Ga naar inhoud

Aanbevolen berichten

Geplaatst:

Sinds kort is het CPU-gebruik van mijn pc erg hoog (+/- 45%) terwijl er geen programma draait wat dit kan verklaren. Ik heb wat rondgekeken op de forums van deze site met dezelfde problemen, maar kan er niet goed uitkomen wat ik nu moet doen. Als ik kijk wat voor programma mijn cpu zo hoog maakt, is dat het volgende programma: svchost.exe (LocalSystemNetworkRestricted).

Ik heb het programma Malwarebytes laten scannen en hieruit bleek dat ik last had van Trojan.BitcoinMiner's had. Ik heb toen de processen svchost.exe laten beïndigen via het Taakbeheer.

Nu heb ik echter weer een scan gedaan maar nu zegt Malwarebytes dat er geen bedreigingen meer zijn, maar mijn CPU gebruik blijft onveranderd hoog. (nog steeds rond de 45%)

Kan iemand mij hierbij helpen?

Alvast bedankt!!

Geplaatst:

Hallo,

Ik heb een forum gevonden met hetzelfde probleem, (ook een trage computer), en daar werd aanbevolen een logbestand te posten, wat gemaakt is via het programma RSIT.

Ik heb het besturingssysteem opgezocht, 64 bit, en heb de stappen gevolgd hoe ik het logbestand moet aanmaken en posten. Dus bij deze. Ik hoop dat dit jullie ook op weg helpt en dat ik hiermee wat tijd voor jullie en mijzelf bespaar :-)

Groet, Marino

Logfile of random's system information tool 1.09 (written by random/random)

Run by Marino at 2014-02-17 21:16:19

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 156 GB (34%) free of 462 GB

Total RAM: 3957 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:16:27, on 17-2-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16518)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Users\Marino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Marino.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Marino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)

O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} (Enlite 2.x Simulation Engine Installer) - http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10475 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

"c:\Program Files\Microsoft Security Client\MsMpEng.exe"

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files\Dell\DellDock\DockLogin.exe"

atieclxx

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe"

C:\Windows\system32\WLANExt.exe 32385808

\??\C:\Windows\system32\conhost.exe "-297924225840800066-1733601462-595225488-10682928081387870339475133041-1981701722

C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"

"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"

"taskhost.exe"

"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

C:\Windows\Explorer.EXE

WLIDSvcM.exe 2264

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE"

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

"C:\Users\Marino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun

"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"

"C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe"

"C:\Program Files\Dell\DellDock\DellDock.exe"

"C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[s0].txt

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0

"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3944.0.225504008\102933007" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23 --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=12.104.0.0 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R3_Stable_ArmB/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3944.1.1128156339\716365248" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R3_Stable_ArmB/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3944.2.964460842\1234227449" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R3_Stable_ArmB/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_12/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="3944.4.1970060052\1206414724" /prefetch:673131151

"C:\Users\Marino\Desktop\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]

Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-13 10144288]

"Broadcom Wireless Manager UI"=C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [2009-12-16 5470208]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-07 2122536]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Steam"=C:\Program Files (x86)\Steam\steam.exe [2014-01-07 1815464]

"Spotify Web Helper"=C:\Users\Marino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-02-15 1171968]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"PDVDDXSrv"=C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2008-05-23 128296]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

[]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

C:\Users\Marino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dell Dock.lnk - C:\Program Files\Dell\DellDock\DellDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"wave7"=wdmaud.drv

"midi7"=wdmaud.drv

"mixer7"=wdmaud.drv

"wave8"=wdmaud.drv

"midi8"=wdmaud.drv

"mixer8"=wdmaud.drv

"wave9"=wdmaud.drv

"midi9"=wdmaud.drv

"mixer9"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-02-17 21:16:20 ----D---- C:\Program Files\trend micro

