trage PC, 100% CPUgebruik, grote activiteit RAM

Ben

05-10-2011 18:31

Hallo Rob,
Je heb je oude logje van HijackThis geplaatst.
Maar doe eerst nog even dit: (de keus is aan jou)
Verwijder onder: Start - configuratiescherm - programma's en onderdelen de volgende programma's:
STOPzilla
Start pc daarna opnieuw op.
Stopzilla heeft een twijfelachtige reputatie. Er wordt voor geadverteerd op nogal dubieuze sites en vaak op tamelijk agressieve wijze. Het is misschien op zichzelf geen echt malafide programma, voor zover ik weet bevat het zelf in ieder geval geen spy- of adware. Maar het wordt in het algemeen door mensen die het kunnen weten als weinig betrouwbaar betiteld. De officiële site van Stopzilla is ook dusdanig schreeuwerig dat ik het programma niet zou vertrouwen.
En waarom zou je betalen voor een programma, als je dezelfde (of nog betere) bescherming ook met volledig gratis programma's kunt bereiken?
Start HijackThis opnieuw en maak een nieuw HijackThis logje, let wel op want
je moet HijackThis als Administrator uitvoeren en dan de nieuwe log posten.
Indien je het niet als administrator uitvoert, wordt de oude log niet overschreven.
Plaats daarna een nieuw HijackThis logje.
Ben
http://2.bp.blogspot.com/_NAn8-ZItaHE/Scq3w6FaicI/AAAAAAAACVY/QqPkGy7EU7U/s320/school69.gif
Rob26

06-10-2011 09:27

Hallo Ben,
Ziehier het meest recente logje:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:20:56, on 6/10/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
Z:\Windows\system32\taskhost.exe
Z:\Windows\System32\rundll32.exe
Z:\Windows\system32\Dwm.exe
Z:\Windows\Explorer.EXE
Z:\Program Files\Common Files\Java\Java Update\jusched.exe
Z:\Program Files\LogMeIn\x86\LogMeInSystray.exe
Z:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
Z:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
Z:\Program Files\Multifunctional Wireless Mouse Driver\StartMonitor.exe
Z:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
Z:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe
Z:\Program Files\Windows Sidebar\sidebar.exe
Z:\Program Files\Multifunctional Wireless Mouse Driver\KMProcess.exe
Z:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe
Z:\Program Files\SoMud\somud.exe
Z:\Users\Rob\AppData\Roaming\Dropbox\bin\Dropbox.exe
Z:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
Z:\Program Files\Trend Micro\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/somud/{1567948D-4E0F-4E2A-916B-A7C1F3E0768F}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - Z:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - Z:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - Z:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - Z:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - Z:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Smart Suggestor - {DB536AF2-E422-402d-B7FD-887297F1A198} - Z:\Program Files\Smart Suggestor\SmartSuggestor.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - Z:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Z:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - Z:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll
O4 - HKLM\..\Run: “Z:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “Z:\Program Files\LogMeIn\x86\LogMeInSystray.exe”
O4 - HKLM\..\Run: Z:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: Z:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: “Z:\Program Files\Multifunctional Wireless Mouse Driver\StartMonitor.exe” KMProcess.exe
O4 - HKLM\..\Run: “Z:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup
O4 - HKLM\..\Run: “Z:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe”
O4 - HKLM\..\Run: “Z:\Program Files\Malwarebytes' Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKCU\..\Run: Z:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: Z:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe
O4 - HKCU\..\Run: “Z:\Program Files\SoMud\somud.exe” /bg
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: Z:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: Z:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - Startup: Dropbox.lnk = Z:\Users\Rob\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Stardock ObjectDock.lnk = Z:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://Z:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Download Web &Images with SoMud - Z:\Program Files\SoMud\scripts\ie\images-url.html
O8 - Extra context menu item: Download with SoMud - Z:\Program Files\SoMud\scripts\ie\link-url.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://Z:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Z:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Z:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Smart Suggestor - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - Z:\Program Files\Smart Suggestor\SmartSuggestor.dll
O9 - Extra ‘Tools’ menuitem: Smart Suggestor options - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - Z:\Program Files\Smart Suggestor\SmartSuggestor.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Z:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Z:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: Accelerated graphics
O15 - Trusted Zone: *.isabel.be
O15 - Trusted Zone: *.kbc.be
O15 - Trusted Zone: *.kbcgroup.eu
O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM)
O15 - Trusted Zone: http://static.cbc.be (HKLM)
O15 - Trusted Zone: http://www.isabel.be (HKLM)
O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM)
O15 - Trusted Zone: http://www.isabel.eu (HKLM)
O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM)
O15 - Trusted Zone: http://static.kbc.be (HKLM)
O15 - Trusted Zone: http://www.kbcam.be (HKLM)
O15 - Trusted Zone: http://www.kbcam.com (HKLM)
O15 - Trusted Zone: http://www.kbcmerchantbanking.com (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - Z:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: Z:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL
O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - Z:\Program Files\Stardock\ObjectDockFree\ODMenu.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - Z:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - Z:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - Z:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - Z:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - Z:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - Unknown owner - Z:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - Z:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - Z:\Program Files\Ashampoo\Ashampoo HDD Control 2\DfSdkS.exe
O23 - Service: DokanCEMounter - Cloud Engines - Z:\Program Files\Pogoplug\dokanmnt.exe
O23 - Service: G Data Persoonlijke Firewall (GDFwSvc) - G Data Software AG - Z:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - Z:\Program Files\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - Z:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - Z:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - Z:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - Z:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HBAdmin - Cloud Engines, Inc. - Z:\Program Files\Pogoplug\HBPLUG\HBADMIN.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - Z:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - Z:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - Z:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - Z:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: UsbGlcsService - Unknown owner - Z:\Program Files\Multifunctional Wireless Mouse Driver\UsbglcsSrv.exe
O23 - Service: XobniService - Xobni Corporation - Z:\Program Files\Xobni\XobniService.exe
–
End of file - 10448 bytes
Vriendelijke groet,
Rob
Ben

