Ga naar inhoud

PC valt spontaan uit


Aanbevolen berichten

Hier ben ik weer :thumpdown:

Vandaag opnieuw 2 keer PC geblokkeerd, tweede keer vlak na opstart. Dit ondanks ik Iobit Avanced System Care heb uitgeschakeld. Enige lijn die ik zie is dat uitval quasi steeds gebeurt bij gebruik Chrome en als ik wat veel zaken tegelijk open ... soms heb ik er enkele dagen geen last van maar heb steeds prijs zodra ik hier kom zeggen dat het is opgelost :hmmmm:

Ook al eens een ander scherm geprobeerd maar helpt (uiteraard) niks.

Iemand suggesties ?

alvast bedankt

Damo

Link naar reactie
Delen op andere sites

  • Reacties 144
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

Druk op de Windows + R toets en typ in het uitvoervenster cmd en druk op Enter.

Typ in de opdrachtprompt tasklist /svc >C:\tasklist.txt en druk op Enter

Ga naar de root van je C-schijf waar je het tekst bestand tasklist.txt terug vind en plaats de inhoud in je volgende bericht.

Link naar reactie
Delen op andere sites

Download Silent Runners.zip naar je bureaublad.

Pak het gedownloade bestand uit, in de uitgepakte map dubbelklik je op Silent Runners.vbs om het programma te starten.

Bij de vraag of je de "supplementary search" wilt overslaan, kies je voor Yes.

Wacht tot je de melding krijgt dat het script voltooid is.

Post de inhoud van "Startup Programs (computernaam) datum tijd.txt" in je volgende bericht?

Met dank aan Juister voor de tip :top:

Link naar reactie
Delen op andere sites

Hallo Dasle,

Onderstaand het gevraagde

PS : PS start zeer traag op...

"Silent Runners.vbs", revision 69, Silent Runners - Adware? Disinfect, don't reformat!

Operating System: Microsoft Windows XP Home Edition Service Pack 3 (32-bit)

Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:

---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

avast = "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui [AVAST Software]

NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [MS]

nwiz = nwiz.exe /installquiet [NVIDIA Corporation]

NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [MS]

KernelFaultCheck = C:\WINDOWS\system32\dumprep 0 -k

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub

-> {HKLM…CLSID} = Adobe PDF Link Helper

\InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated]

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = (no title provided)

-> {HKLM…CLSID} = avast! WebRep

\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [AVAST Software]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

-> {HKLM…CLSID} = avast

\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [AVAST Software]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{88895560-9AA2-1069-930E-00AA0030EBC8} = HyperTerminal-pictogramuitbreiding

-> {HKLM…CLSID} = HyperTerminal Icon Ext

\InProcServer32\(Default) = C:\WINDOWS\System32\hticons.dll [Hilgraeve, Inc.]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler

-> {HKLM…CLSID} = (no title provided)

\InProcServer32\(Default) = D:\Program Files\Microsoft Office\OFFICE11\msohev.dll [MS]

{A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class

-> {HKLM…CLSID} = DesktopContext Class

\InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation]

{1CDB2949-8F65-4355-8456-263E7C208A5D} = Desktop Explorer

-> {HKLM…CLSID} = Desktop Explorer

\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]

{1E9B04FB-F9E5-4718-997B-B8DA88302A47} = Desktop Explorer Menu

-> {HKLM…CLSID} = (no title provided)

\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]

{1E9B04FB-F9E5-4718-997B-B8DA88302A48} = nView Desktop Context Menu

-> {HKLM…CLSID} = nView Desktop Context Menu

\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]

{0561EC90-CE54-4f0c-9C55-E226110A740C} = Haali Column Provider

-> {HKLM…CLSID} = Haali Column Provider

\InProcServer32\(Default) = C:\WINDOWS\system32\mmfinfo.dll [null data]

{5574006C-28F5-4a65-A28C-74DE6BFBE0BB} = Haali Matroska Shell Property Page

-> {HKLM…CLSID} = Haali Matroska Shell Property Page

\InProcServer32\(Default) = C:\WINDOWS\system32\mmfinfo.dll [null data]

{327669A0-59A7-4be9-B99E-1C9F3A57611A} = Haali Matroska Thumbnail Extractor

-> {HKLM…CLSID} = Haali Matroska Thumbnail Extractor

\InProcServer32\(Default) = C:\WINDOWS\system32\mmfinfo.dll [null data]

{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler

-> {HKLM…CLSID} = Microsoft Office Outlook

\InProcServer32\(Default) = D:\PROGRA~2\MICROS~2\OFFICE11\MLSHEXT.DLL [MS]

{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler

-> {HKLM…CLSID} = Outlook-extensie voor bestandspictogrammen

\InProcServer32\(Default) = D:\PROGRA~2\MICROS~2\OFFICE11\OLKFSTUB.DLL [MS]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler

-> {HKLM…CLSID} = Microsoft Office Metadata Handler

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler

-> {HKLM…CLSID} = Microsoft Office Thumbnail Handler

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{472083B0-C522-11CF-8763-00608CC02F24} = avast

-> {HKLM…CLSID} = avast

\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [AVAST Software]

{C1051DD2-472F-4B24-B47A-06769096CE34} = Easeus ShellFolder!