2014-02-17 21:16:19 ----D---- C:\rsit

2014-02-17 20:28:31 ----SHD---- C:\$RECYCLE.BIN

2014-02-17 20:28:27 ----D---- C:\Windows\temp

2014-02-17 20:28:25 ----A---- C:\ComboFix.txt

2014-02-17 20:15:17 ----A---- C:\Windows\SWREG.exe

2014-02-17 20:15:17 ----A---- C:\Windows\PEV.exe

2014-02-17 20:15:17 ----A---- C:\Windows\NIRCMD.exe

2014-02-17 20:15:17 ----A---- C:\Windows\MBR.exe

2014-02-17 20:15:16 ----A---- C:\Windows\zip.exe

2014-02-17 20:15:16 ----A---- C:\Windows\SWSC.exe

2014-02-17 20:15:16 ----A---- C:\Windows\sed.exe

2014-02-17 20:15:16 ----A---- C:\Windows\grep.exe

2014-02-17 17:08:39 ----D---- C:\Qoobox

2014-02-17 17:08:32 ----D---- C:\AdwCleaner

2014-02-17 17:07:50 ----D---- C:\Windows\erdnt

2014-02-17 12:28:21 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys

2014-02-16 19:19:51 ----D---- C:\Users\Marino\AppData\Roaming\Malwarebytes

2014-02-16 19:19:32 ----D---- C:\ProgramData\Malwarebytes

2014-02-16 19:19:23 ----A---- C:\Windows\system32\drivers\mbam.sys

2014-02-16 19:19:22 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-16 19:16:40 ----D---- C:\Program Files\CCleaner

2014-02-16 11:13:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-02-16 11:13:34 ----A---- C:\Windows\system32\vbscript.dll

2014-02-16 11:12:44 ----A---- C:\Windows\SYSWOW64\msrating.dll

2014-02-16 11:12:44 ----A---- C:\Windows\system32\msrating.dll

2014-02-16 11:12:43 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-02-16 11:12:43 ----A---- C:\Windows\system32\ieui.dll

2014-02-16 11:12:42 ----A---- C:\Windows\system32\iernonce.dll

2014-02-16 11:12:42 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-02-16 11:12:42 ----A---- C:\Windows\system32\ie4uinit.exe

2014-02-16 11:12:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-02-16 11:12:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-02-16 11:12:41 ----A---- C:\Windows\system32\msfeeds.dll

2014-02-16 11:12:41 ----A---- C:\Windows\system32\jsproxy.dll

2014-02-16 11:12:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-02-16 11:12:40 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2014-02-16 11:12:40 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2014-02-16 11:12:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2014-02-16 11:12:40 ----A---- C:\Windows\system32\ieUnatt.exe

2014-02-16 11:12:40 ----A---- C:\Windows\system32\iesetup.dll

2014-02-16 11:12:40 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-02-16 11:12:40 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-02-16 11:12:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2014-02-16 11:12:39 ----A---- C:\Windows\system32\mshtml.dll

2014-02-16 11:12:39 ----A---- C:\Windows\system32\jscript9diag.dll

2014-02-16 11:12:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-02-16 11:12:38 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2014-02-16 11:12:38 ----A---- C:\Windows\system32\ieapfltr.dll

2014-02-16 11:12:37 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-02-16 11:12:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-02-16 11:12:37 ----A---- C:\Windows\system32\wininet.dll

2014-02-16 11:12:37 ----A---- C:\Windows\system32\urlmon.dll

2014-02-16 11:12:37 ----A---- C:\Windows\system32\iertutil.dll

2014-02-16 11:12:35 ----A---- C:\Windows\system32\ieframe.dll

2014-02-16 11:12:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-02-16 11:12:33 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-02-16 11:12:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-02-16 11:12:32 ----A---- C:\Windows\system32\jscript9.dll

