namens renate

rudi

05-07-2013 14:27

Haar lappie is (weer) traag
Zouden jullie??? Dank!
Hieronder heb ik Adware, Mbam, en HT ( Rsit was veel te lang en kreeg ik onmogelijk geplaatst…sorry)
# AdwCleaner v2.304 - Verslag gemaakt op 05/07/2013 om 13:04:11
# Geactualiseerd op 03/07/2013 door Xplode
# Besturingssysteem : Windows 8 (64 bits)
# Gebruiker : renate - RENATE50
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\renate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D95PEPOM\adwcleaner.exe
# Optie
***** *****
***** *****
***** *****
Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
***** *****
-\\ Internet Explorer v10.0.9200.16537
Het register bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2013.07.05.01
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16599
renate :: RENATE50
05/07/2013 13:01:32
mbam-log-2013-07-05 (13-01-32).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 233332
Verstreken tijd: 6 minuut/minuten, 56 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:16:07, on 05/07/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\trend micro\renate.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {15a0413e-9f45-4d45-9a75-2c20b15b5b51} - (no file)
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKLM\..\Run: C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKCU\..\Run: “C:\Users\renate\AppData\Roaming\Spotify\Spotify.exe” /uri spotify:autostart
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 9684 bytes
Ben

05-07-2013 14:47

Hallo,
Download zoek.exe naar het bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
* Dubbelklik op Zoek.exe om de tool te starten.
* Kopieer nu het onderstaande vet gedrukte code en plak die in het grote invulvenster:
* Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
firefoxlook;
chromelook;
standardsearch;
{15a0413e-9f45-4d45-9a75-2c20b15b5b51};c
;r
;r
“AppInit_DLLs”=“C:\\Windows\\SysWOW64\\nvinit.dll”;r
C:\PROGRA~3\Wincert;fs
filesrcm;
autoclean;
startupall;
*Klik nu op de knop "Run script".
* Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
* Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
* Post nu de inhoud van het geopende logje in het volgende bericht.
Gr.Ben
rudi

05-07-2013 15:10

Ben, alvast bedankt. Zoek.exe loopt (ik zit nu op mijn eigen laptop)
Heb je misschien iets aan het logje van RSIT als ik hem je prive toe mail??
Ben

05-07-2013 15:12

Hallo,
Nu niet meer had je eerder moeten plaatsen zoals in de handleiding staat
En waar plaats je je problemen niet in het andere forum
Gr.Ben
rudi

