Logfile advies laptop schoonvader

[Have0]

Beste lezer/lezeres,

 

ik heb vele goede

ervaringen met jullie. Kan iemand de laptop van mijn schoonvader nakijken ? Hoe kan ik logfile maken sturen?

Alvast bedankt

[Have0]

Ik heb het gevonden. Kan iemand naar de logfile kijken ?

Logfile of random's system information tool 1.10 (written by random/random)
Run by Dell at 2016-03-26 19:55:12
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 435 GB (91%) free of 477 GB
Total RAM: 3984 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:18, on 26-3-2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Dell.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5318 bytes

======Listing Processes======

 

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2736 CREDAT:267521 /prefetch:2
C:\Windows\system32\Macromed\Flash\FlashUtil64_21_0_0_182_ActiveX.exe -Embedding
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
"c:\Program Files\Microsoft Security Client\MpCmdRun.exe" SignatureUpdate -ScheduleJob -RestrictPrivileges -Reinvoke
"c:\Program Files\Microsoft Security Client\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
\??\C:\Windows\system32\conhost.exe "128071941120164839871243761920-547327974-202603182-2139862016-541840692951582908
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2650839078-725277807-864521042-10006_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2650839078-725277807-864521042-10006 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"  "1"

C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2736 CREDAT:2168105 /prefetch:2
"C:\Users\Dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SMCRNSIY\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-02-12 8641240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
C:\Windows\System32\browserchoice.exe [2010-02-23 294912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2014-01-25 771544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2014-01-25 391128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2014-01-25 770520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-25 624640]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-26 19:55:12 ----D---- C:\rsit
2016-03-26 19:55:12 ----D---- C:\Program Files\trend micro
2016-02-27 13:55:58 ----D---- C:\AdwCleaner
2016-02-27 13:48:59 ----D---- C:\Windows\Temp9EC47DE8-57C1-FCBC-920D-E1FF9846959D-Signatures
2016-02-27 13:40:18 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 month======

2016-03-26 19:55:12 ----RD---- C:\Program Files
2016-03-26 19:55:10 ----D---- C:\Windows\Temp
2016-03-26 19:43:37 ----D---- C:\Windows\SysWOW64
2016-03-26 19:43:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-03-26 19:35:42 ----D---- C:\Windows\system32\config
2016-03-24 09:04:32 ----SHD---- C:\System Volume Information
2016-03-02 08:59:58 ----D---- C:\Windows\System32
2016-03-02 08:59:58 ----D---- C:\Windows\inf
2016-03-02 08:59:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-28 09:48:59 ----D---- C:\Windows\winsxs
2016-02-28 09:47:34 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-28 09:47:34 ----SD---- C:\Windows\system32\GWX
2016-02-27 14:46:22 ----D---- C:\Windows\system32\catroot
2016-02-27 14:45:55 ----SHD---- C:\Windows\Installer
2016-02-27 14:45:19 ----D---- C:\Windows
2016-02-27 14:45:15 ----D---- C:\Windows\system32\drivers
2016-02-27 14:45:12 ----D---- C:\Program Files\Microsoft Security Client
2016-02-27 14:45:10 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-02-27 14:44:35 ----D---- C:\Windows\system32\catroot2
2016-02-27 14:21:41 ----D---- C:\Windows\Microsoft.NET
2016-02-27 14:14:33 ----RSD---- C:\Windows\assembly
2016-02-27 13:58:02 ----D---- C:\Windows\SYSWOW64\nl-NL
2016-02-27 13:58:02 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-27 13:58:02 ----D---- C:\Windows\system32\nl-NL
2016-02-27 13:58:02 ----D---- C:\Windows\system32\en-US
2016-02-27 13:58:02 ----D---- C:\Program Files\Internet Explorer
2016-02-27 13:58:02 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-27 13:52:59 ----D---- C:\Windows\Panther
2016-02-27 13:52:59 ----D---- C:\Windows\Logs
2016-02-27 13:52:59 ----D---- C:\Windows\debug
2016-02-27 13:40:23 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-11-13 289120]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Dell Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-01-23 3851776]
R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-25 4221440]
R3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-08-15 368624]
R3 iusb3xhc;Intel® USB 3.0 uitbreidbare hostcontroller-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-08-15 790000]
R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-12-19 99288]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 133816]
R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2012-12-21 326368]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-06-18 872152]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 23808]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 374344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-26 269504]
S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-25 279000]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-16 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Asus]

Je topic werd verplaatst naar Bestrijding malware & virussen, zo blijft het forum overzichtelijk.

