trage pc

Daniel

21-09-2013 19:13

Hallo
mijn pc is regelmatig traag en dan loopt t zandlopertje steeds net of er iets mee draaid
kunnen jullie de logjes uitlezen aub?
gr Daniel
Logfile of random's system information tool 1.09 (written by random/random)
Run by Dennis at 2013-09-21 19:05:50
Microsoft Windows XP Professional Service Pack 3
System drive C: has 43 GB (56%) free of 76 GB
Total RAM: 2048 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:06:00, on 21-9-2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Dennis\Bureaublad\RSIT.exe
C:\Program Files\trend micro\Dennis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: “C:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Dennis\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=972
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
–
End of file - 5039 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
======Registry dump======
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll
Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
“MSC”=C:\Program Files\Microsoft Security Client\msseces.exe
“ctfmon.exe”=C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe /Manual
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.EXE /FU C:\WINDOWS\TEMP\E_S9E.tmp /EF HKCU
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe
C:\WINDOWS\system32\dumprep 0 -k
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Driver-Soft\DriverGenius\StarterW3i.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
“NMIndexingService”=3
“StarWindServiceAE”=2
“ose”=3
“odserv”=3
“MBAMService”=3
“JavaQuickStarterService”=2
“Crypkey License”=2
“Bonjour Service”=3
“Apple Mobile Device”=3
“WMDM PMSP Service”=2
“AdvancedSystemCareService5”=3
“PLFlash DeviceIoControl Service”=2
“Nero BackItUp Scheduler 3”=2
“WMPNetworkSvc”=3
“gupdatem”=3
“gupdate”=3
“Sony SCSI Helper Service”=3
“ABBYY.Licensing.FineReader.Sprint.9.0”=2
“gusvc”=3
C:\WINDOWS\system32\WgaLogon.dll
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoDriveTypeAutoRun”=323
“”=
“NoDriveAutoRun”=67108863
“NoDriveAutoRun”=67108863
“NoDriveTypeAutoRun”=323
“%windir%\Network Diagnostic\xpnetdiag.exe”=“%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000”
“%windir%\system32\sessmgr.exe”=“%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019”
“C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE”=“C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook”
“C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE”=“C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote”
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”=“C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call”
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger”
“C:\WINDOWS\system32\mmc.exe”=“C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console”
“C:\Program Files\Epson Software\Event Manager\EEventManager.exe”=“C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application”
“C:\WINDOWS\system32\muzapp.exe”=“C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player”
“F:\NewsBin\nbpro.exe”=“F:\NewsBin\nbpro.exe:*:Enabled:NewsBin Pro”
“C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe”=“C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit”
“C:\Program Files\Bonjour\mDNSResponder.exe”=“C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service”
“C:\Program Files\Internet Explorer\iexplore.exe”=“C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer”
“C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe”=“C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software”
“%windir%\Network Diagnostic\xpnetdiag.exe”=“%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000”
“%windir%\system32\sessmgr.exe”=“%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019”
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”=“C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call”
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger”
“midimapper”=midimap.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msadpcm”=msadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.trspch”=tssoft32.acm
“vidc.cvid”=iccvid.dll
“vidc.I420”=msh263.drv
“vidc.iv31”=ir32_32.dll
“vidc.iv32”=ir32_32.dll
“vidc.iv41”=ir41_32.ax
“vidc.iyuv”=iyuv_32.dll
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“vidc.uyvy”=msyuv.dll
“vidc.yuy2”=msyuv.dll
“vidc.yvu9”=tsbyuv.dll
“vidc.yvyu”=msyuv.dll
“wavemapper”=msacm32.drv
“msacm.msg723”=msg723.acm
“vidc.M263”=msh263.drv
“vidc.M261”=msh261.drv
“msacm.msaudio1”=msaud32.acm
“msacm.sl_anet”=sl_anet.acm
“msacm.iac2”=C:\WINDOWS\system32\iac25_32.ax
“vidc.iv50”=ir50_32.dll
“msacm.l3acm”=C:\WINDOWS\system32\l3codeca.acm
“msacm.siren”=sirenacm.dll
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“vidc.ffds”=ff_vfw.dll
“vidc.xvid”=xvidvfw.dll
“vidc.lags”=lagarith.dll
“msacm.ac3filter”=ac3filter.acm