06-10-2011 09:54

Hallo Rob,
Download http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link,
want Combofix wordt dagelijks geupdate.
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner,
schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
Dubbelklik op Combofix.exe
Volg de instructies, aanvaard de disclaimer.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
Het kan enige tijd duren voordat het logje van combofix komt, dus denk niet van hij is op tilt.
Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
Plaats deze log in je volgende post samen met een nieuw HijackThis logje.
En vertel hoe het nu is.
Ben
http://2.bp.blogspot.com/_NAn8-ZItaHE/Scq3w6FaicI/AAAAAAAACVY/QqPkGy7EU7U/s320/school69.gif
Rob26

06-10-2011 13:13

Hallo Ben,
Hieronder volgen de logs van COMBIFIX en daarna van HIJACKTHIS.
Groeten,
Rob
ComboFix 11-10-06.02 - Rob 06/10/2011 11:37:32.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1043.18.2046.438
Gestart vanuit: z:\users\Rob\Desktop\ComboFix.exe
AV: G Data InternetSecurity 2011 ComputerIdee Edition *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: G Data Persoonlijke Firewall *Enabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
F:\install.exe
J:\install.exe
z:\program files\google\common\google updater\googleupdaterservice.exe
z:\windows\system32\spool\prtprocs\w32x86\Xrpp_b.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-09-06 to 2011-10-06 ))))))))))))))))))))))))))))))
.
.
2011-10-06 10:48 . 2011-10-06 10:48 ——– d—–w- z:\users\LogMeInRemoteUser\AppData\Local\temp
2011-10-06 10:48 . 2011-10-06 10:48 ——– d—–w- z:\users\Default\AppData\Local\temp
2011-10-06 07:15 . 2011-10-06 07:15 56200 —-a-w- z:\programdata\Microsoft\Windows Defender\Definition Updates\{76143ACD-42F6-42BA-A241-BEA3D40BFD44}\offreg.dll
2011-10-05 12:56 . 2011-10-05 12:56 388096 —-a-r- z:\users\Rob\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-10-05 12:38 . 2011-10-05 12:38 ——– d—–w- z:\program files\Trend Micro
2011-10-05 10:17 . 2011-10-05 10:17 ——– d—–w- z:\program files\Smart Suggestor
2011-10-05 10:17 . 2011-10-05 10:17 ——– d—–w- z:\programdata\APSuggestor
2011-10-04 21:13 . 2011-10-04 21:13 ——– d—–w- z:\users\Default\AppData\Local\Microsoft Help
2011-10-04 19:38 . 2011-09-12 23:14 7269712 —-a-w- z:\programdata\Microsoft\Windows Defender\Definition Updates\{76143ACD-42F6-42BA-A241-BEA3D40BFD44}\mpengine.dll
2011-10-02 07:32 . 2011-10-02 07:32 ——– d—–w- z:\users\Rob\AppData\Roaming\Malwarebytes
2011-10-02 07:32 . 2011-10-02 07:32 ——– d—–w- z:\programdata\Malwarebytes
2011-10-02 07:31 . 2011-08-31 15:00 22216 —-a-w- z:\windows\system32\drivers\mbam.sys
2011-10-02 07:31 . 2011-10-02 07:32 ——– d—–w- z:\program files\Malwarebytes' Anti-Malware
2011-09-28 12:25 . 2011-10-03 15:59 ——– d—–w- z:\users\Rob\AppData\Local\Drobo Dashboard
2011-09-28 12:25 . 2011-09-28 12:30 ——– d—–w- z:\programdata\Drobo Dashboard
2011-09-28 11:21 . 2011-09-28 12:38 ——– d—–w- z:\users\Rob\AppData\Local\Drobo
2011-09-28 11:20 . 2011-10-03 16:06 ——– d—–w- z:\program files\Drobo
2011-09-28 11:20 . 2011-09-28 11:20 ——– d—–w- z:\programdata\Drobo
2011-09-26 11:24 . 2011-09-26 11:29 ——– d—–w- z:\users\Rob\AppData\Roaming\Ashampoo
2011-09-26 11:23 . 2011-09-26 11:24 ——– d—–w- z:\users\Rob\AppData\Local\ashampoo
2011-09-25 13:59 . 2011-09-25 13:59 119808 —-a-w- z:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
2011-09-21 18:25 . 2009-08-24 20:08 28160 —-a-w- z:\windows\system32\DfSdkBt.exe
2011-09-21 11:52 . 2011-09-21 11:54 ——– d—–w- z:\program files\uTorrent
2011-09-21 11:51 . 2011-09-27 06:26 ——– d—–w- z:\users\Rob\AppData\Roaming\uTorrent
2011-09-21 11:51 . 2011-09-21 11:51 ——– d—–w- z:\users\Rob\AppData\Local\uTorrent
2011-09-17 17:18 . 2011-09-17 21:12 ——– d—–w- z:\program files\TunnelBear
2011-09-14 10:40 . 2011-09-14 10:40 ——– d—–w- z:\program files\Microsoft Silverlight
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-05 18:09 . 2011-09-05 18:09 48648 —-a-w- z:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-09-05 18:09 . 2011-09-05 18:09 704320 —-a-w- z:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-08-28 12:40 . 2011-08-28 12:40 48648 —-a-w- z:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-08-28 12:40 . 2011-08-28 12:40 704320 —-a-w- z:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-08-25 15:58 . 2011-08-25 15:58 546256 —-a-r- z:\windows\system32\SZComp5.dll
2011-08-25 15:58 . 2011-08-25 15:58 22992 —-a-r- z:\windows\system32\SZIO5.dll
2011-08-25 15:58 . 2011-08-25 15:58 132560 —-a-r- z:\windows\system32\IS3HTUI5.dll
2011-08-25 15:58 . 2011-08-25 15:58 99792 —-a-r- z:\windows\system32\IS3Svc5.dll
2011-08-25 15:58 . 2011-08-25 15:58 99792 —-a-r- z:\windows\system32\IS3Inet5.dll
2011-08-25 15:58 . 2011-08-25 15:58 67024 —-a-r- z:\windows\system32\IS3Hks5.dll
2011-08-25 15:58 . 2011-08-25 15:58 456144 —-a-r- z:\windows\system32\SZBase5.dll