2014-02-15 15:02:07 ----A---- C:\Windows\system32\msxml3.dll

2014-02-15 15:02:06 ----A---- C:\Windows\SYSWOW64\msxml3r.dll

2014-02-15 15:02:06 ----A---- C:\Windows\SYSWOW64\msxml3.dll

2014-02-15 15:02:06 ----A---- C:\Windows\system32\msxml3r.dll

2014-02-15 15:01:35 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll

2014-02-15 15:01:35 ----A---- C:\Windows\SYSWOW64\d2d1.dll

2014-02-15 15:01:35 ----A---- C:\Windows\system32\d3d10warp.dll

2014-02-15 15:01:35 ----A---- C:\Windows\system32\d2d1.dll

2014-02-15 14:44:02 ----D---- C:\Program Files\McAfee Security Scan

2014-02-08 05:59:24 ----D---- C:\Games

2014-01-20 18:12:01 ----D---- C:\Program Files (x86)\TI Education

2014-01-19 22:41:36 ----A---- C:\Windows\SYSWOW64\javaws.exe

2014-01-19 22:41:30 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

2014-01-19 22:41:29 ----A---- C:\Windows\SYSWOW64\javaw.exe

2014-01-19 22:41:29 ----A---- C:\Windows\SYSWOW64\java.exe

2014-01-18 13:32:41 ----A---- C:\Windows\system32\drivers\usbehci.sys

2014-01-18 13:32:40 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2014-01-18 13:32:40 ----A---- C:\Windows\system32\drivers\usbport.sys

2014-01-18 13:32:40 ----A---- C:\Windows\system32\drivers\usbohci.sys

2014-01-18 13:32:40 ----A---- C:\Windows\system32\drivers\usbhub.sys

2014-01-18 13:32:40 ----A---- C:\Windows\system32\drivers\usbd.sys

2014-01-18 13:32:40 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2014-01-18 13:32:39 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2014-02-17 21:16:20 ----RD---- C:\Program Files

2014-02-17 21:05:49 ----D---- C:\Windows\system32\config

2014-02-17 20:53:22 ----D---- C:\Program Files (x86)\Steam

2014-02-17 20:53:14 ----D---- C:\Windows\inf

2014-02-17 20:53:03 ----D---- C:\Windows\debug

2014-02-17 20:53:03 ----D---- C:\Windows

2014-02-17 20:46:14 ----D---- C:\Windows\System32

2014-02-17 20:46:14 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-02-17 20:30:41 ----D---- C:\Program Files (x86)\Mozilla Firefox

2014-02-17 20:30:40 ----D---- C:\Windows\SysWOW64

2014-02-17 20:24:55 ----A---- C:\Windows\system.ini

2014-02-17 20:24:48 ----D---- C:\Windows\system32\drivers\etc

2014-02-17 20:21:36 ----D---- C:\Windows\SYSWOW64\drivers

2014-02-17 20:21:36 ----D---- C:\Windows\AppPatch

2014-02-17 20:21:35 ----D---- C:\Program Files (x86)\Common Files

2014-02-17 20:15:22 ----D---- C:\Windows\Prefetch

2014-02-17 20:13:26 ----D---- C:\Windows\system32\drivers

2014-02-17 20:12:07 ----D---- C:\Windows\system32\Tasks

2014-02-17 16:57:49 ----D---- C:\ProgramData

2014-02-17 13:14:38 ----RSD---- C:\Windows\assembly

2014-02-17 13:14:38 ----D---- C:\Windows\Microsoft.NET

2014-02-17 13:03:06 ----D---- C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP

2014-02-17 13:01:42 ----SHD---- C:\System Volume Information

2014-02-17 12:05:06 ----SHD---- C:\Windows\Installer

2014-02-16 23:55:25 ----D---- C:\Program Files (x86)