“msacm.divxa32”=DivXa32.acm
“msacm.lameacm”=LameACM.acm
======List of files/folders created in the last 1 month======
2013-09-21 19:05:50 —-D—- C:\rsit
2013-09-21 19:00:03 —-D—- C:\AdwCleaner
2013-09-19 18:15:31 —-D—- C:\Program Files\Common Files\Java
2013-09-19 18:15:24 —-A—- C:\WINDOWS\system32\javaws.exe
2013-09-19 18:15:17 —-A—- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-09-19 18:15:17 —-A—- C:\WINDOWS\system32\javaw.exe
2013-09-19 18:15:17 —-A—- C:\WINDOWS\system32\java.exe
2013-09-13 09:25:22 —-HDC—- C:\WINDOWS\$NtUninstallKB2876315$
2013-09-13 09:24:57 —-HDC—- C:\WINDOWS\$NtUninstallKB2876217$
2013-09-13 09:24:18 —-HDC—- C:\WINDOWS\$NtUninstallKB2864063$
2013-09-12 09:49:33 —-D—- C:\Program Files\Spotnet
2013-09-12 09:49:33 —-D—- C:\Documents and Settings\All Users\Application Data\Spotnet
2013-08-28 07:53:12 —-HDC—- C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
======List of files/folders modified in the last 1 month======
2013-09-21 19:05:57 —-D—- C:\WINDOWS\Prefetch
2013-09-21 19:05:55 —-D—- C:\Program Files\trend micro
2013-09-21 19:05:02 —-D—- C:\WINDOWS\Temp
2013-09-21 19:03:02 —-A—- C:\WINDOWS\SchedLgU.Txt
2013-09-21 18:59:10 —-D—- C:\WINDOWS\system32\drivers
2013-09-21 16:05:48 —-D—- C:\WINDOWS\system32\CatRoot2
2013-09-21 16:05:01 —-SD—- C:\WINDOWS\Tasks
2013-09-19 18:15:33 —-SHD—- C:\WINDOWS\Installer
2013-09-19 18:15:33 —-D—- C:\Config.Msi
2013-09-19 18:15:31 —-D—- C:\Program Files\Common Files
2013-09-19 18:15:25 —-D—- C:\WINDOWS\system32
2013-09-19 18:14:54 —-A—- C:\WINDOWS\system32\npDeployJava1.dll
2013-09-19 18:14:53 —-A—- C:\WINDOWS\system32\deployJava1.dll
2013-09-19 17:48:18 —-A—- C:\WINDOWS\NeroDigital.ini
2013-09-18 07:06:39 —-D—- C:\WINDOWS
2013-09-15 18:41:48 —-HD—- C:\WINDOWS\inf
2013-09-14 14:18:31 —-D—- C:\Documents and Settings\Dennis\Application Data\Vso
2013-09-14 14:18:29 —-D—- C:\WINDOWS\Debug
2013-09-14 07:13:35 —-A—- C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-13 10:37:14 —-D—- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-09-13 09:41:39 —-D—- C:\Program Files\Internet Explorer
2013-09-13 09:28:41 —-RSHDC—- C:\WINDOWS\system32\dllcache
2013-09-13 09:16:55 —-D—- C:\WINDOWS\system32\MRT
2013-09-13 09:12:12 —-A—- C:\WINDOWS\system32\MRT.exe
2013-09-12 09:49:33 —-RD—- C:\Program Files
2013-09-10 17:05:18 —-SD—- C:\WINDOWS\Downloaded Program Files
2013-09-09 08:43:14 —-D—- C:\WINDOWS\system32\config
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys
R1 AmdK7;Stuurprogramma voor AMD K7-processor; C:\WINDOWS\system32\DRIVERS\amdk7.sys
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys
R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys
R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys
R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys
S3 ag95mcmp;ag95mcmp; C:\WINDOWS\system32\drivers\ag95mcmp.sys
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS
S3 catchme;catchme; C:\WINDOWS\system32\drivers\catchme.sys
S3 ctljystk;Creative SB Live!-spelpoort; C:\WINDOWS\system32\DRIVERS\ctljystk.sys
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet-adapter - NT-stuurprogramma; C:\WINDOWS\system32\DRIVERS\fetnd5.sys
S3 kxwdmdrv;kX WDM Driver Service; C:\WINDOWS\system32\drivers\kx.sys
S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudserd.sys
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
S4 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
S4 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
S4 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe
S4 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe
S4 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe
S4 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
S4 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe
S4 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe
—————–EOF—————–
# AdwCleaner v3.004 - Report created 21/09/2013 at 19:02:35
# Updated 15/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Dennis - DENNIS-B7152B1D
# Running from : C:\Documents and Settings\Dennis\Mijn documenten\adwcleaner.exe
# Option : Clean
***** *****
***** *****
***** *****
***** *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9FA57E32-3D16-4FF8-884B-174A5A257F01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{9FA57E32-3D16-4FF8-884B-174A5A257F01}
***** *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Google Chrome v23.0.1271.64
Deleted : icon_url
Deleted : search_url
Deleted : keyword
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2013.09.21.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Dennis :: DENNIS-B7152B1D
21-9-2013 18:48:14
mbam-log-2013-09-21 (18-48-14).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 220880
Verstreken tijd: 10 minuut/minuten, 48 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
fazantje