2011-08-25 15:58 . 2011-08-25 15:58 398800 —-a-r- z:\windows\system32\IS3DBA5.dll
2011-08-25 15:58 . 2011-08-25 15:58 28624 —-a-r- z:\windows\system32\IS3XDat5.dll
2011-08-25 15:58 . 2011-08-25 15:58 738768 —-a-r- z:\windows\system32\IS3Base5.dll
2011-08-25 15:58 . 2011-08-25 15:58 390608 —-a-r- z:\windows\system32\IS3UI5.dll
2011-08-25 15:58 . 2011-08-25 15:58 230864 —-a-r- z:\windows\system32\IS3Win325.dll
2011-08-20 08:30 . 2011-08-20 08:30 30416 —-a-w- z:\windows\system32\drivers\GRD.sys
2011-08-20 08:26 . 2011-08-20 08:26 47992 —-a-w- z:\windows\system32\drivers\PktIcpt.sys
2011-08-20 08:25 . 2011-08-20 08:25 62584 —-a-w- z:\windows\system32\drivers\MiniIcpt.sys
2011-08-20 08:25 . 2011-08-20 08:25 39288 —-a-w- z:\windows\system32\drivers\HookCentre.sys
2011-08-20 08:25 . 2011-08-20 08:25 33912 —-a-w- z:\windows\system32\drivers\GDBehave.sys
2011-08-20 08:25 . 2011-08-20 08:25 41336 —-a-w- z:\windows\system32\drivers\gdwfpcd32.sys
2011-08-16 18:00 . 2011-06-08 18:13 404640 —-a-w- z:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-22 02:54 . 2011-08-11 01:06 1797632 —-a-w- z:\windows\system32\jscript9.dll
2011-07-22 02:48 . 2011-08-11 01:06 1126912 —-a-w- z:\windows\system32\wininet.dll
2011-07-22 02:44 . 2011-08-11 01:07 2382848 —-a-w- z:\windows\system32\mshtml.tlb
2011-07-16 04:27 . 2011-08-10 09:21 290816 —-a-w- z:\windows\system32\KernelBase.dll
2011-07-16 04:15 . 2011-08-10 09:21 4096 —ha-w- z:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 4096 —ha-w- z:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3072 —ha-w- z:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 5120 —ha-w- z:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 4608 —ha-w- z:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 4096 —ha-w- z:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 4096 —ha-w- z:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3584 —ha-w- z:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3072 —ha-w- z:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3072 —ha-w- z:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3072 —ha-w- z:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3584 —ha-w- z:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3584 —ha-w- z:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3584 —ha-w- z:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3584 —ha-w- z:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3072 —ha-w- z:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3584 —ha-w- z:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3072 —ha-w- z:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3072 —ha-w- z:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3072 —ha-w- z:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3072 —ha-w- z:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3072 —ha-w- z:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 4096 —ha-w- z:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:15 . 2011-08-10 09:21 3072 —ha-w- z:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 09:21 6144 —ha-w- z:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 09:21 4608 —ha-w- z:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 09:21 3584 —ha-w- z:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17 . 2011-08-10 09:21 3072 —ha-w- z:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-12 09:20 . 2011-07-12 09:20 83816 —-a-w- z:\windows\system32\dns-sd.exe
2011-07-12 09:20 . 2011-07-12 09:20 73064 —-a-w- z:\windows\system32\dnssd.dll
2011-07-12 09:20 . 2011-07-12 09:20 50536 —-a-w- z:\windows\system32\jdns_sd.dll
2011-07-12 09:20 . 2011-07-12 09:20 178536 —-a-w- z:\windows\system32\dnssdX.dll
2011-07-09 04:29 . 2011-08-24 08:29 2048 —-a-w- z:\windows\system32\tzres.dll
2011-07-09 02:30 . 2011-08-10 09:22 223744 —-a-w- z:\windows\system32\drivers\mrxsmb10.sys
2011-09-25 13:59 . 2011-09-25 13:59 119808 —-a-w- z:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
2011-09-05 16:55 138032 —-a-w- z:\program files\Smart Suggestor\SmartSuggestor.dll
.
@=“{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}”
2011-02-18 05:12 94208 —-a-w- z:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
@=“{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}”
2011-02-18 05:12 94208 —-a-w- z:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
@=“{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}”
2011-02-18 05:12 94208 —-a-w- z:\users\Rob\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
“Sidebar”=“z:\program files\Windows Sidebar\sidebar.exe”
“UIWatcher”=“z:\program files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe”
“SoMud”=“z:\program files\SoMud\somud.exe”
.
“SunJavaUpdateSched”=“z:\program files\Common Files\Java\Java Update\jusched.exe”
“LogMeIn GUI”=“z:\program files\LogMeIn\x86\LogMeInSystray.exe”