05-07-2013 15:14

Zoek.exe Version 4.0.0.3 Updated 05-July-2013
Tool run by renate on 05/07/2013 at 15:01:55.05.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
==== System Restore Info ======================
05/07/2013 15:03:40 Zoek.exe System Restore Point Created Succesfully.
==== Creating Sample_072013_1504.zip ======================
Copied file C:\ProgramData\SetStretch.exe to sample\SetStretch.exe
sample\SetStretch.exe renamed to 4A93070098539B54FDA391D4D551C880
C:\Users\Public\Desktop\sample_072013_1504.zip created successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1782918206-1260622963-1387706355-1002\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{15a0413e-9f45-4d45-9a75-2c20b15b5b51} deleted successfully
==== Running Processes ======================
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Users\renate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQ6O13KU\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
==== Deleting Services ======================
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
“AppInit_DLLs”=“C:\\Windows\\SysWOW64\\nvinit.dll”
==== Deleting Files \ Folders ======================
“C:\ProgramData\SetStretch.exe” deleted
“C:\PROGRA~3\Wincert” deleted
“C:\ProgramData\Datamngr” deleted
“C:\ProgramData\Wincert” deleted
==== System Specs ======================
Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 3982 MB
CPU Info: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
CPU Speed: 2497.5 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce 610M
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe GBE Family Controller | Qualcomm Atheros AR9485 Wireless Network Adapter
CD / DVD Drives: 1x (E: | ) E: Slimtype DVD A
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 119.2GB | D: 157.9GB
Hard Disks - Free: C: 72.7GB | D: 157.5GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | | _ASUS_ - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK COMPUTER INC. K55VD
Internet Explorer Version: 10.0.9200.16599
Sun Java version: No Java Installed?
Country: United Kingdom
Language: ENG
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2013-06-14 13:18:40 352840DD8D662D2AC5AEF50ED518646E 273 —-a-w- C:\Windows\DeleteOnReboot.bat
====== C:\Users\renate\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-07-05 11:14:05 605A3EC85E7AEDE7BE62351B3A53F9BB 356776 —-a-w- C:\Windows\Sysnative\FNTCACHE.DAT
2013-07-03 19:55:39 4A0B5BF31A5ACC06337EE07F907F14CB 144384 —-a-w- C:\Windows\Sysnative\tssdisai.dll
====== C:\Windows\Sysnative\drivers =====
2013-07-02 13:32:07 E86C64478D9A90D62255FE9EB0150C6E 175 —-a-w- C:\Windows\Sysnative\drivers\aswVmm.sys.sum
2013-07-02 13:32:07 A5F29AC2F0ADE8B995B49D7350CE3AC0 175 —-a-w- C:\Windows\Sysnative\drivers\aswSP.sys.sum
2013-07-02 13:32:07 2E83D2621E87C493AB45DC6655BA77D4 175 —-a-w- C:\Windows\Sysnative\drivers\aswSnx.sys.sum
2013-06-17 19:50:40 CA03D642ACE58E1BA54E4B383F91CD69 427520 —-a-w- C:\Windows\Sysnative\drivers\rdbss.sys
2013-06-17 19:50:36 EA040D4C6C94F315A85F3D0EAA884B37 446720 —-a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS
2013-06-17 19:50:32 7C33D8B8A5EA2321B84A1B6653CBD0DB 213248 —-a-w- C:\Windows\Sysnative\drivers\UCX01000.SYS
2013-06-17 19:50:31 FD3AF5575B99871BADB94E7699DBCE08 284416 —-a-w- C:\Windows\Sysnative\drivers\spaceport.sys
2013-06-17 19:50:29 AEB23CDC7F0AD52954CAE1F22CA839FE 83968 —-a-w- C:\Windows\Sysnative\drivers\hidclass.sys
2013-06-17 19:50:29 012C354B4AB48E9A7A657DF39E3A2073 27648 —-a-w- C:\Windows\Sysnative\drivers\hidusb.sys
2013-06-13 15:11:59 D750CE2A52F1B95E654CF2904C88EF1F 2233600 —-a-w- C:\Windows\Sysnative\drivers\tcpip.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-07-05 11:58:28 ——– d—–w- C:\Program Files\trend micro
======= C:\Program Files (x86) =====
2013-07-05 12:19:06 ——– d—–w- C:\Program Files (x86)\trend micro
======= C: =====
2013-07-05 11:39:39 DD4C06E90330BC6AE986E25EC8BE73E9 1173 —-a-w- C:\AdwCleaner.txt
2013-07-05 11:06:19 4E76DF02FE9D9676111867BC8E654A94 1255 —-a-w- C:\AdwCleaner.txt
2013-07-05 11:04:11 35CE0CA5E8F05F5346E46E83F7988626 1187 —-a-w- C:\AdwCleaner.txt
2013-06-14 13:26:30 1C14A107BF6E079E67371CE99AAB7E49 1197 —-a-w- C:\AdwCleaner.txt
2013-06-14 13:18:33 20E6D6C690BC9E576A8F0179C3B90525 2881 —-a-w- C:\AdwCleaner.txt
====== C:\Users\renate\AppData\Roaming ======
2013-07-02 12:44:47 ——– d—–w- C:\users\renate\AppData\Local\Spotify
2013-07-02 12:44:36 ——– d—–w- C:\users\renate\AppData\Roaming\Spotify
====== C:\Users\renate ======
2013-07-05 12:42:28 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\renate\Downloads\RSITx64 (1).exe
2013-07-05 11:58:09 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\renate\Downloads\RSITx64.exe
2013-07-05 11:03:16 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 —-a-w- C:\Users\renate\Downloads\adwcleaner.exe
2013-06-11 13:08:49 ——– d–h–w- C:\ProgramData\CanonIJScan
====== C: exe-files ==
2013-07-05 12:42:28 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\renate\Downloads\RSITx64 (1).exe
2013-07-05 12:19:07 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files (x86)\trend micro\renate.exe