2014-02-16 23:23:03 ----D---- C:\Windows\system32\MRT

2014-02-16 20:12:08 ----A---- C:\Windows\system32\MRT.exe

2014-02-16 19:21:37 ----D---- C:\Users\Marino\AppData\Roaming\DAEMON Tools Pro

2014-02-16 19:21:37 ----D---- C:\Users\Marino\AppData\Roaming\DAEMON Tools Lite

2014-02-16 19:21:29 ----D---- C:\Users\Marino\AppData\Roaming\uTorrent

2014-02-16 19:20:41 ----D---- C:\Windows\Panther

2014-02-16 19:20:41 ----D---- C:\Windows\ModemLogs

2014-02-16 19:20:32 ----D---- C:\Windows\Logs

2014-02-16 19:20:31 ----D---- C:\Windows\Minidump

2014-02-16 19:09:05 ----D---- C:\Windows\Tasks

2014-02-16 19:09:04 ----D---- C:\Windows\system32\wfp

2014-02-16 19:09:01 ----D---- C:\Windows\system32\wbem

2014-02-16 19:08:14 ----D---- C:\Windows\system32\DriverStore

2014-02-16 19:08:14 ----D---- C:\Windows\system32\catroot2

2014-02-16 19:08:13 ----D---- C:\Windows\winsxs

2014-02-16 19:08:11 ----DC---- C:\Windows\system32\DRVSTORE

2014-02-16 19:08:07 ----D---- C:\ProgramData\Ubisoft

2014-02-16 19:08:07 ----D---- C:\ProgramData\McAfee Security Scan

2014-02-16 19:08:07 ----D---- C:\ProgramData\DAEMON Tools Lite

2014-02-16 19:08:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2014-02-16 19:08:05 ----D---- C:\Program Files\WIDCOMM

2014-02-16 19:08:05 ----D---- C:\Program Files\MotioninJoy

2014-02-16 19:08:05 ----D---- C:\Program Files (x86)\Ubisoft

2014-02-16 19:08:05 ----D---- C:\Program Files (x86)\SopCast

2014-02-16 19:08:04 ----D---- C:\Windows\registration

2014-02-16 15:42:08 ----D---- C:\Program Files\Internet Explorer

2014-02-16 15:42:08 ----D---- C:\Program Files (x86)\Internet Explorer

2014-02-16 15:29:14 ----D---- C:\Users\Marino\AppData\Roaming\Spotify

2014-02-16 11:26:03 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

2014-02-16 11:20:30 ----D---- C:\Windows\system32\catroot

2014-02-15 23:13:58 ----D---- C:\Windows\system32\NDF

2014-02-08 17:19:26 ----D---- C:\ProgramData\Electronic Arts

2014-02-08 17:04:28 ----HD---- C:\Users\Marino\AppData\Roaming\Origin

2014-02-08 06:09:51 ----D---- C:\ProgramData\Origin

2014-02-07 17:38:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-02-04 09:39:36 ----A---- C:\Windows\system32\msvcr100.dll

2014-02-04 09:39:36 ----A---- C:\Windows\system32\msvcp100.dll

2014-01-20 18:12:07 ----A---- C:\AUTOEXEC.BAT

2014-01-19 22:49:06 ----D---- C:\ProgramData\Oracle

2014-01-19 22:41:29 ----D---- C:\Program Files (x86)\Java

2014-01-19 12:30:34 ----D---- C:\ProgramData\Microsoft Help

2014-01-19 08:33:29 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]

R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2007-11-14 53488]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-14 283064]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29 581120]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]

R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2009-12-16 22520]

R3 BCM43XX;Stuurprogramma voor DW WLAN-kaart; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-12-16 3053560]

R3 BcmVWL;Broadcom Virtual Wireless; C:\Windows\system32\DRIVERS\bcmvwl64.sys [2009-12-16 20984]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-13 2345760]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]

R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2011-08-29 117520]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-06 321584]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2010-08-19 74960]

S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 121872]

S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]

S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]

S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]

S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]

S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-03-30 53800]

S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2010-03-30 98344]

S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-03-30 132648]

S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-30 35104]

S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-03-30 21160]

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-11-24 98616]

S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]

S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]

S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]

S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]

S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]

S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-12-02 27136]

S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2010-12-02 12800]

S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-12-02 171008]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-01-07 232992]

S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2011-11-24 203320]

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]

S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-12-02 9216]

S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []

S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]

S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-12-02 9216]

S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-29 241152]

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-12-29 873248]

R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2010-01-11 155648]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]

R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-29 76888]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]

R2 wltrysvc;DW WLAN Tray Service; C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE [2009-12-16 48128]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-10 116648]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-07 257928]

S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-10 116648]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 289256]

S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]

S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-07 569768]

S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2009-01-16 74392]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-16 1255736]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-07-14 81920]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Geplaatst:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {87775fdb-6972-41f9-ae51-8326e38cb206};c
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}];r64
 C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP;f
  emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Geplaatst:

Bedankt voor de snelle reactie!:-)

Bij deze de Log resultaten van zoek.exe.