“G Data AntiVirus Tray Application”=“z:\program files\G Data\InternetSecurity\AVKTray\AVKTray.exe”
“GDFirewallTray”=“z:\program files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe”
“Wireless Mouse”=“z:\program files\Multifunctional Wireless Mouse Driver\StartMonitor.exe”
“Google Desktop Search”=“z:\program files\Google\Google Desktop Search\GoogleDesktop.exe”
“Ashampoo HDD-Control 2 Guard”=“z:\program files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe”
“Malwarebytes' Anti-Malware (reboot)”=“z:\program files\Malwarebytes' Anti-Malware\mbam.exe”
.
z:\users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - z:\users\Rob\AppData\Roaming\Dropbox\bin\Dropbox.exe
Stardock ObjectDock.lnk - z:\program files\Stardock\ObjectDockFree\ObjectDock.exe
.
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
“{1984D045-52CF-49cd-DB77-08F378FEA4DB}”= “z:\program files\Stardock\ObjectDockFree\ODMenu.dll”
.
“AppInit_DLLs”=z:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
path=z:\users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=z:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
path=z:\users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DropIt.lnk
backupExtension=.Startup
backup=z:\windows\pss\DropIt.lnk.Startup
.
2011-06-06 10:55 937920 —-a-w- z:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
2010-03-13 12:54 91520 —-a-w- z:\program files\Microsoft Office\Office14\BCSSync.exe
.
2011-05-23 11:36 2068480 —-a-w- z:\program files\Belgium Identity Card\beid35gui.exe
.
2009-05-26 14:46 1159168 ——w- z:\program files\Brother\Brmfcmon\BrMfcWnd.exe
.
2007-02-07 10:02 65536 —-a-w- z:\windows\cmiboot.exe
.
2008-12-24 08:26 114688 ——w- z:\program files\Brother\ControlCenter3\BrCtrCen.exe
.
2010-05-11 03:53 55808 —-a-w- z:\program files\DYMO\DYMO Label Software\DLSService.exe
.
2011-09-25 13:59 30192 —-a-w- z:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
2008-07-09 21:05 46368 —-a-w- z:\program files\ScanSoft\PaperPort\IndexSearch.exe
.
2011-08-18 23:07 421736 —-a-w- z:\program files\iTunes\iTunesHelper.exe
.
2008-07-24 16:46 63048 —-a-w- z:\program files\LogMeIn\x86\LogMeInSystray.exe
.
2008-07-09 21:07 29984 —-a-w- z:\program files\ScanSoft\PaperPort\pptd40nt.exe
.
2011-06-21 20:14 255296 —-a-w- z:\program files\Pogoplug\PPDrive.exe
.
2007-08-31 07:01 328992 —-a-w- z:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe
.
2011-07-05 16:36 421888 —-a-w- z:\program files\QuickTime\QTTask.exe
.
2011-05-31 12:02 10082920 ——w- z:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
2011-10-02 23:21 4063744 —-a-w- z:\program files\SoMud\somud.exe
.
2011-07-04 07:05 2535808 —-a-w- z:\program files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe
.
2010-11-11 11:55 159472 —-a-w- z:\program files\Zune\ZuneLauncher.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;z:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
R2 gupdate;Google Updateservice (gupdate);z:\program files\Google\Update\GoogleUpdate.exe
R2 UsbGlcsService;UsbGlcsService;z:\program files\Multifunctional Wireless Mouse Driver\UsbglcsSrv.exe
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;z:\program files\Google\Google Desktop Search\GoogleDesktop.exe
R3 gupdatem;Google Update-service (gupdatem);z:\program files\Google\Update\GoogleUpdate.exe
R3 MBAMSwissArmy;MBAMSwissArmy;z:\windows\system32\drivers\mbamswissarmy.sys
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;z:\program files\Microsoft Office\Office14\GROOVE.EXE
R3 TsUsbFlt;TsUsbFlt;z:\windows\system32\drivers\tsusbflt.sys
R3 WatAdminSvc;Windows Activation Technologies-service;z:\windows\system32\Wat\WatAdminSvc.exe
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;z:\program files\Zune\WMZuneComm.exe
R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;z:\windows\system32\DRIVERS\WSDPrint.sys
S0 GDBehave;GDBehave;z:\windows\system32\drivers\GDBehave.sys
S1 GDMnIcpt;GDMnIcpt;z:\windows\system32\drivers\MiniIcpt.sys
S1 gdwfpcd;G DATA WFP CD;z:\windows\system32\drivers\gdwfpcd32.sys
S1 GRD;G Data Rootkit Detector Driver;z:\windows\system32\drivers\GRD.sys
S1 HookCentre;HookCentre;z:\windows\system32\drivers\HookCentre.sys
S2 AdobeARMservice;Adobe Acrobat Update Service;z:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
S2 AHDDC2;Ashampoo HDD Control 2 Service;z:\program files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
S2 AVKProxy;G Data AntiVirus Proxy;z:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe
S2 AVKService;G Data Scheduler;z:\program files\G Data\InternetSecurity\AVK\AVKService.exe
S2 AVKWCtl;G Data Bestandssysteembewaker;z:\program files\G Data\InternetSecurity\AVK\AVKWCtl.exe
S2 DfSdkS;Defragmentation-Service;z:\program files\Ashampoo\Ashampoo HDD Control 2\DfSdkS.exe
S2 DokanCEDriver;DokanCEDriver;z:\program files\Pogoplug\dokance.sys