Na de analyse van je logje door een malware-expert krijg je persoonlijke begeleiding en instructies.
 

[kape]

Download AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

Als de link naar AdwCleaner niet werkt, probeer dan deze link.

De download start automatisch na enkele seconden.

• Sluit alle openstaande vensters.
• Dubbelklik op AdwCleaner om hem te starten.
• Gebruikers van Windows Vista en later dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Klik op Scan (Engelse versie) of Scannen (Nederlandstalige versie)
• Mocht u gevonden items willen behouden, verwijder deze dan nu uit het lijstje.
• Klik vervolgens op Clean (Engelse versie) of Verwijderen (Nederlandstalige versie)
• Klik bij popup-scherm "AdwCleaner Herstart" op OK
  

Nadat de PC opnieuw is opgestart, opent meestal onmiddellijk een logfile van AdwCleaner.
Anders is het logfile hier terug te vinden C:\AdwCleaner\....

Logbestand plaatsen

• Voeg de logbestandjes met de naam AdwCleaner[s*].txt en AdwCleaner[C*].txt uit de map C:\AdwCleaner\... als bijlagen toe aan het volgende bericht. (*) staat voor een getal. Staan er meerdere, kies dan dit met het hoogste getal.
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

Meer informatie vind je in de handleiding.

[Have0]

Beste Kape, bedankt. Kan ook zijn dat er niets raars is. Hij had problemen met outlook maar ljkt opgelost. Dacht voor de zekerheid vraag u nog om advies.

 

# AdwCleaner v5.036 - Logbestand aangemaakt 27/02/2016 op 13:57:09
# Laatste update 22/02/2016 door Xplode
# Database : 2016-02-27.1 [server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : Dell - DELL-PC
# Gestart vanuit : C:\Users\Dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3HG7SY5N\adwcleaner_5.036.exe
# Optie : Verwijderen
# Ondersteuning : http://toolslib.net/forum

***** [ Services ] *****

***** [ Mappen ] *****

***** [ Bestanden ] *****

***** [ DLLs ] *****

***** [ Snelkoppelingen ] *****

***** [ geplande taken ] *****

***** [ Register ] *****

[-] Sleutel Verwijderd : HKCU\Software\IM

***** [ Internetbrowsers ] *****

*************************

:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [876 bytes] - [27/02/2016 13:57:09]
C:\AdwCleaner\AdwCleaner[s1].txt - [917 bytes] - [27/02/2016 13:56:08]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1020 bytes] ##########
# AdwCleaner v5.105 - Logfile created 27/03/2016 at 11:27:33
# Updated 21/03/2016 by Xplode
# Database : 2016-03-26.1 [server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Dell - DELL-PC
# Running from : C:\Users\Dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9V2BQCM3\adwcleaner_5.105.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1874 bytes] - [27/02/2016 14:57:09]
C:\AdwCleaner\AdwCleaner[s1].txt - [1828 bytes] - [27/02/2016 14:56:08]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2020 bytes] ##########

[kape]

Er zijn enkele instellingen aangepast door AdwCleaner ... maar verder ziet het er prima uit. Je mag de gebruikte tools alvast verwijderen met Delfix (zie hieronder). En dan mag je het topic sluiten door bovenaan op "Modereer Onderwerp" en "Sluiten" te klikken.

[kape]

Download Delfix by Xplode naar het bureaublad.

Indien de link naar Delfix niet werkt, probeer het dan met deze link.
De download start automatisch na enkele seconden.

Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
• Purge System Restore
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen

[Have0]

Alweer super bedankt Kape !