Zoek.exe v5.0.0.0 Updated 17-February-2014

Tool run by Marino on di 18-02-2014 at 5:34:42,72.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Marino\Downloads\zoek (1).exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

18-2-2014 5:36:19 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\PROGRA~3\eMule deleted successfully

C:\PROGRA~3\NokiaAccount deleted successfully

C:\PROGRA~3\Oracle deleted successfully

C:\PROGRA~3\Roxio deleted successfully

C:\PROGRA~3\THQ deleted successfully

C:\Users\Marino\AppData\Roaming\GetRightToGo deleted successfully

C:\Users\Marino\AppData\Roaming\Windows Live Writer deleted successfully

C:\Users\Marino\AppData\Local\DataSafeOnline deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}]

==== Deleting Files \ Folders ======================

C:\PROGRA~2\SopCast deleted

C:\extensions deleted

C:\found.000 deleted

C:\found.001 deleted

C:\PROGRA~3\Package Cache deleted

C:\Users\Marino\AppData\LocalLow\uTorrentBar_NL deleted

C:\user.js deleted

"C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP\WiseCustomCalla.dll" deleted

"C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-02-17 19:15:17 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe

2014-02-17 19:15:17 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe

2014-02-17 19:15:16 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe

2014-02-17 19:15:16 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe

2014-02-17 19:15:16 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe

====== C:\Users\Marino\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2014-02-16 16:58:12 574B81F1A6626075C987BAEE2AF90F3E 669340 ----a-w- C:\Windows\SysWOW64\scrypt130511Cedarglg2tc4032w64l4.bin

2014-02-16 10:13:34 3D485254E43EF4E4F707346B5731EA9A 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-02-16 10:12:44 B8F28AAC003060E3B125D2447CFC19E2 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-02-16 10:12:44 B5B3334F177CED627C2D7FE38235B6B1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-02-16 10:12:43 85AC8EB265EDCAD86D651D45C5E3AB83 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll

2014-02-16 10:12:41 C9D1131E2163CE932DF3EAAF0EEA3673 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-02-16 10:12:41 6A06EB11F1E5BDAA795DAE7838F9FE20 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-02-16 10:12:40 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-02-16 10:12:40 408805B8083896DC95E6340F4016BEBD 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-02-16 10:12:40 260D6B421E5551E8BA75D16B5CA90D9A 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2014-02-16 10:12:40 0E7B7C9F483300F9FF97C6A1E4BC4F57 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-02-16 10:12:39 0F739443669F3A48F1B2325995117BFE 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2014-02-16 10:12:38 5DD49C02D059C1E6E47A8FB4A076C9B1 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2014-02-16 10:12:38 34CBED7698D557DDB43F8732FBC2ACB9 2168320 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-02-16 10:12:37 9C89246184979A070B0C6CCF61C68136 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-02-16 10:12:37 5D9DC6332A4FC66388B09BBE7CF53750 1156096 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-02-16 10:12:36 40E68599FE3A10F816217D3789FCE74E 1964032 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2014-02-16 10:12:34 79FA7D8B488F90EDE325963379A6F738 11266048 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-02-16 10:12:33 C863E5A2417DF0F2A31ED32C3B2CB23F 17103872 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-02-16 10:12:33 99280392987A1A96C756A9F38C4CE396 4244480 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-02-15 14:02:06 E4561704CBFA193761743E5AF746C669 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll

2014-02-15 14:02:06 17B06F23237FCD731FA2E10ECD6EDFE1 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll

2014-02-15 14:01:35 D96106CF60505734B14F6AE80AAA4B07 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll

2014-02-15 14:01:35 14800BD31701A5047AC3145BB1E698AE 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-02-16 10:13:34 F67C7D80745379DC4C5332EFFE5AC696 548864 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-02-16 10:12:45 94C59DD02BC7EA0E421055B9946CA861 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-02-16 10:12:44 1D1D7F52EC84294859642A4309FE648E 195584 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-02-16 10:12:43 63B5E990896BA81D604032A48CC80A5C 574976 ----a-w- C:\Windows\Sysnative\ieui.dll

2014-02-16 10:12:42 FD08F8BA2437A85F500EFFE3FD3158A6 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-02-16 10:12:42 E77092C38028EB0A5C461B3436E0A6D5 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2014-02-16 10:12:42 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-02-16 10:12:41 CDE728C8FB1D6E132CED44835FA44C87 627200 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-02-16 10:12:41 99ED8FBAFD325550D07A32664D9E3CC8 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-02-16 10:12:40 FCFAEDF0AA1A78A1875FDB798598408B 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2014-02-16 10:12:40 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2014-02-16 10:12:40 C1E2C16D58D76323800C3EE5E2C5095A 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-02-16 10:12:40 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2014-02-16 10:12:39 D016F5092E4FFC41147E8555A71D2DDE 23170048 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-02-16 10:12:39 3906C9640406FC0FC00A324947C74893 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2014-02-16 10:12:38 F348B2D0983C91392632B4291C517AA4 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2014-02-16 10:12:37 6300AD525D639CECBB3D144B6D7B30F9 2765824 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-02-16 10:12:37 263B6E451526A90FF8B1CEC759F22956 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-02-16 10:12:37 22874047B810B5B174C68ACD7C0B6510 1393664 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-02-16 10:12:36 83296DE8CFFEADA636DCC1AB2E3BF643 2041856 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2014-02-16 10:12:35 DB02F4D37E5F7F07A0D0F9FAA68249EE 13051392 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-02-16 10:12:32 5922EEA922D3AD686342F866CAEE851F 5768704 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-02-15 14:02:07 0D298133C359AB8CB9EB4FA178BF3947 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll

2014-02-15 14:02:06 CD2C20CC3B385A32701F78C0ACBBE9F3 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll

2014-02-15 14:01:35 E8710B5DDA963E6BA198DF5FB209E72A 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll

2014-02-15 14:01:35 C676E5EA388AF7C4C031F56F9B42E362 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll

====== C:\Windows\Sysnative\drivers =====

2014-02-17 11:28:21 CD51E1D0D638F1E07A6EDC98CD7F5DDA 91352 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys

2014-02-16 18:19:23 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

====== C:\Windows\Tasks ======

2014-02-17 11:31:07 C5E3AF362BFFCE3A48681636B945EA76 3156 ----a-w- C:\Windows\Sysnative\Tasks\{9238A748-04F3-4A2F-90EF-5D0E5392C482}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-02-17 20:16:20 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-01-20 17:12:01 -------- d-----w- C:\PROGRA~2\TI Education

2014-01-20 17:12:01 -------- d-----w- C:\PROGRA~2\COMMON~1\TI Shared

======= C: =====

====== C:\Users\Marino\AppData\Roaming ======

2014-02-17 19:28:27 -------- d-----w- C:\Users\Public\AppData\Local\temp

2014-02-17 19:28:27 -------- d-----w- C:\Users\Default\AppData\Local\temp

2014-02-17 19:28:27 -------- d-----w- C:\Users\Default User\AppData\Local\temp

2014-02-16 17:57:30 644F0FBD33FF2BD18321108D99679C59 7606 ----a-w- C:\Users\Marino\AppData\Local\Resmon.ResmonCfg

2014-02-15 17:32:16 -------- d--h--w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Origin