S2 DokanCEMounter;DokanCEMounter;z:\program files\Pogoplug\dokanmnt.exe
S2 HBAdmin;HBAdmin;z:\program files\Pogoplug\HBPLUG\HBADMIN.exe
S2 LMIGuardianSvc;LMIGuardianSvc;z:\program files\LogMeIn\x86\LMIGuardianSvc.exe
S2 LMIInfo;LogMeIn Kernel Information Provider;z:\program files\LogMeIn\x86\RaInfo.sys
S2 XobniService;XobniService;z:\program files\Xobni\XobniService.exe
S3 BrSerIb;Brother MFC Serial Interface Driver(WDM);z:\windows\system32\DRIVERS\BrSerIb.sys
S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);z:\windows\system32\DRIVERS\BrUsbSIb.sys
S3 CMISTOR;CMIUCR.SYS CM320/CM220 Card Reader Driver;z:\windows\system32\DRIVERS\cmiucr.SYS
S3 GDFwSvc;G Data Persoonlijke Firewall;z:\program files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
S3 GDPkIcpt;GDPkIcpt;z:\windows\system32\drivers\PktIcpt.sys
S3 GDScan;G Data Scanner;z:\program files\Common Files\G Data\GDScan\GDScan.exe
S3 osppsvc;Office Software Protection Platform;z:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;z:\windows\system32\DRIVERS\Ph3xIB32.sys
S3 usbglcs1100101;usbglcs1100101_Display;z:\windows\System32\Drivers\usbglcs1100101.sys
S3 xcetap0;XCETAP0 Adapter;z:\windows\system32\DRIVERS\xcetap0.sys
.
.
Inhoud van de ‘Gedeelde Taken’ map
.
2011-10-06 z:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- z:\program files\Google\Update\GoogleUpdate.exe
.
2011-10-06 z:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- z:\program files\Google\Update\GoogleUpdate.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.igoogle.com/
mStart Page = hxxp://www.bigseekpro.com/somud/{1567948D-4E0F-4E2A-916B-A7C1F3E0768F}
uInternet Settings,ProxyOverride = *.local
IE: &Verzenden naar OneNote - z:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Download Web &Images with SoMud - z:\program files\SoMud\scripts\ie\images-url.html
IE: Download with SoMud - z:\program files\SoMud\scripts\ie\link-url.html
IE: E&xporteren naar Microsoft Excel - z:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - {DB536AF2-E422-402d-B7FD-887297F1A198} - z:\program files\Smart Suggestor\SmartSuggestor.dll
Trusted Zone: dexia.be\www
Trusted Zone: isabel.be
Trusted Zone: kbc.be
Trusted Zone: kbcgroup.eu
Trusted Zone: cbc.be\cbc-pdf
Trusted Zone: cbc.be\cbconline
Trusted Zone: cbc.be\static
Trusted Zone: cbc.be\www
Trusted Zone: cbc.eu\www
Trusted Zone: isabel.be\*.IBS6
Trusted Zone: isabel.be\gotoIBS6
Trusted Zone: isabel.be\pki
Trusted Zone: isabel.be\www
Trusted Zone: isabel.eu\upgrade
Trusted Zone: isabel.eu\www
Trusted Zone: kbc.be\kbc-pdf
Trusted Zone: kbc.be\kbconline
Trusted Zone: kbc.be\static
Trusted Zone: kbc.be\www
Trusted Zone: kbc.com\www
Trusted Zone: kbc.eu\www
Trusted Zone: kbcam.be\www
Trusted Zone: kbcam.com\www
Trusted Zone: kbcbankingforbusiness.com\www
Trusted Zone: kbcgroup.eu\multimediafiles
Trusted Zone: kbcgroup.eu\www
Trusted Zone: kbcmerchantbanking.com\www
TCP: DhcpNameServer = 195.130.130.131 195.130.131.131
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)
MSConfigStartUp-BabylonToolbar - z:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
MSConfigStartUp-setc - z:\program files\MySecurityCenter\Programs\setc.exe
AddRemove-FoxTab MP3 Converter - z:\program files\FoxTabMP3Converter\Uninstall\Uninstall.exe
.
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
“MSCurrentCountry”=dword:000000b5
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2011-10-06 13:04:02
ComboFix-quarantined-files.txt 2011-10-06 11:03
.
Pre-Run: 71.182.934.016 bytes beschikbaar
Post-Run: 71.479.418.880 bytes beschikbaar
.
- - End Of File - - 73BA4660D6CC44823F1FE1AADF2A171D
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:11:08, on 6/10/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
Z:\Windows\system32\taskhost.exe
Z:\Windows\system32\Dwm.exe
Z:\Program Files\Common Files\Java\Java Update\jusched.exe
Z:\Program Files\LogMeIn\x86\LogMeInSystray.exe
Z:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
Z:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
Z:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
Z:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe
Z:\Program Files\Windows Sidebar\sidebar.exe
Z:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe
Z:\Program Files\SoMud\somud.exe
Z:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
Z:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Z:\Windows\explorer.exe
Z:\PROGRA~1\MICROS~1\Office14\OUTLOOK.EXE
Z:\Program Files\Internet Explorer\iexplore.exe
Z:\Program Files\Internet Explorer\iexplore.exe