-> {HKLM…CLSID} = Easeus ShellFolder!

\InProcServer32\(Default) = d:\Program Files\EASEUS\Todo Backup\bin\ImageSh.dll [CHENGDU YIWO Tech Development Co.,Ltd]

{B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension

-> {HKLM…CLSID} = WinRAR

\InProcServer32\(Default) = d:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

{FFB699E0-306A-11d3-8BD1-00104B6F7516} = Play on my TV helper

-> {HKLM…CLSID} = NVIDIA CPL Extension

\InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

<<!>> text/xml\CLSID = {807553E5-5146-11D5-A672-00B0D022E945}

-> {HKLM…CLSID} = (no title provided)

\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> mso-offdap11\CLSID = {32505114-5902-49B2-880A-1F7738E5A384}

-> {HKLM…CLSID} = Data Page Plugable Protocal mso-offdap11 Handler

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL [MS]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

Advanced SystemCare\(Default) = {9486A9B2-D787-4eca-A25C-4A0086BB4154}

-> {HKLM…CLSID} = CExtMenu Class

\InProcServer32\(Default) = d:\Program Files\IObit\Advanced SystemCare 6\ASCExtMenu.dll [null data]

avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

-> {HKLM…CLSID} = avast

\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [AVAST Software]

IObit Malware Fighter\(Default) = {0BB81440-5F42-4480-A5F7-770A6F439FC8}

-> {HKLM…CLSID} = BlueBirdShell Class

\InProcServer32\(Default) = d:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [iObit]

SolidConverterDWG\(Default) = {36EB2FB7-593D-45aa-9669-582196FB1B2A}

-> {HKLM…CLSID} = Solid Converter DWG

\InProcServer32\(Default) = C:\Program Files\SolidDocuments\SolidConverterDWG\ExploreExtDWG.dll [solid Documents, LLC]

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM…CLSID} = WinRAR

\InProcServer32\(Default) = d:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

-> {HKLM…CLSID} = avast

\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [AVAST Software]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

Advanced SystemCare\(Default) = {9486A9B2-D787-4eca-A25C-4A0086BB4154}

-> {HKLM…CLSID} = CExtMenu Class

\InProcServer32\(Default) = d:\Program Files\IObit\Advanced SystemCare 6\ASCExtMenu.dll [null data]

IObit Malware Fighter\(Default) = {0BB81440-5F42-4480-A5F7-770A6F439FC8}

-> {HKLM…CLSID} = BlueBirdShell Class

\InProcServer32\(Default) = d:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [iObit]

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM…CLSID} = WinRAR

\InProcServer32\(Default) = d:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM…CLSID} = WinRAR

\InProcServer32\(Default) = d:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

00nView\(Default) = {1E9B04FB-F9E5-4718-997B-B8DA88302A48}

-> {HKLM…CLSID} = nView Desktop Context Menu

\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]

NvCplDesktopContext\(Default) = {A70C977A-BF00-412C-90B7-034C51DA2439}

-> {HKLM…CLSID} = DesktopContext Class

\InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{0561EC90-CE54-4f0c-9C55-E226110A740C}\(Default) = Haali Column Provider

-> {HKLM…CLSID} = Haali Column Provider

\InProcServer32\(Default) = C:\WINDOWS\system32\mmfinfo.dll [null data]

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info

-> {HKLM…CLSID} = PDF Shell Extension

\InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

-> {HKLM…CLSID} = avast

\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [AVAST Software]

IObit Malware Fighter\(Default) = {0BB81440-5F42-4480-A5F7-770A6F439FC8}

-> {HKLM…CLSID} = BlueBirdShell Class

\InProcServer32\(Default) = d:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll [iObit]

SolidConverterDWG\(Default) = {36EB2FB7-593D-45aa-9669-582196FB1B2A}

-> {HKLM…CLSID} = Solid Converter DWG

\InProcServer32\(Default) = C:\Program Files\SolidDocuments\SolidConverterDWG\ExploreExtDWG.dll [solid Documents, LLC]

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM…CLSID} = WinRAR

\InProcServer32\(Default) = d:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM…CLSID} = WinRAR

\InProcServer32\(Default) = d:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

Default executables:

--------------------

.scr

HKLM\SOFTWARE\Classes\.scr\(Default) = AutoCADScriptFile

HKLM\SOFTWARE\Classes\AutoCADScriptFile\(Default) = AutoCAD Script

HKLM\SOFTWARE\Classes\AutoCADScriptFile\shell\open\command\(Default) = C:\WINDOWS\NOTEPAD.EXE "%1" [MS]

Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

NoDrives = (REG_DWORD) dword:0x00000000

{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\

NoDrives = (REG_DWORD) dword:0x00000000

{unrecognized setting}

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\

NoUpdateCheck = (REG_DWORD) dword:0x00000001

{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

DisableRegistryTools = (REG_DWORD) dword:0x00000000

{unrecognized setting}

Active Desktop and Wallpaper:

-----------------------------

Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

Wallpaper = C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

Wallpaper = C:\Documents and Settings\Xxxxx Xxxx.XXXXX\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

Enabled Screen Saver:

---------------------

HKCU\Control Panel\Desktop\

SCRNSAVE.EXE = C:\WINDOWS\System32\logon.scr [MS]

Windows Portable Device AutoPlay Handlers

-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

MPCPlayBluRayOnArrival\

Provider = Media Player Classic

InvokeProgID = MediaPlayerClassic.Autorun

InvokeVerb = PlayBlurayMovie

HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayBlurayMovie\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %L\BDMV\INDEX.BDMV [MPC-HC Team]

MPCPlayCDAudioOnArrival\

Provider = Media Player Classic

InvokeProgID = MediaPlayerClassic.Autorun

InvokeVerb = PlayCDAudio

HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayCDAudio\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 /cd [MPC-HC Team]

MPCPlayDVDMovieOnArrival\

Provider = Media Player Classic

InvokeProgID = MediaPlayerClassic.Autorun

InvokeVerb = PlayDVDMovie

HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayDVDMovie\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 /dvd [MPC-HC Team]

MPCPlayMusicFilesOnArrival\

Provider = Media Player Classic

InvokeProgID = MediaPlayerClassic.Autorun

InvokeVerb = PlayMusicFiles

HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayMusicFiles\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 [MPC-HC Team]

MPCPlayVideoFilesOnArrival\

Provider = Media Player Classic

InvokeProgID = MediaPlayerClassic.Autorun

InvokeVerb = PlayVideoFiles

HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayVideoFiles\command\(Default) = "C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 [MPC-HC Team]

MSWPDShellNamespaceHandler\

Provider = @%SystemRoot%\System32\WPDShextRes.dll,-501

CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}

InitCmdLine =

-> {HKLM…CLSID} = WPDShextAutoplay

\LocalServer32\(Default) = C:\WINDOWS\system32\WPDShextAutoplay.exe [MS]

NeroAutoPlay9AudioToNeroDigital\

Provider = Nero Burning ROM

InvokeProgID = Nero.AutoPlay8

InvokeVerb = AudioToNeroDigital_PlayCDAudioOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\AudioToNeroDigital_PlayCDAudioOnArrival\command\(Default) = D:\Program Files\Nero\Nero 9\Nero Burning ROM\Nero.exe /Dialog:SaveTracks %L [Nero AG]

NeroAutoPlay9CDAudio\

Provider = Nero Express

InvokeProgID = Nero.AutoPlay8

InvokeVerb = CDAudio_HandleCDBurningOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\CDAudio_HandleCDBurningOnArrival\command\(Default) = D:\Program Files\Nero\Nero 9\Nero Express\NeroExpress.exe -w /New:AudioCD [Nero AG]

NeroAutoPlay9CopyCD\

Provider = Nero Express

InvokeProgID = Nero.AutoPlay8

InvokeVerb = CopyCD_PlayMusicFilesOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\CopyCD_PlayMusicFilesOnArrival\command\(Default) = D:\Program Files\Nero\Nero 9\Nero Express\NeroExpress.exe -w /Dialog:DiscCopy [Nero AG]

NeroAutoPlay9DataDisc\

Provider = Nero Express

InvokeProgID = Nero.AutoPlay8

InvokeVerb = DataDisc_HandleCDBurningOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\DataDisc_HandleCDBurningOnArrival\command\(Default) = D:\Program Files\Nero\Nero 9\Nero Express\NeroExpress.exe -w /New:ISODisc [Nero AG]

NeroAutoPlay9LaunchNeroStartSmart\

Provider = Nero StartSmart

InvokeProgID = Nero.AutoPlay8

InvokeVerb = LaunchNeroStartSmart_HandleCDBurningOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\LaunchNeroStartSmart_HandleCDBurningOnArrival\command\(Default) = D:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe /AutoPlay [Nero AG]