2013-07-05 12:18:57 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\Users\renate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W201OBYK\RSIT.exe
2013-07-05 11:58:29 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\renate.exe
2013-07-05 11:58:09 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\renate\Downloads\RSITx64.exe
2013-07-05 11:39:22 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 —-a-w- C:\Users\renate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFGRK0N5\adwcleaner.exe
2013-07-05 11:31:36 66F69A06841A170528687C258A5C2CCA 338880 —-a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00003f11\updatus.16379525_RUNASUSER.exe
2013-07-05 11:03:16 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 —-a-w- C:\Users\renate\Downloads\adwcleaner.exe
2013-07-03 19:55:40 8ABBB5CE0C62E0A6D28F32F44B7F865C 98304 —-a-w- C:\Windows\servicing\TrustedInstaller.exe
2013-07-02 12:44:46 9DBFDC7818324BE5497E37B0DF726732 62464 —-a-w- C:\Users\renate\AppData\Roaming\Spotify\SpotifyLauncher.exe
2013-07-02 12:44:46 5CB17097A5752337977A9A7FED3A06E5 4643328 —-a-w- C:\Users\renate\AppData\Roaming\Spotify\spotify.exe
2013-07-02 12:44:45 7F27323E0BA892B12C52E686E09F39D6 1104384 —-a-w- C:\Users\renate\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
2013-07-02 11:38:27 34A105020A5E702B71BD6ACBFC760EB3 3612160 —-a-w- C:\Users\renate\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Solitaire\e43d1f39a8970dedd6179b7bf4d2a33a\Solitaire.ni.exe
2013-07-02 11:38:21 F96F16DA1FB41612DC5A69940E4826F2 141824 —-a-w- C:\Users\renate\AppData\Local\Packages\B9ECED6F.TheWorldClock_qmba6cd70vzyy\AC\Microsoft\CLR_v4.0_32\NativeImages\The World Clock\62ee1aa990f3efbfdc08ab8761830806\The World Clock.ni.exe
=== C: other files ==
2013-07-05 13:04:51 3BD4381CB4E1CBCBB05F6100060DC5CF 9583 —-a-w- C:\Users\Public\Desktop\sample_072013_1504.zip
2013-07-02 12:44:46 4E5DF4D995E502304D6BADD5DC045EFB 8113773 —-a-w- C:\Users\renate\AppData\Roaming\Spotify\Data\apps.zip
2013-07-02 12:44:45 4C42DADAE1F20FEA34237DA98CB2D649 2377618 —-a-w- C:\Users\renate\AppData\Roaming\Spotify\Data\resources.zip
==== Startup Registry Enabled ======================
“Spotify”=“C:\Users\renate\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart”
“Adobe Reader Speed Launcher”=“C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“RemoteControl10”=“C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe”
“ASUSWebStorage”=“C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S”
“avast”=“C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui”
“BCSSync”=“C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices”
“CanonSolutionMenuEx”=“C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon”
“Spotify”=“C:\Users\renate\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart”
==== Startup Registry Enabled x64 ======================
“IgfxTray”=“C:\Windows\system32\igfxtray.exe”
“HotKeysCmds”=“C:\Windows\system32\hkcmd.exe”
“RTHDVCPL”=“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s”
“ACMON”=“C:\Program Files (x86)\ASUS\Splendid\ACMON.exe”
“CanonMyPrinter”=“C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon”
==== Startup Folders ======================
2012-10-15 16:41:40 2062 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a——– C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a——– C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.google.com”
No DefaultScope Set For HKCU
New Values:
“Start Page”=“http://www.google.com”
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
==== HijackThis Entries ======================
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKLM\..\Run: C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKCU\..\Run: “C:\Users\renate\AppData\Roaming\Spotify\Spotify.exe” /uri spotify:autostart
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\renate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\renate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQ6O13KU will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\renate\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\renate\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQ6O13KU” not found
==== EOF on 05/07/2013 at 15:12:45.69 ======================
rudi

05-07-2013 15:16

Hoi Ben
Dit is een windows 8 laptop en ik kan helemaal niets vinden, snap er allemaal niets van. Ik had Renate eerst op het andere prikbord aangemaakt (kun je checken )
Maar daar raakte ik de tekst ook niet kwijt. Dus dacht ik, dan probeer ik of het hier wel lukt. Niet dus !
Maar dat Windows 8…ik zit me hier te klungelen Opslaan en uitvoeren als administrator….Ik weet nog steeds niet hoe het werkt.
Ben

05-07-2013 15:18

Hallo,
Daarom neem ik Windows 8 nog niet
Ben

05-07-2013 15:19

Hallo,
Dit ziet er netjes uit hoe draait nu de pc.
Gr.Ben
rudi

05-07-2013 15:20

Verstandig…ik raak er helemaal gestoord van:D
In windows 7 (zoals ik heb) doe je e.e.a. fluitend
rudi

05-07-2013 15:26

Als een tierelier !!!!! (tu)
Bedankt !

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

namens renate

rudi

Ben

rudi

Ben

rudi

rudi

Ben

Ben

rudi

rudi