Z:\Program Files\Trend Micro\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/somud/{1567948D-4E0F-4E2A-916B-A7C1F3E0768F}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - Z:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - Z:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - Z:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - Z:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - Z:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Smart Suggestor - {DB536AF2-E422-402d-B7FD-887297F1A198} - Z:\Program Files\Smart Suggestor\SmartSuggestor.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - Z:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Z:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - Z:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll
O4 - HKLM\..\Run: “Z:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “Z:\Program Files\LogMeIn\x86\LogMeInSystray.exe”
O4 - HKLM\..\Run: Z:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: Z:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: “Z:\Program Files\Multifunctional Wireless Mouse Driver\StartMonitor.exe” KMProcess.exe
O4 - HKLM\..\Run: “Z:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup
O4 - HKLM\..\Run: “Z:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe”
O4 - HKLM\..\Run: “Z:\Program Files\Malwarebytes' Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKCU\..\Run: Z:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: Z:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe
O4 - HKCU\..\Run: “Z:\Program Files\SoMud\somud.exe” /bg
O4 - Startup: Dropbox.lnk = Z:\Users\Rob\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Stardock ObjectDock.lnk = Z:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://Z:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Download Web &Images with SoMud - Z:\Program Files\SoMud\scripts\ie\images-url.html
O8 - Extra context menu item: Download with SoMud - Z:\Program Files\SoMud\scripts\ie\link-url.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://Z:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Z:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Z:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Smart Suggestor - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - Z:\Program Files\Smart Suggestor\SmartSuggestor.dll
O9 - Extra ‘Tools’ menuitem: Smart Suggestor options - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - Z:\Program Files\Smart Suggestor\SmartSuggestor.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Z:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Z:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: Accelerated graphics
O15 - Trusted Zone: *.isabel.be
O15 - Trusted Zone: *.kbc.be
O15 - Trusted Zone: *.kbcgroup.eu
O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM)
O15 - Trusted Zone: http://static.cbc.be (HKLM)
O15 - Trusted Zone: http://www.isabel.be (HKLM)
O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM)
O15 - Trusted Zone: http://www.isabel.eu (HKLM)
O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM)
O15 - Trusted Zone: http://static.kbc.be (HKLM)
O15 - Trusted Zone: http://www.kbcam.be (HKLM)
O15 - Trusted Zone: http://www.kbcam.com (HKLM)
O15 - Trusted Zone: http://www.kbcmerchantbanking.com (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - Z:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: Z:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - Z:\Program Files\Stardock\ObjectDockFree\ODMenu.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - Z:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - Z:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - Z:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - Z:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - Z:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - Unknown owner - Z:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - Z:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - Z:\Program Files\Ashampoo\Ashampoo HDD Control 2\DfSdkS.exe
O23 - Service: DokanCEMounter - Cloud Engines - Z:\Program Files\Pogoplug\dokanmnt.exe
O23 - Service: G Data Persoonlijke Firewall (GDFwSvc) - G Data Software AG - Z:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - Z:\Program Files\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - Z:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - Z:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - Z:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Unknown owner - Z:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: HBAdmin - Cloud Engines, Inc. - Z:\Program Files\Pogoplug\HBPLUG\HBADMIN.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - Z:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - Z:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - Z:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - Z:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: UsbGlcsService - Unknown owner - Z:\Program Files\Multifunctional Wireless Mouse Driver\UsbglcsSrv.exe
O23 - Service: XobniService - Xobni Corporation - Z:\Program Files\Xobni\XobniService.exe
–
End of file - 9915 bytes
Ben