22-09-2013 09:47

Hoi Daniel,
Sorry voor de late reactie.
Het AV team was gisteravond afwezig:)-D
Download zoek.zip naar het bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze in conflict komen met zoek.zip
Klik met de rechtermuisknop op Zoek.zip en klik op de optie “Alles uitpakken”.
Dubbelklik vervolgens op Zoek.exe om de tool te starten.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
firefoxlook;
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
Klik nu op de knop “Run script”.
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als het nodig is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht.
Succes,
Huib;)
Daniel

22-09-2013 18:59

logje zoek zip
Zoek.exe Version 4.0.0.4 Updated 19-September-2013
Tool run by Dennis on zo 22-09-2013 at 18:45:44,03.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\DOCUME~1\Dennis\LOCALS~1\Temp\Rar$EXa0.210\zoek.exe
==== System Restore Info ======================
22-9-2013 18:47:01 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Dennis\LOCALS~1\Temp\Rar$EXa0.210\zoek.exe
C:\WINDOWS\system32\wscntfy.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
“C:\Documents and Settings\Dennis\Application Data\Vso” deleted
==== System Specs ======================
Windows: Windows XP Professional Service Pack 3 (Build 2600)
Memory (RAM): 2048 MB
CPU Info: AMD Athlon(TM) XP 3000+
CPU Speed: 2137,3 MHz
Sound Card: SB Live Audio |
Display Adapters: NVIDIA GeForce4 MX 440 with AGP8X (Microsoft Corporation) | NetMeeting driver | RDPDD Chained DD
Monitors: 1x; Plug en Play-monitor |
Screen Resolution: 1280 X 1024 - 32 bit
Network: Network Present
Network Adapters: VIA Compatable Fast Ethernet Adapter - Pakketplanner-minipoort
CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-S222L
Ports: COM3 | COM4 | COM5 | COM1 LPT1
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 74,5GB | F: 74,5GB
Hard Disks - Free: C: 41,0GB | F: 27,6GB
Manufacturer *: Award Software, Inc.
BIOS Info: AT/AT COMPATIBLE | 08/06/03 | ASUS - 42302e31
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK Computer INC. A7V8X-X
Internet Explorer Version: 8.0.6001.18702
Sun Java version: 1.7.0_40
Country: Nederland
Language: NLD
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
====== C:\DOCUME~1\Dennis\LOCALS~1\Temp ====
====== Java Cache =====
2013-09-19 16:16:13 DBD61612A158EB5F48789F275A705413 12767 —-a-w- C:\Documents and Settings\Dennis\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\17\20c81051-52307d82
2013-09-19 16:16:13 3302136A5932EB7F9942185C303A651D 759 —-a-w- C:\Documents and Settings\Dennis\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\17\4da2e051-68f10f82
2013-09-19 16:16:15 A6DB0B8ECCEBB50524FDAAF93161221F 242 —-a-w- C:\Documents and Settings\Dennis\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\2\8256342-68e52ee8
2013-09-19 16:16:07 FF2A7A2030158BA7EF7EDBBC3D435090 86299 —-a-w- C:\Documents and Settings\Dennis\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\20\39cc6c94-79b828dd
2013-09-19 16:16:13 EDB6F74BF87FB2A350228F137B589DB2 35102 —-a-w- C:\Documents and Settings\Dennis\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\31\424bea1f-5fe8f715
2013-09-19 16:16:13 EBB31575546BB89D8AED98FECE86E131 35187 —-a-w- C:\Documents and Settings\Dennis\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\56\78c005f8-4b6b6f92
2013-09-19 16:16:16 0807C7D558022E0DAA57673B6A986F8E 3954 —-a-w- C:\Documents and Settings\Dennis\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\63\2d79353f-61113317
====== C:\WINDOWS\system32 =====
2013-09-19 16:15:25 409ADC57814C2E2A15A798BF4BE05ED3 144896 —-a-w- C:\WINDOWS\System32\javacpl.cpl
2013-09-19 16:15:24 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 —-a-w- C:\WINDOWS\System32\javaws.exe
2013-09-19 16:15:17 EC94122E6DCB6E731D8513A89AC9CF12 175016 —-a-w- C:\WINDOWS\System32\javaw.exe
2013-09-19 16:15:17 EC2A0F271C0FD4AD57B137845577F539 175016 —-a-w- C:\WINDOWS\System32\java.exe
2013-09-19 16:15:17 65F0FBCDBBA20FC4B0DADCA922150A99 94632 —-a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll
====== C:\WINDOWS\system32\drivers =====
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2013-09-19 16:15:31 ——– d—–w- C:\Program Files\Common Files\Java
2013-09-12 07:49:33 ——– d—–w- C:\Program Files\Spotnet
======= C: =====
====== C:\Documents and Settings\Dennis\Application Data ======
====== C:\Documents and Settings\Dennis ======
2013-09-21 17:05:25 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\Documents and Settings\Dennis\Bureaublad\RSIT.exe
2013-09-21 16:53:59 6A6CE9A0410A29061FCF6CAD8DE0387C 1039554 —-a-w- C:\Documents and Settings\Dennis\Mijn documenten\adwcleaner.exe
2013-09-17 20:56:33 ——– d–h–r- C:\Documents and Settings\Dennis\Onlangs geopend
2013-09-12 06:32:52 0F00095C28C068C80F5AF04F5F7958FB 11065159 —-a-w- C:\Documents and Settings\Dennis\Bureaublad\spotnet181.exe
====== C: exe-files ==
2013-09-21 17:05:25 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\Documents and Settings\Dennis\Bureaublad\RSIT.exe
2013-09-21 16:53:59 6A6CE9A0410A29061FCF6CAD8DE0387C 1039554 —-a-w- C:\Documents and Settings\Dennis\Mijn documenten\adwcleaner.exe
2013-09-19 16:15:01 20121F1F03EA62AE7DBE20A5C065E62B 146344 —-a-w- C:\Program Files\Java\jre7\bin\unpack200.exe
2013-09-19 16:15:00 F744671F237351A00580DEBDA7B13C58 15784 —-a-w- C:\Program Files\Java\jre7\bin\servertool.exe
2013-09-19 16:15:00 DE16D31DDE767A35C4727D4F5C4F5165 49064 —-a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe
2013-09-19 16:15:00 8B060210811F4C88280BB1FE097C8D18 15784 —-a-w- C:\Program Files\Java\jre7\bin\policytool.exe
2013-09-19 16:15:00 879FBD4327A0411AD856CD256E05ACC8 15784 —-a-w- C:\Program Files\Java\jre7\bin\pack200.exe
2013-09-19 16:15:00 85369335B06BA3EF80DBB2463BD75FC6 15784 —-a-w- C:\Program Files\Java\jre7\bin\rmid.exe
2013-09-19 16:15:00 79E6E98DD340052FB62E85FC5C0F40B9 15784 —-a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe
2013-09-19 16:15:00 46D4A740A9CD31274B372AB31FDAB767 16296 —-a-w- C:\Program Files\Java\jre7\bin\orbd.exe
2013-09-19 16:15:00 33329EE40961C9F75753135EEFEE5215 16296 —-a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe
2013-09-19 16:14:59 F07B981F68160C8932BD7E2A056E3542 15784 —-a-w- C:\Program Files\Java\jre7\bin\kinit.exe
2013-09-19 16:14:59 8BAE06DA395B81D5BB9D335719B4C71F 15784 —-a-w- C:\Program Files\Java\jre7\bin\keytool.exe
2013-09-19 16:14:59 3F17C8C96551E1DFADAD909282D7A53B 15784 —-a-w- C:\Program Files\Java\jre7\bin\ktab.exe
2013-09-19 16:14:59 14478E73336D593E396FEE603118DF73 15784 —-a-w- C:\Program Files\Java\jre7\bin\klist.exe
2013-09-19 16:14:58 A5937B2A94424CF1B13A4AD503AF6B2E 182696 —-a-w- C:\Program Files\Java\jre7\bin\jqs.exe
2013-09-19 16:14:57 ED2542D50B46FACB647E9ACE15376F71 52648 —-a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe
2013-09-19 16:14:56 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 —-a-w- C:\Program Files\Java\jre7\bin\javaws.exe
2013-09-19 16:14:55 FE62A080B6B3846FB18F04B488BF686F 66984 —-a-w- C:\Program Files\Java\jre7\bin\javacpl.exe
2013-09-19 16:14:55 FB81754A3C79379C3882128875C8C948 48552 —-a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe
2013-09-19 16:14:55 EC94122E6DCB6E731D8513A89AC9CF12 175016 —-a-w- C:\Program Files\Java\jre7\bin\javaw.exe
2013-09-19 16:14:55 EC2A0F271C0FD4AD57B137845577F539 175016 —-a-w- C:\Program Files\Java\jre7\bin\java.exe
2013-09-19 16:14:55 20238A6FE9CA82DB6AA17CB08F4906CF 15784 —-a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe
=== C: other files ==
2013-09-19 16:15:01 8C636C988365FC3E61F1B5C5ACECCB55 18675 —-a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip
==== Startup Registry Enabled ======================
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE”
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe”
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE”
“MSC”=“C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey”
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe”
==== Startup Registry Disabled ======================
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“”
“hkey”=“HKLM”
“command”=“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe ARM”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Advanced SystemCare 5”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files\\IObit\\Advanced SystemCare 5\\ASCTray.exe\“ /Manual”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“axcmd”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files\\Alcohol Soft\\Alcohol 120\\axcmd.exe\“ /automount”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“APSDaemon”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“EEventManager”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“EPSON SX130 Series”
“hkey”=“HKCU”
“command”=“C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIHJE.EXE /FU \”C:\\WINDOWS\\TEMP\\E_S9E.tmp\“ /EF \”HKCU\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”
“hkey”=“HKCU”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“iTunesHelper”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\iTunes\\iTunesHelper.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Jet Detection”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Creative\\SBLive\\PROGRAM\\ADGJDet.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“KernelFaultCheck”
“hkey”=“HKLM”
“command”=“%systemroot%\\system32\\dumprep 0 -k”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Malwarebytes' Anti-Malware”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\“ /starttray”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“NBKeyScan”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“NeroFilterCheck”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Common Files\\Nero\\Lib\\NeroCheck.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“RIMBBLaunchAgent”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Common Files\\Research In Motion\\USB Drivers\\RIMBBLaunchAgent.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“StarterW3i”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Driver-Soft\\DriverGenius\\StarterW3i.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SunJavaUpdateSched”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\“”
==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\Adobe Flash Player Updater.job –a—— C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job –a—— C:\Program Files\AppleC:oftware Update\SoftwareUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job –a——
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job –ah—– C:\Program Files\Microsoft Security Client\MpCmdRun.exe
==== Chrome Look ======================
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Documents and Settings\Dennis\Application Data\DVDVideoSoft\dvsYoutubeDownload.crx
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.google.nl/”
New Values:
“Start Page”=“http://www.google.nl/”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url=“http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
==== HijackThis Entries ======================
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: “C:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Dennis\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=972
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
==== Empty IE Cache ======================
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Dennis\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Dennis\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Documents and Settings\Dennis\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Dennis\LOCALS~1\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
“C:\Documents and Settings\Dennis\Local Settings\Temporary Internet Files\Content.IE5\index.dat” not deleted
==== EOF on zo 22-09-2013 at 18:56:59,45 ======================
fazantje

