Ga naar inhoud

Foutmelding bij aanloggen


Pandora_6039

Aanbevolen berichten

Het is niet de 1ste maal dat ik een gelijkaardig ( de nummering meschien anders)bericht krijg bij opstarten:Een venster met benaming:fs hoster 32.exe

De instuctie op 0x172b6b55 verwijst naar het geheugen op 0xfffffc. De lees- of schrijfbewerking "read" op geheugen is mislukt.

KLik op ok om te beëindigen of annuleren om de fouten op te sporen. Maar fouten opsporen gebeurt niet gaat gewoon terug naar zelfde venster. Na ok klikken word verder opgestart.

Wat betekent dit? Is dit de reden dat ik soms 3 à 4 maal pc moet uitschakelen en opnieuw in eer dat pc volledig opstart?

Link naar reactie
Delen op andere sites

  • Reacties 24
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

fs hoster 32.exe

Dat heeft met F- Secure te maken, staat dat op je PC?

Voer onderstaande ook eens uit:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites

Dag beste leden, ik heb inderdaad F-secure via telenet en ik heb proberen uit te voeren zoals gevraagd maar bij uitvoeren krijg ik dan het venster uivoeren als (en kie altijd) deze persoon en vermeld mijn naam om dat ik dus de beheerder ben maar kreeg telkens het klein venstertje : Autolt Error (weet niet wat dit betekent):kan dit script niet uitvoeren. Maar nog eens geprobeerd en vinkje weggelaten die daar ook aangevinkt was met vermelding dat dit problemen kan geven om bepaalde bestanden te openen. Maar dan lukte het,en du hier nu het log.

Logfile of random's system information tool 1.09 (written by random/random)

Run by Goossens Freddy at 2014-01-21 11:30:08

Microsoft Windows XP Home Edition Service Pack 3

System drive C: has 33 GB (44%) free of 76 GB

Total RAM: 1023 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:30:20, on 21/01/2014

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Telenet Security Pack\fshoster32.exe

C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

C:\Program Files\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Nero\Update\NASvc.exe

C:\Program Files\Logitech\SetPointP\SetPoint.exe

C:\Program Files\Telenet Security Pack\fshoster32.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe

C:\Program Files\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Everyday Auto Backup\AutoBackup.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\fssm32.exe

C:\Program Files\Telenet Security Pack\apps\ComputerSecurity\Common\FSMA32.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Documents and Settings\Goossens Freddy\Bureaublad\RSIT.exe

C:\Program Files\trend micro\Goossens Freddy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O3 - Toolbar: (no name) - !{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming

O4 - HKLM\..\Run: [F-Secure Hoster (44163)] "C:\Program Files\Telenet Security Pack\fshoster32.exe" -app -hosterid:1

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [Everyday Auto Backup] C:\Program Files\Everyday Auto Backup\AutoBackup.exe /1

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be

O15 - Trusted Zone: http://*.pchelper.nl

O15 - ESC Trusted Zone: http://*.pps.tv

O15 - ESC Trusted Zone: http://*.ppstream.com

O15 - ESC Trusted Zone: http://*.webscache.com

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\fshoster32.exe

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\apps\ComputerSecurity\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\apps\CCF_Reputation\fsorsp.exe

O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--

End of file - 10316 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\At1.job

C:\WINDOWS\tasks\At2.job

C:\WINDOWS\tasks\At3.job

C:\WINDOWS\tasks\At4.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd99a3820c71a8.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cc2a5beed27624.job

C:\WINDOWS\tasks\Scheduled scanning task.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{3BE973D4-9E6D-4E8E-9D63-4BDC7B476278}.job

C:\WINDOWS\tasks\Windows Install Clean Up.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-12 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-13 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-12 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-12 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

!{2318C2B1-4965-11d4-9B18-009027A5CD4F}

!{265EEE8E-3228-44D3-AEA5-F7FDF5860049}

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-13 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]

"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]

"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-07-31 2296600]

"F-Secure Hoster (44163)"=C:\Program Files\Telenet Security Pack\fshoster32.exe [2013-01-18 188400]