06-10-2011 13:51

Hallo Rob,
Start HijackThis
Let op!!! Windows Vista & 7 gebruikers dienen HijackThis als administrator uit te voeren “Rechtermuisknop uitvoeren als”, indien dit via de snelkoppeling niet lukt voert u HijackThis als administrator uit in de volgende directory (C:\Program Files\Trend Micro\HiJackThis)
En klik op “Do a system scan only”.
Selecteer de regel die hier onder staan.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = {1567948D-4E0F-4E2A-916B-A7C1F3E0768F}
Sluit alle open vensters(behalve HijackThis), klik daarna op Fix checked en bevestig het door in het volgende scherm op Ja te klikken.
Download en installeer http://www.filehippo.com/download_ccleaner
Na installatie het programma standaard laten draaien.
Eerst de Cleaner en daarna het register.
Bij het installeren van de nieuwste Ccleaner wordt nu ook Google Chrome (helaas) mee geinstalleerd.
Je moet tijdens het installeren een vinkje weg halen, zodat Google Chrome niet geinstalleerd word.
Plaats daarna een nieuw HijackThis logje en vertel hoe het met je problemen staat.(onder andere CPU-gebruik)
Ben
http://2.bp.blogspot.com/_NAn8-ZItaHE/Scq3w6FaicI/AAAAAAAACVY/QqPkGy7EU7U/s320/school69.gif
Rob26