====== C:\Users\Marino ======

2014-02-17 20:11:51 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Marino\Desktop\RSITx64.exe

2014-02-17 19:51:37 755246A3D44BFDB8A66DB8C19122724B 4721920 ----a-w- C:\Users\Marino\Downloads\ccsetup410.exe

2014-02-17 19:28:27 -------- d-----w- C:\Users\Public\AppData

2014-02-17 16:07:54 9E2C88B8CF7E372951C83514F2D0DDDC 1241888 ----a-w- C:\Users\Marino\Downloads\AdwCleaner.exe

2014-02-17 16:06:27 444D1016CF8768D83B05DCFB9974D001 3813376 ----a-w- C:\Users\Marino\Downloads\RogueKiller.exe

2014-02-17 11:30:34 008DE55BAED62FBE32A983A54E6F1233 204496 ----a-w- C:\Users\Marino\Downloads\startuplite-setup-1.07.exe

2014-02-17 11:27:26 99D69C3E87FE1556B76886F778480E2D 12589848 ----a-w- C:\Users\Marino\Downloads\mbar-1.07.0.1009.exe

2014-02-17 11:19:10 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Marino\Downloads\mbam-setup-1.75.0.1300.exe

2014-01-20 17:12:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI-83 Plus Flash Debugger

2014-01-19 21:41:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==

2014-02-17 20:41:29 36D77E582C5265F521A8A3EC9CC4F64A 2924736 ----a-w- C:\Users\Marino\Downloads\ProcessExplorer\procexp.exe

2014-02-17 20:16:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Marino.exe

2014-02-17 20:11:51 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Marino\Desktop\RSITx64.exe

2014-02-17 19:51:37 755246A3D44BFDB8A66DB8C19122724B 4721920 ----a-w- C:\Users\Marino\Downloads\ccsetup410.exe

2014-02-17 19:15:17 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe

2014-02-17 19:15:17 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe

2014-02-17 19:15:16 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe

2014-02-17 19:15:16 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe

2014-02-17 19:15:16 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe

2014-02-17 16:07:54 9E2C88B8CF7E372951C83514F2D0DDDC 1241888 ----a-w- C:\Users\Marino\Downloads\AdwCleaner.exe

2014-02-17 16:06:27 444D1016CF8768D83B05DCFB9974D001 3813376 ----a-w- C:\Users\Marino\Downloads\RogueKiller.exe

2014-02-17 11:30:34 008DE55BAED62FBE32A983A54E6F1233 204496 ----a-w- C:\Users\Marino\Downloads\startuplite-setup-1.07.exe

2014-02-17 11:28:19 7C3400A4EAE86C697F74756F783B9DA3 1180472 ----a-w- C:\Users\Marino\Desktop\mbar\mbar.exe

2014-02-17 11:28:16 BA63FE28CD27A9B3501883689EBE4D5C 821560 ----a-w- C:\Users\Marino\Desktop\mbar\Plugins\fixdamage.exe

2014-02-17 11:27:26 99D69C3E87FE1556B76886F778480E2D 12589848 ----a-w- C:\Users\Marino\Downloads\mbar-1.07.0.1009.exe

2014-02-17 11:19:10 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Marino\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-16 22:22:28 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe

2014-02-16 22:22:28 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe

2014-02-16 22:22:28 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe

2014-02-16 22:21:59 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe

2014-02-16 22:21:59 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe

2014-02-16 22:21:57 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe

2014-02-16 22:21:50 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe

2014-02-16 10:12:42 27516B54E116D5EF8B0129B5C829A87C 218624 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-02-16 10:12:41 AFAB9B381886ABE3490689B7633A858F 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-02-16 10:12:41 9E8F9FDD407DDE997965EEFD9E635CCF 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-02-16 10:12:40 E129D34089E70215B65EA611F802FA9A 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-02-16 10:12:40 7D6B20C69CC8EECB8F31D4FAF913BBE8 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2014-02-16 10:12:40 338415F2E9A188875B6E43B5269620B0 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-02-16 10:12:37 C6E1178294BDEAB1CACF50427688DF05 806104 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-02-16 10:12:36 4263F6C131E513CEA1AE82B5B81A4E1A 808152 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