"F-Secure Manager"=C:\Program Files\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE [2013-08-20 310208]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Everyday Auto Backup"=C:\Program Files\Everyday Auto Backup\AutoBackup.exe [2013-02-21 245760]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-01-26 39408]

"Adobe Reader Synchronizer"=C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [2013-12-21 698760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Everyday Auto Backup]

C:\Program Files\Everyday Auto Backup\AutoBackup.exe [2013-02-21 245760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]

C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-07-31 2296600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure Hoster (44163)]

C:\Program Files\Telenet Security Pack\fshoster32.exe [2013-01-18 188400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]

C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2013-03-27 1098072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]

C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-06-26 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]

C:\Program Files\Logitech\Video\CameraAssistant.exe [2005-12-07 489472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraService(E)]

C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]

C:\Program Files\Logitech\Video\InstallHelper.exe [2005-12-07 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]

C:\WINDOWS\system32\LVCOMSX.EXE [2005-12-09 225280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyGarminAgent]

C:\Program Files\Garmin\MyGarminAgent\MyGarminAgent.exe [2010-03-16 337256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyPoi Monitor]

C:\Program Files\Common Files\MyPoiWorld Shared\MyPoiMonitor\MyPoiMonitor.exe [2010-03-26 2114808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]

C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-10-28 1406248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]

C:\WINDOWS\system32\PSDrvCheck.exe [2003-05-28 394240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]

C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [2010-06-01 600928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\qttask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shockwave Updater]

C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150595.exe [2009-03-19 460216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

C:\Program Files\Skype\Phone\Skype.exe [2013-07-25 20684656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-01-26 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wltray.exe]

C:\WINDOWS\system32\wltray.exe [2005-06-08 778318]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Start^Programma's^Opstarten^ExifLauncher2.lnk]

C:\PROGRA~1\FINEPI~1\QUICKD~1.EXE [2007-01-30 303104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Start^Programma's^Opstarten^Windows Search.lnk]

C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]

c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-06-13 64280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=323

"NoDriveAutoRun"=67108863

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

"NoDriveAutoRun"=67108863

"NoDriveTypeAutoRun"=323

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:*:Enabled:ActiveSync RAPI Manager"

"C:\Documents and Settings\Goossens Freddy\Local Settings\Temp\7zS7426\HPDiagnosticCoreUI.exe"="C:\Documents and Settings\Goossens Freddy\Local Settings\Temp\7zS7426\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS"

"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP-apparaatinstellingen"

"C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe"="C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Netwerk communicator"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\WINDOWS\network diagnostic\xpnetdiag.exe"="C:\WINDOWS\network diagnostic\xpnetdiag.exe:*:Enabled:Network Diagnostic for Windows XP"

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console"

"C:\Documents and Settings\Goossens Freddy\Local Settings\Temp\7zS7290\EnterpriseDU.exe"="C:\Documents and Settings\Goossens Freddy\Local Settings\Temp\7zS7290\EnterpriseDU.exe:*:Enabled:DeviceUpdate"

"C:\Documents and Settings\Goossens Freddy\Local Settings\Temp\7zS277F\EnterpriseDU.exe"="C:\Documents and Settings\Goossens Freddy\Local Settings\Temp\7zS277F\EnterpriseDU.exe:*:Enabled:DeviceUpdate"

"C:\Documents and Settings\Goossens Freddy\Local Settings\Temp\7zS5481\EnterpriseDU.exe"="C:\Documents and Settings\Goossens Freddy\Local Settings\Temp\7zS5481\EnterpriseDU.exe:*:Enabled:DeviceUpdate"

"C:\Documents and Settings\Goossens Freddy\Local Settings\Temp\7zS4196\HPDiagnosticCoreUI.exe"="C:\Documents and Settings\Goossens Freddy\Local Settings\Temp\7zS4196\HPDiagnosticCoreUI.exe:*:Enabled:HPSAPS"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"VIDC.YVYU"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"midi"=wdmaud.drv

"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll

"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

"vidc.iv50"=ir50_32.dll

"vidc.iv41"=ir41_32.ax

"MSVideo"=vfwwdm32.dll

"wave2"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux2"=wdmaud.drv

"VIDC.I420"=lvcodec2.dll

"wave"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"msacm.siren"=sirenacm.dll