06-10-2011 15:08

Hallo Ben,
Ik heb het gevraagde uitgevoerd. Zie hieronder de hijackthis log.
Bij het uitvoeren van CCLEANER kreeg ik de melding dat de prullenbak beschadigd is. Is dit euvel te herstellen?
Het CPU-gebruik is nu 25% en het gebruik van het RAM-geheugen is 77%. Deze waarden liggen mijns inziens nog aan de hoge kant.
De PC werkt wel aanzienlijk vlugger maar nog niet gelijk vroeger.
Bedankt voor de hulp.
Groeten,
Rob
_________________________________
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:51:51, on 6/10/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
Z:\Windows\system32\taskhost.exe
Z:\Windows\system32\Dwm.exe
Z:\Program Files\Common Files\Java\Java Update\jusched.exe
Z:\Program Files\LogMeIn\x86\LogMeInSystray.exe
Z:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
Z:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
Z:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
Z:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe
Z:\Program Files\Windows Sidebar\sidebar.exe
Z:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe
Z:\Program Files\SoMud\somud.exe
Z:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
Z:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Z:\Windows\explorer.exe
Z:\PROGRA~1\MICROS~1\Office14\OUTLOOK.EXE
Z:\Program Files\Microsoft Office\Office14\WINWORD.EXE
Z:\Program Files\Internet Explorer\iexplore.exe
Z:\Program Files\Internet Explorer\iexplore.exe
Z:\Program Files\Trend Micro\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - Z:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - Z:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - Z:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - Z:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - Z:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Smart Suggestor - {DB536AF2-E422-402d-B7FD-887297F1A198} - Z:\Program Files\Smart Suggestor\SmartSuggestor.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - Z:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Z:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - Z:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll
O4 - HKLM\..\Run: “Z:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “Z:\Program Files\LogMeIn\x86\LogMeInSystray.exe”
O4 - HKLM\..\Run: Z:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: Z:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: “Z:\Program Files\Multifunctional Wireless Mouse Driver\StartMonitor.exe” KMProcess.exe
O4 - HKLM\..\Run: “Z:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup
O4 - HKLM\..\Run: “Z:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe”
O4 - HKLM\..\Run: “Z:\Program Files\Malwarebytes' Anti-Malware\mbam.exe” /runcleanupscript
O4 - HKCU\..\Run: Z:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: Z:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe
O4 - HKCU\..\Run: “Z:\Program Files\SoMud\somud.exe” /bg
O4 - Startup: Dropbox.lnk = Z:\Users\Rob\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Stardock ObjectDock.lnk = Z:\Program Files\Stardock\ObjectDockFree\ObjectDock.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://Z:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Download Web &Images with SoMud - Z:\Program Files\SoMud\scripts\ie\images-url.html
O8 - Extra context menu item: Download with SoMud - Z:\Program Files\SoMud\scripts\ie\link-url.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://Z:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Z:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Z:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Smart Suggestor - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - Z:\Program Files\Smart Suggestor\SmartSuggestor.dll
O9 - Extra ‘Tools’ menuitem: Smart Suggestor options - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - Z:\Program Files\Smart Suggestor\SmartSuggestor.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Z:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Z:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: Accelerated graphics
O15 - Trusted Zone: *.isabel.be
O15 - Trusted Zone: *.kbc.be
O15 - Trusted Zone: *.kbcgroup.eu
O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM)
O15 - Trusted Zone: http://static.cbc.be (HKLM)
O15 - Trusted Zone: http://www.isabel.be (HKLM)
O15 - Trusted Zone: http://upgrade.isabel.eu (HKLM)
O15 - Trusted Zone: http://www.isabel.eu (HKLM)
O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM)
O15 - Trusted Zone: http://static.kbc.be (HKLM)
O15 - Trusted Zone: http://www.kbcam.be (HKLM)
O15 - Trusted Zone: http://www.kbcam.com (HKLM)
O15 - Trusted Zone: http://www.kbcmerchantbanking.com (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - Z:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: Z:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - Z:\Program Files\Stardock\ObjectDockFree\ODMenu.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - Z:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - Z:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - Z:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - Z:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - Z:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - Unknown owner - Z:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - Z:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - Z:\Program Files\Ashampoo\Ashampoo HDD Control 2\DfSdkS.exe
O23 - Service: DokanCEMounter - Cloud Engines - Z:\Program Files\Pogoplug\dokanmnt.exe
O23 - Service: G Data Persoonlijke Firewall (GDFwSvc) - G Data Software AG - Z:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - Z:\Program Files\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - Z:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - Z:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - Z:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HBAdmin - Cloud Engines, Inc. - Z:\Program Files\Pogoplug\HBPLUG\HBADMIN.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - Z:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - Z:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - Z:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - Z:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: UsbGlcsService - Unknown owner - Z:\Program Files\Multifunctional Wireless Mouse Driver\UsbglcsSrv.exe
O23 - Service: XobniService - Xobni Corporation - Z:\Program Files\Xobni\XobniService.exe
–
End of file - 9682 bytes
fazantje

06-10-2011 16:01

Hoi Rob,
Vraag:
Hoe zit het bij jou met de stations?
Ik zie Z - F en J schijf.
Prullenbak herstellen, lees:
http://www.winhelponline.com/blog/fix-corrupted-recycle-bin-windows-7-vista/
Laat deze ff vertalen ppff, krijg de vertaalde versie hier niet goed.
Niet de scan uitvoeren heh die boven aan staat!!
Welke processen gebruiken veel?
Normaal moet het verbruik tussen de 0 en 10 ongeveer liggen. Geheugen rond de 38 / 45 %/
Groetjes Huib;)
Ben

06-10-2011 16:13

Hallo,
hier de rep.link voor je prullenbak
http://www.microsofttranslator.com/BV.aspx?ref=IE8Activity&a=http%3A%2F%2Fwww.winhelponline.com%2Fblog%2Ffix-corrupted-recycle-bin-windows-7-vista%2F
Ben
http://2.bp.blogspot.com/_NAn8-ZItaHE/Scq3w6FaicI/AAAAAAAACVY/QqPkGy7EU7U/s320/school69.gif
Rob26

06-10-2011 22:02

Hallo Huib,
Ik heb windows 7 op de Z-schijf geïnstalleerd omdat windows xp geinstalleerd is op de C-schijf. De andere schijven zijn externe schijven met backups. Het proces dat het meeste gebruikt (afwisselllend tussen 8 en 25%) is: WMIprvse.exe.
Ik slaag er niet in de recycle bin te herstellen.
Groeten,
Rob
Jos H

06-10-2011 22:08

Leesstof:
http://www.computer-support.nl/Systeemtaken/taakinfo/3685/wmiprvse.exe/
Hoe loopt windows XP op de C drive.?

trage PC, 100% CPUgebruik, grote activiteit RAM

Ben

Rob26

Ben

Rob26

Ben

Rob26

fazantje

Ben

Rob26

Jos H