22-09-2013 20:07

Hoi Daniel, of is het Dennis?
Hoe gaat het nu met de traagheid?
Groetjes Huib;)
Daniel

22-09-2013 21:26

denk dat ie beter reageerd nu
ben Daniel en pc is van Dennis (paps)
die gebruikt vaak dit forum voor alle pc,s van familie etc om op te schonen
ik moest ff een topic aanmaken hij had geen tijd
en deze pc was zzzzoooooooooooooo traag
o
fazantje

22-09-2013 21:46

Hoi Daniel,
Bedenk wel dat het een XP is heh.
Zal in de loop van de tijd wel steeds langzamer worden.
En laat je vader ook oppassen met azureus (nu vuze).
Rotzooi is zo binnen gehaald:(
Download Delfix by Xplode naar het bureaublad.
Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:
Activate UAC
Remove disinfection tools
Create registry backup
Purge System Restore
Reset system settings
Klik nu op “Run” en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt.
Dit hoeft je echter niet te plaatsen.
Mochten er nog tools overgebleven zijn dan kan je die zelf verwijderen.
Laat ook regelmatig het schoonmaakplan uitvoeren.
Groetjes Huib;)
Daniel

22-09-2013 21:52

hoi
wat is azureus? en hoe haal ik t weg?
hij gebruikt alleen spotnet dat ik weet
fazantje

22-09-2013 22:07

Hoi Daniel,
Grrrrr, ben ff met een ander logje in de war.
Vuze is niet aanwezig:)
Groetjes Huib;)
Daniel

22-09-2013 22:09

hahahahhaaaaa
gedaan dat expl… alleen kom niet Activate UAC
aan vinken
fazantje

22-09-2013 22:16

Geef niet, dat is met XP zo;)
Groetjes Huib;)

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

trage pc

Daniel

fazantje

Daniel

fazantje

Daniel

fazantje

Daniel

fazantje

Daniel

fazantje