Ga naar inhoud

RSIT logje: routinecontrole ...


Aanbevolen berichten

Logfile of random's system information tool 1.10 (written by random/random)

Run by tim at 2014-10-01 17:39:25

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 148 GB (57%) free of 259 GB

Total RAM: 2271 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:40:07, on 1/10/2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16575)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXEa

C:\Windows\RtHDVCpl.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Windows\ehome\ehmsas.exe

C:\Users\tim\Desktop\RSIT.exe

C:\Program Files\trend micro\tim.exe

C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\AVAST Software\Avast\Setup\instup.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = msn

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe

O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe

O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

O23 - Service: Transbase - Transaction Software, D 81737 Munich - C:\BMWgroup\ETKLokal\transbase\tbmux32.exe

--

End of file - 7117 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-01 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-01 857648]

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-01 4085896]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]

""= []

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-26 149040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]

C:\Windows\ASScrProlog.exe [2007-10-11 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]

C:\Windows\ASScrPro.exe [2007-10-11 33136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]

C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-03-26 1057328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSN Toolbar]

C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\mswinext.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-26 161328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2023-04-03 16:06:00 ----A---- C:\Windows\system32\vbSendMail.dll

2014-10-01 17:39:25 ----DC---- C:\rsit

2014-10-01 17:39:25 ----D---- C:\Program Files\trend micro

2014-10-01 17:31:48 ----D---- C:\ProgramData\Oracle

2014-10-01 17:31:40 ----D---- C:\Program Files\Common Files\Java

2014-10-01 17:31:32 ----A---- C:\Windows\system32\javaws.exe

2014-10-01 17:31:19 ----A---- C:\Windows\system32\WindowsAccessBridge.dll

2014-10-01 17:31:19 ----A---- C:\Windows\system32\javaw.exe

2014-10-01 17:31:19 ----A---- C:\Windows\system32\java.exe

2014-10-01 17:27:14 ----A---- C:\Windows\avastSS.scr

2014-09-24 03:00:44 ----A---- C:\Windows\system32\tzres.dll

2014-09-11 03:22:58 ----A---- C:\Windows\system32\vbscript.dll

2014-09-11 03:22:58 ----A---- C:\Windows\system32\mshtmled.dll

2014-09-11 03:22:57 ----A---- C:\Windows\system32\msfeedsbs.dll

2014-09-11 03:22:57 ----A---- C:\Windows\system32\msfeeds.dll

2014-09-11 03:22:57 ----A---- C:\Windows\system32\jsproxy.dll

2014-09-11 03:22:56 ----A---- C:\Windows\system32\dxtmsft.dll

2014-09-11 03:22:55 ----A---- C:\Windows\system32\iertutil.dll

2014-09-11 03:22:54 ----A---- C:\Windows\system32\dxtrans.dll

2014-09-11 03:22:53 ----A---- C:\Windows\system32\wininet.dll

2014-09-11 03:22:53 ----A---- C:\Windows\system32\msfeedssync.exe

2014-09-11 03:22:53 ----A---- C:\Windows\system32\ieui.dll

2014-09-11 03:22:52 ----A---- C:\Windows\system32\jscript.dll

2014-09-11 03:22:51 ----A---- C:\Windows\system32\jscript9.dll

2014-09-11 03:22:50 ----A---- C:\Windows\system32\url.dll

2014-09-11 03:22:50 ----A---- C:\Windows\system32\ieUnatt.exe

2014-09-11 03:22:49 ----A---- C:\Windows\system32\mshta.exe

2014-09-11 03:22:48 ----A---- C:\Windows\system32\urlmon.dll

2014-09-11 03:22:47 ----A---- C:\Windows\system32\ieframe.dll

2014-09-11 03:22:43 ----A---- C:\Windows\system32\mshtml.dll

======List of files/folders modified in the last 1 month======

2014-10-01 17:39:54 ----D---- C:\Windows\Prefetch

2014-10-01 17:39:25 ----D---- C:\Program Files

2014-10-01 17:39:20 ----DC---- C:\Windows\Temp

2014-10-01 17:38:17 ----A---- C:\Windows\system32\acovcnt.exe

2014-10-01 17:38:12 ----D---- C:\Windows\system32\drivers

2014-10-01 17:36:42 ----D---- C:\Windows

2014-10-01 17:31:48 ----HD---- C:\ProgramData

2014-10-01 17:31:41 ----SHD---- C:\Windows\Installer

2014-10-01 17:31:41 ----HD---- C:\Config.Msi

2014-10-01 17:31:40 ----D---- C:\Program Files\Common Files

2014-10-01 17:31:32 ----D---- C:\Windows\System32

2014-10-01 17:31:14 ----D---- C:\Program Files\Java

2014-10-01 17:29:13 ----SHD---- C:\System Volume Information

2014-10-01 17:27:24 ----D---- C:\Windows\system32\Tasks

2014-10-01 17:27:14 ----A---- C:\Windows\system32\aswBoot.exe

2014-10-01 17:25:08 ----D---- C:\Windows\inf

2014-09-29 17:55:49 ----D---- C:\Windows\rescache

2014-09-27 15:13:10 ----DC---- C:\ADCDA2

2014-09-24 20:05:26 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2014-09-24 03:01:38 ----D---- C:\Windows\winsxs

