:\WINDOWS\Debug 2013-09-17 22:22:20 ----D---- C:\WINDOWS\Prefetch 2013-09-17 22:05:55 ----HD---- C:\WINDOWS\inf 2013-09-13 21:02:29 ----RSHDC---- C:\WINDOWS\system32\dllcache 2013-09-13 21:02:12 ----D---- C:\Program Files\Internet Explorer 2013-09-13 21:01:23 ----D---- C:\WINDOWS\ie8updates 2013-09-13 20:48:53 ----A---- C:\WINDOWS\system32\MRT.exe 2013-09-01 22:37:54 ----D---- C:\WINDOWS\system32\CatRoot 2013-09-01 20:13:58 ----SD---- C:\Documents and Settings\Leo van Houwelingen\Application Data\Microsoft 2013-09-01 19:24:24 ----D---- C:\WINDOWS\Microsoft.NET 2013-09-01 17:38:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2013-08-26 21:14:59 ----D---- C:\WINDOWS\471D8B37C5B344579FA1B3C693334F4F.TMP 2013-08-26 21:08:03 ----D---- C:\Program Files\CCleaner 2013-08-25 12:32:34 ----A---- C:\WINDOWS\system32\msvcr100.dll 2013-08-25 12:32:34 ----A---- C:\WINDOWS\system32\msvcp100.dll 2013-08-21 10:41:45 ----RSD---- C:\WINDOWS\assembly 2013-08-20 17:41:48 ----D---- C:\WINDOWS\WinSxS ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376] R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-06-28 175176] R0 gfibto;gfibto; C:\WINDOWS\system32\drivers\gfibto.sys [2013-08-26 13560] R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696] R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760] R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-06-28 770344] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-06-28 369584] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080] R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys [] R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 sbaphd;sbaphd; C:\WINDOWS\system32\drivers\sbaphd.sys [2012-09-12 22064] R1 WmiAcpi;Microsoft Windows Beheerinterface voor ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832] R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816] R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys [] R2 sbapifs;sbapifs; C:\WINDOWS\system32\drivers\sbapifs.sys [2012-09-12 66344] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-02-05 281600] R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976] R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 b57w2k;Broadcom NetLink Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-12-15 160256] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-03-09 6278016] R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2008-07-23 44800] R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288] R3 NETw5x32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2009-01-05 3634688] R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] S1 SBRE;SBRE; C:\WINDOWS\system32\drivers\SBREDrv.sys [] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 gfiark;gfiark; C:\WINDOWS\system32\drivers\gfiark.sys [2013-04-11 41584] S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS [] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104] S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ad-Aware Service;Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [2013-06-13 1236336] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504] R2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-02 136176] R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2013-09-01 106280] R2 SBAMSvc;Ad-Aware; C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [2012-09-20 3677000] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 553288] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-02 136176] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856] S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- - - - Updated - - - Laptop draait wel weer goed volgens mij. Alleen nu is er een ander probleempje ontstaan. Als ik de laptop opstart kom ik in een zwart scherm waarin staat: Selecteer het besturingssysteem dat u wilt starten: Microsoft Windows Recovery Console do not select this (foutopsporing is actief) Windows XP Professional Windows XP Professional Setup Als ik dan niet snel "Windows XP Professional" selecteer start ie binnen 2 a 3 seconden de "Windows XP Professional Setup" op. Dan krijg ik een blauw scherm en moet ik met F3 het proces afbreken waarna de laptop weer opnieuw opstart. Als ik wel Windows XP Professional selecteer dan start de laptop op en lijkt alles naar behoren te werken
OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!