NeroAutoPlay9RipCD\

Provider = Nero Burning ROM

InvokeProgID = Nero.AutoPlay8

InvokeVerb = RipCD_PlayCDAudioOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\RipCD_PlayCDAudioOnArrival\command\(Default) = D:\Program Files\Nero\Nero 9\Nero Burning ROM\Nero.exe /Dialog:SaveTracks %L [Nero AG]

ShowBizCancelAutoPlay\

Provider =

ProgID = ShowBizCancelAutoPlay.CancelAutoPlay

HKLM\SOFTWARE\Classes\ShowBizCancelAutoPlay.CancelAutoPlay\CLSID\(Default) = {C730D06E-F984-421F-B71C-2E7144CFE10E}

-> {HKLM…CLSID} = ShowBiz Cancel AutoPlay

\LocalServer32\(Default) = CancelAutoPlay.exe [file not found]

Enabled Scheduled Tasks: {++}

------------------------

avast! Emergency Update -> launches: C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [AVAST Software]

SmartDefragUpdate -> launches: C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe /autorun [iObit]

Winsock2 Service Provider DLLs:

-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

000000000002\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]

000000000003\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

Toolbars, Explorer Bars, Extensions:

------------------------------------

Toolbars

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\

{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} = (no title provided)

-> {HKLM…CLSID} = avast! WebRep

\InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [AVAST Software]

Explorer Bars

HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoek

Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32\(Default) = D:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\

ButtonText = Onderzoek

BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

-> {HKLM…CLSID} = &Onderzoek

\InProcServer32\(Default) = D:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL [MS]

{E2E2DD38-D088-4134-82B7-F2BA38496583}\

MenuText = @xpsp3res.dll,-20001

Exec = %windir%\Network Diagnostic\xpnetdiag.exe [MS]

Miscellaneous IE Hijack Points

------------------------------

HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\

<<H>> DesktopItemNavigationFailure = res://shdoclc.dll/navcancl.htm [MS]

<<H>> oldTabs = res://ieframe.dll/tabswelcome.htm [MS]

Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------

Advanced SystemCare Service 6, AdvancedSystemCareService6, d:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [iObit]

avast! Antivirus, avast! Antivirus, "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [AVAST Software]

HP CUE DeviceDiscovery-service, hpqddsvc, C:\WINDOWS\system32\svchost.exe -k hpdevmgmt {C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [Hewlett-Packard Co.]}

hpqcxs08, hpqcxs08, C:\WINDOWS\system32\svchost.exe -k hpdevmgmt {C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [Hewlett-Packard Co.]}

IMF Service, IMFservice, d:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [iObit]

Microsoft .NET Framework NGEN v4.0.30319_X86, clr_optimization_v4.0.30319_32, C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [MS]

Net Driver HPZ12, Net Driver HPZ12, C:\WINDOWS\System32\svchost.exe -k HPZ12 {C:\WINDOWS\system32\HPZinw12.dll [Hewlett-Packard]}

NVIDIA Driver Helper Service, NVSvc, C:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation]

NVIDIA Update Service Daemon, nvUpdatusService, C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [NVIDIA Corporation]

Pml Driver HPZ12, Pml Driver HPZ12, C:\WINDOWS\System32\svchost.exe -k HPZ12 {C:\WINDOWS\system32\HPZipm12.dll [Hewlett-Packard]}

Safe Mode Drivers & Services (subkey name, subkey default value):

-----------------------------------------------------------------

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\

<<!>> IMFservice, Service

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\

<<!>> {1a3e09be-1e45-494b-9174-d7385b45bbf5}, (title not found)

Keyboard Driver Filters:

------------------------

HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}\

<<!>> UpperFilters = <<!>> aswKbd [AVAST Software],kbdclass [MS]

Print Monitors:

---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\

hpf3l70v.dll\Driver = hpf3l70v.dll [Hewlett-Packard Company]

Microsoft Document Imaging Writer Monitor\Driver = mdimon.dll [MS]

---------- (launch time: 2013-03-01 19:57:01)

<<!>>: Suspicious data at a malware launch point.

<<H>>: Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

+ To search all directories of local fixed drives for DESKTOP.INI

DLL launch points, use the -supp parameter or answer "No" at the

first message box and "Yes" at the second message box.

---------- (total run time: 60 seconds, including 19 seconds for message boxes)

Link naar reactie
Delen op andere sites

Na een van de vorige berichten heb ik inderdaad Iobit Avanced System Care uitgeschakeld en sindsdien niet meer ingeschakeld. Als het actief is zie ik het aan het icoontje rechtsonder de start balk en dit was niet het geval.

- - - Updated - - -

Na het logje (waar ik niks van versta) zelf eens bekeken te hebben zie ik er een aantal zaken tussen staan waarvan ik toch dacht dat ze uitgeschakeld waren :

SolidConverterDWG

IObit Malware Fighter

Easeus ShellFolder

WinRar

=> ?

Link naar reactie
Delen op andere sites


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.