=== C: other files ==

2014-02-17 20:41:17 548C439ECE40F3D3D3776124ED3E937A 1243588 ----a-w- C:\Users\Marino\Downloads\ProcessExplorer.zip

2014-02-17 11:28:21 CD51E1D0D638F1E07A6EDC98CD7F5DDA 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

2014-02-16 18:19:23 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-02-15 17:32:16 1FBE6DD7B17E6EC533D4C9F26E9EB1E0 114749 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Roaming\Origin\update.vbe

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-4116131984-1994455510-1138838673-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"

"Spotify Web Helper"="C:\Users\Marino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PDVDDXSrv"="C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"amd_dc_opt"="C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"

"Spotify Web Helper"="C:\Users\Marino\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"Broadcom Wireless Manager UI"="C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

==== Startup Folders ======================

2011-03-22 17:56:27 1984 ----a-w- C:\Users\Marino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

2011-03-21 15:24:35 834 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

2013-11-30 13:10:35 1933 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [07-02-2014 17:38]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{DC4FD3FD-094F-40AA-88BD-C7952BF0F60A}" [C:\Windows\system32\msfeedssync.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"="C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension" []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bopakagnckmlgajfccecajhnimjiiedh - No path found[]

Google Drive - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Until AM for Chrome - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl

Google Wallet - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Last updated at time on date - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch

Gmail - Marino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://www.google.com"

"SearchAssistant"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

"Use Search Asst"="no"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Marino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Marino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Marino\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=169 folders=97 107334699 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Public\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Marino\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Marino\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on di 18-02-2014 at 6:08:07,38 ======================

Geplaatst:

In het plaatje dat jij zojuist geplaatst hebt, is het processorgebruik slechts 1%. Dat is prima. Kijk voor het processorgebruik helemaal onderaan in dat plaatje. Of klik in Taakbeheer op het tabblad Prestaties. Dan zie je het processorgebruik ook.

Misschien ben je in de war met het gebruikte fysiek geheugen? Dat is in jouw plaatje 48%. Dat wil zeggen dat 48% van de 4 GB aan werkgeheugen op dat moment gebruikt wordt. En dat las ik ook al in het logbestand van RSI: Total RAM: 3957 MB (52% free).

En in jouw afbeelding (waarin jij een vinkje hebt staan voor 'Processen van alle gebruikers weergeven') zie je inderdaad dat 2 van die svchost processen samen flink wat van je werkgeheugen gebruiken.

Geplaatst:

Porrelaar,

Dank je voor de correctie! Ik bedoelde inderdaad mijn fysiek geheugen wat hoog was. IK heb nu een volledige scan gedaan met Malwarebytes én Spyhunter 4, waarbij geen enkele serieuze malware of virus werd gevonden. Enkel wat cookies en Snap.do wat werd geblokkeerd. Dus van dat Trojan.Bitcoinminer ben ik in ieder geval al af. Bedankt hiervoor!:top:

Ik was alleen bang dat die svchost processen nog steeds wat te maken hadden met die Trojan, want dit was eerst wel het geval volgens de Malwarebytes scan namelijk. Nu weet ik echter niet of het normaal is dat die svchost processen zoveel werkgeheugen eisen?

Geplaatst:
Nu weet ik echter niet of het normaal is dat die svchost processen zoveel werkgeheugen eisen?

Dat laat ik ter beoordeling over aan kape. Die heeft daar veel meer verstand van.

In mijn Taakbeheer tel ik maar liefst 12 keer dat svchost.exe proces. Bij mij neemt het grootste scvhost proces 132 MB in beslag. Alle 12 svchost.exe processen bij elkaar is bij mij circa 193 MB. Naar mijn weten staat er op mijn pc geen malware.

Als ik jou was zou ik nog even een reactie van kape afwachten.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.