"wave1"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave3"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer4"=wdmaud.drv

"aux4"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-01-21 11:30:08 ----DC---- C:\rsit

2014-01-15 19:18:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2914368$

======List of files/folders modified in the last 1 month======

2014-01-21 11:30:20 ----D---- C:\Program Files\Trend Micro

2014-01-21 10:50:51 ----D---- C:\WINDOWS\Prefetch

2014-01-21 09:59:59 ----D---- C:\WINDOWS\Temp

2014-01-21 09:21:32 ----D---- C:\WINDOWS

2014-01-21 09:20:30 ----D---- C:\WINDOWS\system32

2014-01-20 22:31:25 ----A---- C:\WINDOWS\SchedLgU.Txt

2014-01-19 09:14:41 ----D---- C:\WINDOWS\system32\CatRoot2

2014-01-18 10:00:25 ----SHD---- C:\WINDOWS\Installer

2014-01-18 10:00:22 ----D---- C:\Config.Msi

2014-01-15 19:25:39 ----D---- C:\WINDOWS\system32\MRT

2014-01-15 19:19:39 ----D---- C:\WINDOWS\Debug

2014-01-15 19:19:24 ----AC---- C:\WINDOWS\system32\MRT.exe

2014-01-15 19:19:05 ----HD---- C:\WINDOWS\inf

2014-01-15 19:19:02 ----RSHDC---- C:\WINDOWS\system32\dllcache

2014-01-15 19:19:02 ----D---- C:\WINDOWS\system32\drivers

2014-01-14 19:26:57 ----D---- C:\Program Files\CCleaner

2014-01-02 23:32:40 ----D---- C:\WINDOWS\Help

2013-12-26 15:39:26 ----D---- C:\Program Files\Windows Live

2013-12-26 14:49:01 ----D---- C:\WINDOWS\Microsoft.NET

2013-12-26 14:47:00 ----RSD---- C:\WINDOWS\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fsbts;fsbts; C:\WINDOWS\system32\Drivers\fsbts.sys [2013-12-06 44240]

R0 sisagp;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-07-18 36992]

R0 SiSide;SiSide; C:\WINDOWS\System32\DRIVERS\siside.sys [2003-03-25 4096]

R0 sisidex;sisidex; C:\WINDOWS\system32\drivers\sisidex.sys [2002-05-28 48896]

R0 sisperf;Add Performance Filter Driver; C:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2010-01-20 43488]

R1 ANVIOCTL;ANVIOCTL; C:\WINDOWS\system32\DRIVERS\anvioctl.sys [2004-07-08 233816]

R1 asuskbnt;asuskbnt; C:\WINDOWS\system32\DRIVERS\asuskbnt.sys [2004-05-11 20992]

R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []

R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\Telenet Security Pack\apps\ComputerSecurity\HIPS\drivers\fshs.sys []

R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40448]

R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

R1 Tcpip6;Microsoft IPv6-protocolstuurprogramma; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2011-02-09 17801]

R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []

R2 LBeepKE;Logitech Beep Suppression Driver; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2013-05-23 10136]

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]

R3 BCM43XX;Stuurprogramma voor Broadcom 802.11-netwerkadapter; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2008-09-10 1386624]

R3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2011-01-04 22560]

R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys []

R3 fsni;fsni; \??\C:\Program Files\Telenet Security Pack\apps\CCF_Scanning\fsnixp32.sys []

R3 fsnitdi;fsnitdi; \??\C:\Program Files\Telenet Security Pack\apps\CCF_Scanning\fsnitdi32.sys []

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2013-05-23 43800]

R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2013-05-23 37528]

R3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys []

R3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2005-12-06 2010240]

R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []

R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-12-06 39424]

R3 LVUVC;Logitech QuickCam Pro 5000(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2005-12-06 1103488]

R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-09-06 12288]

R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]

R3 nvmpu401;Service for NVIDIA® nForce MIDI UART; C:\WINDOWS\system32\drivers\nvmpu401.sys [2005-07-26 10240]

R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2010-12-31 130432]