2014-09-24 03:01:38 ----D---- C:\Windows\system32\nl-NL

2014-09-24 03:01:18 ----D---- C:\Windows\system32\catroot

2014-09-23 20:37:35 ----DC---- C:\NOHAU

2014-09-23 20:23:10 ----DC---- C:\HBSwin01

2014-09-23 19:58:05 ----N---- C:\Windows\Setup1.exe

2014-09-23 19:58:03 ----A---- C:\Windows\ST6UNST.EXE

2014-09-14 22:19:30 ----D---- C:\Windows\Debug

2014-09-12 19:07:02 ----D---- C:\Windows\system32\catroot2

2014-09-11 03:40:51 ----D---- C:\Windows\system32\migration

2014-09-11 03:40:49 ----D---- C:\Program Files\Internet Explorer

2014-09-11 03:36:19 ----D---- C:\Windows\Microsoft.NET

2014-09-11 03:34:58 ----RSD---- C:\Windows\assembly

2014-09-11 03:21:10 ----D---- C:\Windows\system32\MRT

2014-09-11 03:06:34 ----A---- C:\Windows\system32\mrt.exe

2014-09-11 03:02:06 ----A---- C:\Windows\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-01 49944]

R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-01 192352]

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 8192]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 193552]

R0 pssnap;Paramount Software Snapshot Filter; C:\Windows\system32\DRIVERS\pssnap.sys [2011-07-01 16024]

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-10-01 55112]

R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-10-01 779536]

R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-10-01 414520]

R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-10-01 57800]

R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-03-26 37040]

R1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-03-26 39472]

R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-01 24184]

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-01 67824]

R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 99272]

R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-24 42496]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-07-21 2920448]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]

R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]

R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]

R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-01-23 50176]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]

R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2005-05-26 839724]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-01 182456]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-03-26 108592]

S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]

S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]

S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]

S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]

S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

S3 NETw3v32;Intel® PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]

S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-10-14 4422560]

S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-07-21 2920448]

S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]

S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]

S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2007-06-12 119424]

S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]

S3 USBCCID;USB-smartcardlezer; C:\Windows\system32\DRIVERS\usbccid.sys [2009-04-11 30208]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-07-21 610304]

R2 Autodata Limited License Service;Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [2011-01-25 72704]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-01 50344]

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-03-26 864816]

R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]

R2 ReflectService;Macrium Reflect Image Mounting Service; C:\Program Files\Macrium\Reflect\ReflectService.exe [2011-07-01 220824]

R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]

R2 Transbase;Transbase; C:\BMWgroup\ETKLokal\transbase\tbmux32.exe [2004-08-05 385024]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]

R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-26 267824]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-16 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-16 136176]

S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-26 779824]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Hallo collega, :-)

Nou nou, dat ziet er netjes uit hoor. Uit de titel "routinecontrole" maak ik op dat er niet direct klachten zijn met de computer?

Om die reden lijkt het mij ook niet nodig om tests te gaan doen met 5 verschillende tools. Nog even een anti-malware scanner en Zoek.exe lijkt me wel voldoende... op voorwaarde natuurlijk dat de resultaten schoon zijn en er effectief geen klachten zijn met de computer. ;-)

  1. Download 53f33878ecafb-Emsisoft-Anti-Malware-logo.pngEmsisoft Anti-Malware naar het bureaublad.
    De volledige installatieprocedure kunt u nalezen op de volgende link - Emsisoft Anti-Malware installeren.
    Emsisoft Anti-Malware uitvoeren
    • Dubbelklik op "EmsisoftAntiMalwareSetup.exe" om Emsisoft Anti-Malware te installeren.
    • Selecteer de optie "Ik accepteer de licentieovereenkomst" en klik op "Installeren"
    • Klik in het licentiescherm de 30 dagen probeerversie "Test 30 days for free". (Hierna kan je het programma als gratis versie blijven gebruiken)
    • Klik in het volgende scherm op de optie "Join the Emsisoft Anti-Malware Network".
    • Vervolgens zal het programma de benodigde updates installeren.
    • Kies in het scherm bij "Potentially Unwanted Programs" voor de optie Enable PUPs detection.
    • Kies vervolgens de optie "Full scan",
    • Laat de gevonden items in quarantaine plaatsen en klik op "Rapport bekijken", het logbestand wordt nu automatisch geopend.
    • Voeg het logbestand met de naam "a2scan_xxxxxx-xxxxxx" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u terug vinden in de map "C:\Users\Gebruikersnaam\Documents\Anti-Malware\Reports")

[*]Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie).


  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

autoclean; 
emptyfolderscheck;delete 
emptyclsid; 


  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Er zijn inderdaad niet meteen klachten ... bekijk het als "periodiek groot onderhoud": de winter nadert stilaan en dan gaat ie weer wat intensiever gebruikt worden, deze 7-jarige soepel draaiende Vista. :-)

[ATTACH]36206[/ATTACH]

[ATTACH]36207[/ATTACH]

Link naar reactie
Delen op andere sites

Goedemorgen,

Uit het logje van Emsisoft Anti-Malware blijkt dat taakbeheer en de registry editor vergrendeld waren bij een bepaald gebruikersaccount. Normaal gesproken zou deze beperking nu opgeheven moeten zijn.

Indien je dit met een reden hebt ingesteld zal je dit dus opnieuw moeten instellen.

Verder zien beide logjes er goed uit en denk ik wel dat deze Vista de winter zal overleven. :-)

Met Delfix kan je Zoek.exe, RSIT en de gemaakte logbestanden opnieuw verwijderen. Emsisoft Anti-Malware (EAM) wordt hiermee niet verwijderd en zal na de 30-dagen proefperiode een melding geven om over te schakelen naar de gratis of de betalende versie. Vanaf dan kan je EAM gebruiken als aanvullende anti-malware scanner naast je huidige antivirus.

Indien je EAM toch wenst te verwijderen kan dat via het configuratiescherm - Programma's.

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:


  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.