R3 tunmp;Stuurprogramma voor Microsoft Tun Minipoort-adapter; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]

R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]

R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2013-08-09 32384]

R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

R3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2013-07-03 14976]

R3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

S2 ousbehci;OrangeWare USB Enhanced Host Controller Service; C:\WINDOWS\System32\Drivers\ousbehci.sys [2002-12-24 39040]

S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files\FinalWire\AIDA64 Extreme Edition\kerneld.x32 []

S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\drivers\ApfiltrService.sys []

S3 catchme;catchme; C:\WINDOWS\system32\drivers\catchme.sys []

S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]

S3 cpuz135;cpuz135; \??\C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys []

S3 fsbl;F-Secure BlackLight Engine Driver; \??\C:\Program Files\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\fsbldrv.sys []

S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2009-04-17 9344]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-10-05 51120]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-10-05 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-10-05 21744]

S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]

S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-02-29 63120]

S3 LHidUsbK;Logitech SetPoint USB Receiver Device Driver; C:\WINDOWS\system32\drivers\LHidUsbK.sys []

S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-02-29 79120]

S3 LUsbKbd;Logitech SetPoint USB Keyboard Filter; C:\WINDOWS\system32\drivers\LUsbKbd.sys []

S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []

S3 ms_mpu401;Microsoft MPU-401 MIDI UART-stuurprogramma; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 MTK;Media Technology Kernel Driver; C:\WINDOWS\System32\Drivers\fide.sys [2011-11-24 15271]

S3 N;N; \??\C:\Documents and Settings\Goossens Freddy\Application Data\NewTech Infosystems\NTI Ripper\ []

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 ousb2hub;OrangeWare USB 2.0 Root Hub Support; C:\WINDOWS\system32\DRIVERS\ousb2hub.sys [2002-12-24 54016]

S3 rtl8139;NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-02-18 41984]

S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2003-08-04 6912]

S3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2003-08-04 11392]

S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]

R2 fshoster;F-Secure Dll Hoster; C:\Program Files\Telenet Security Pack\fshoster32.exe [2013-01-18 188400]

R2 FSORSPClient;F-Secure ORSP Client; C:\Program Files\Telenet Security Pack\apps\CCF_Reputation\fsorsp.exe [2013-12-06 60352]

R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-03-27 185688]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-07-12 182184]

R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2005-12-09 81920]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]

R2 NAUpdate;Nero Update; C:\Program Files\Nero\Update\NASvc.exe [2011-11-25 687400]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]

R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]

R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\wltrysvc.exe [2004-12-11 65536]

R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

R3 FSMA;F-Secure Management Agent; C:\Program Files\Telenet Security Pack\apps\ComputerSecurity\Common\FSMA32.EXE [2013-08-20 207808]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288]

S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]

S2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-01 136176]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]

S3 6to4;IPv6-hulpservice; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-01 136176]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 Iprip;RIP-listener; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-06-13 293144]

S3 LPDSVC;TCP/IP Print Server; C:\WINDOWS\System32\tcpsvcs.exe [2002-09-11 19456]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 p2pgasvc;Groepsverificatie van peer-netwerken; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 p2pimsvc;Identiteitsbeheer van peer-netwerken; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 p2psvc;Peer-netwerken; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 PNRPSvc;Naamomzettingsprotocol van peer-netwerken; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]

S3 SimpTcp;Eenvoudige TCP/IP-services; C:\WINDOWS\System32\tcpsvcs.exe [2002-09-11 19456]

S3 SNMP;SNMP-service; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]

S3 SNMPTRAP;SNMP Trap-service; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]

S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {5C255C8A-E604-49b4-9D64-90988571CECB};c
 {2318C2B1-4965-11d4-9B18-009027A5CD4F};c
 {265EEE8E-3228-44D3-AEA5-F7FDF5860049};c
 {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F};c
 C:\WINDOWS\tasks\At1.job;f
 C:\WINDOWS\tasks\At2.job;f
 C:\WINDOWS\tasks\At3.job;f
 C:\WINDOWS\tasks\At4.job;f
 C:\WINDOWS\tasks\Scheduled scanning task.job;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}];r
 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck];r
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe v5.0.0.0 Updated 20-Januari-2014

Tool run by Goossens Freddy on di 21/01/2014 at 23:16:05,21.

Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Goossens Freddy\Bureaublad\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

21/01/2014 23:20:38 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Elaborate Bytes deleted successfully

C:\Program Files\Live_TV deleted successfully

C:\Program Files\Malwarebytes' Anti-Malware deleted successfully

C:\Program Files\NVIDIA Corporation deleted successfully

C:\Program Files\REGSHAVE deleted successfully

C:\Program Files\Windows Defender deleted successfully

C:\Program Files\WRT54GL_CD_1.1.03_US deleted successfully

C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programma's\KeePass Password Safe 2 deleted successfully

C:\Documents and Settings\Goossens Freddy\Menu Start\Programma's\Startup deleted successfully

C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonEPP deleted successfully

C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonIJEPPEX2 deleted successfully

C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonIJScan deleted successfully

C:\Documents and Settings\All Users.WINDOWS\Application Data\fssg deleted successfully

C:\Documents and Settings\All Users.WINDOWS\Application Data\nView_Profiles deleted successfully

C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller deleted successfully

C:\Documents and Settings\All Users.WINDOWS\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully

C:\Documents and Settings\Gast\Application Data\Google deleted successfully

C:\Documents and Settings\Goossens Freddy\Application Data\Media Player Classic deleted successfully

C:\Documents and Settings\Goossens Freddy\Application Data\Systweak deleted successfully

C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Apple Computer deleted successfully

C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Apple Computer deleted successfully

C:\Documents and Settings\Goossens Freddy\Local Settings\Application Data\DriverTuner deleted successfully

C:\Documents and Settings\Goossens Freddy\Local Settings\Application Data\LogMeIn Rescue Applet deleted successfully

C:\Documents and Settings\Goossens Freddy\Local Settings\Application Data\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-796845957-220523388-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_USERS\S-1-5-21-796845957-220523388-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully

HKEY_USERS\S-1-5-21-796845957-220523388-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully

HKEY_USERS\S-1-5-21-796845957-220523388-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{265EEE8E-3228-44D3-AEA5-F7FDF5860049} deleted successfully

HKEY_USERS\S-1-5-21-796845957-220523388-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{265EEE8E-3228-44D3-AEA5-F7FDF5860049} deleted successfully

HKEY_USERS\S-1-5-21-796845957-220523388-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} deleted successfully

HKEY_USERS\S-1-5-21-796845957-220523388-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-796845957-220523388-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{265EEE8E-3228-44D3-AEA5-F7FDF5860049} deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

==== Deleting Files \ Folders ======================

"C:\WINDOWS\tasks\At1.job" deleted

"C:\WINDOWS\tasks\At2.job" deleted

"C:\WINDOWS\tasks\At3.job" deleted

"C:\WINDOWS\tasks\At4.job" deleted

"C:\WINDOWS\tasks\Scheduled scanning task.job" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\GOOSSE~1\LOCALS~1\Temp ====

====== Java Cache =====

====== C:\WINDOWS\system32 =====

====== C:\WINDOWS\system32\drivers =====

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

======= C: =====

====== C:\Documents and Settings\Goossens Freddy\Application Data ======

====== C:\Documents and Settings\Goossens Freddy ======

2014-01-21 10:22:59 69CA82A7482A00D8EE063D2B97FC4338 781383 -c--a-w- C:\Documents and Settings\Goossens Freddy\Bureaublad\RSIT.exe

2014-01-14 18:37:12 -------- d--h--r- C:\Documents and Settings\Goossens Freddy\Onlangs geopend

====== C: exe-files ==

2014-01-21 10:22:59 69CA82A7482A00D8EE063D2B97FC4338 781383 -c--a-w- C:\Documents and Settings\Goossens Freddy\Bureaublad\RSIT.exe

2014-01-20 12:52:15 03FF685A8A6EEEE0E02A5834D692CECD 3018980 -c--a-w- C:\Documents and Settings\Goossens Freddy\Mijn documenten\Downloads\eab_setup.exe

2014-01-18 08:21:47 1D0A1FF655C6CF2EA2DE4FB6AA8246AD 9046696 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.76\32.0.1700.76_31.0.1650.63_chrome_updater.exe

=== C: other files ==

2014-01-18 09:55:17 E4C17365DD765F829F64CA010F797317 870515 -c--a-w- C:\Documents and Settings\Goossens Freddy\Mijn documenten\Downloads\attachment.zip

2014-01-15 13:13:12 0310CCCE618A6EA9B4B5A7A56B5290F5 141982 -c--a-w- C:\Documents and Settings\Goossens Freddy\Mijn documenten\Downloads\Goossens Freddy Ruddervoorde.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-796845957-220523388-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run]

"Everyday Auto Backup"="C:\Program Files\Everyday Auto Backup\AutoBackup.exe /1"

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"Adobe Reader Synchronizer"="C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-796845957-220523388-682003330-1004\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"

"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming"

"F-Secure Hoster (44163)"="C:\Program Files\Telenet Security Pack\fshoster32.exe -app -hosterid:1"

"F-Secure Manager"="C:\Program Files\Telenet Security Pack\apps\ComputerSecurity\Common\FSM32.EXE /splash"

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Everyday Auto Backup"="C:\Program Files\Everyday Auto Backup\AutoBackup.exe /1"

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"Adobe Reader Synchronizer"="C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ctfmon"

"hkey"="HKCU"

"command"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Everyday Auto Backup]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AutoBackup"

"hkey"="HKCU"

"command"="C:\\Program Files\\Everyday Auto Backup\\AutoBackup.exe /1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EvtMgr6]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SetPoint"

"hkey"="HKLM"

"command"="C:\\Program Files\\Logitech\\SetPointP\\SetPoint.exe /launchGaming"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\F-Secure Hoster (44163)]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="fshoster32"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Telenet Security Pack\\fshoster32.exe\" -app -hosterid:1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ExpressTray"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Garmin\\Express Tray\\ExpressTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\H/PC Connection Agent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Wcescomm"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Microsoft ActiveSync\\Wcescomm.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Component Manager]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="hpcmpmgr"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HPWuSchd2"

"hkey"="HKLM"

"command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogitechCameraAssistant]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="CameraAssistant"

"hkey"="HKLM"

"command"="C:\\Program Files\\Logitech\\Video\\CameraAssistant.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogitechCameraService(E)]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ElkCtrl"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\system32\\ElkCtrl.exe /automation"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogitechVideo[inspector]]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="InstallHelper"

"hkey"="HKLM"

"command"="C:\\Program Files\\Logitech\\Video\\InstallHelper.exe /inspect"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LVCOMSX]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LVCOMSX"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyGarminAgent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MyGarminAgent"

"hkey"="HKLM"

"command"="C:\\Program Files\\Garmin\\MyGarminAgent\\MyGarminAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyPoi Monitor]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MyPoiMonitor"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\MyPoiWorld Shared\\MyPoiMonitor\\MyPoiMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBAgent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NBAgent"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Nero\\Nero 10\\Nero BackItUp\\NBAgent.exe\" /WinStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NvCpl"

"hkey"="HKLM"

"command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvMediaCenter]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NvMcTray"

"hkey"="HKLM"

"command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\nwiz]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="nwiz"

"hkey"="HKLM"

"command"="nwiz.exe /install"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PinnacleDriverCheck]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PSDrvCheck"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\system32\\PSDrvCheck.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PMBVolumeWatcher]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PMBVolumeWatcher"

"hkey"="HKLM"

"command"="C:\\Program Files\\Sony\\PMB\\PMBVolumeWatcher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="qttask"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Shockwave Updater]

"key"="Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce"

"item"="Shockwave Updater"

"command"="C:\\WINDOWS\\system32\\Adobe\\Shockwave 11\\SwHelper_1150595.exe -Update -1150595 -\"Empty (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; tnet.2007feb; GTB6.3; .NET CLR 1.1.4322; InfoPath.1; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)\" -\"http://www.girlsgogames.nl/spel/Girly-Trends-3D.html\""

"hkey"="HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skype"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMan]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SOUNDMAN"

"hkey"="HKLM"

"command"="SOUNDMAN.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="jusched"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="GoogleToolbarNotifier"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\wltray.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="wltray"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\system32\\wltray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Start^Programma's^Opstarten^ExifLauncher2.lnk]

"path"="C:\\Documents and Settings\\All Users.WINDOWS\\Menu Start\\Programma's\\Opstarten\\ExifLauncher2.lnk"

"backup"="C:\\WINDOWS\\pss\\ExifLauncher2.lnkCommon Startup"

"command"="C:\\PROGRA~1\\FINEPI~1\\QUICKD~1.EXE "

"item"="ExifLauncher2"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk]

"path"="C:\\Documents and Settings\\All Users.WINDOWS\\Menu Start\\Programma's\\Opstarten\\Logitech Desktop Messenger.lnk"

"backup"="C:\\WINDOWS\\pss\\Logitech Desktop Messenger.lnkCommon Startup"

"item"="Logitech Desktop Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Start^Programma's^Opstarten^Windows Search.lnk]

"path"="C:\\Documents and Settings\\All Users.WINDOWS\\Menu Start\\Programma's\\Opstarten\\Windows Search.lnk"

"backup"="C:\\WINDOWS\\pss\\Windows Search.lnkCommon Startup"

"command"="C:\\PROGRA~1\\WI459E~1\\WINDOW~1.EXE /startup"

"item"="Windows Search"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [10/12/2013 21:17]

C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a--c--- :C:\Program Files\Apple Software Update\SoftwareUpdate.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cd99a3820c71a8.job --a--c--- C:\Program Files\Google\Update\GoogleUpdate.exe [01/11/2010 19:40]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cc2a5beed27624.job --a--c--- C:\Program Files\Google\Update\GoogleUpdate.exe [01/11/2010 19:40]

C:\WINDOWS\tasks\User_Feed_Synchronization-{3BE973D4-9E6D-4E8E-9D63-4BDC7B476278}.job --ah-c--- C:\WINDOWS\system32\msfeedssync.exe [08/03/2009 04:31]

C:\WINDOWS\tasks\Windows Install Clean Up.job --a--c--- [undetermined Task]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [19/01/2013 16:22]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[22/11/2012 10:30]

ndibdjnfmopecpmkdieinmbadjfpblof - C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search\ChromeExt\15.2.0.5\avg.crx[]

Skype for Chromium - Gast\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Google Wallet - Gast\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Google Docs - Goossens Freddy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Goossens Freddy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

Google Wallet - Goossens Freddy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Google Chrome to Phone Extension - Goossens Freddy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco

Gmail - Goossens Freddy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== C:\zoek_backup content ======================

C:\zoek_backup (files=6 folders=0 2829 bytes)

==== EOF on di 21/01/2014 at 23:34:41,51 ======================

Link naar reactie
Delen op andere sites

Goeie dag

Nu kreeg ik hem niet meer . De laatste keer dat ik die kreeg was toen ik het gemeld heb. Raar dat ik dit af en toe krijg maar dan met andere nummers en of tekens. Is dit mijn f-secure die niet meer goed werkt of een probleem ergens anders dat hij waarneemt? Ik kan dit vermoedelijk terug voorhebben? Ik heb gezien in dat log dat er een hoop onnodige zaken verwijderd zijn en mijn pc daar door heel wat opgeschoond is? Nochtans laat ik af en toe ook CClaener lopen. Ik had ook al hoop dat mijn opstartprobleem er ook mee zou verdwenen zijn, maar dit blijft want na heropstarten,(dat deed hij niet vanzelf na RSIT) bleef die wel 4 keer hangen,dus terug met knop op toren uit en terug inschakelen. Na antwoord hoor ik wat ik eventueel nog moet doen en ik de discussie mag als opgelost beschouwen.

Alvast bedankt.

Link naar reactie
Delen op andere sites

Er is inderdaad behoorlijk wat ongewenst spul verwijderd van de PC, maar je mag nog wel even een extraatje doen:

Download 51a5bf3d99e8a-ComboFixlogo16.pngComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

  • Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  • Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  • Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  • Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  • Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  • Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  • Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  • Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  • Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Illegal operation attempted on a registry key that has been marked for deletion.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.