trage pc

Katja

20-10-2013 15:45

Hallo,
Heb pc van vrienden met de vraag of ik hem wilde opruimen omdat hij zo traag is. Alles gedaan wat op het prikbord staat. Is al verbeterd maar mischien hebben jullie nog wat tips. Alvast bedankt.
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe
S0 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe
S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
—————–EOF—————–
Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2013.10.19.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
HP_Eigenaar :: UW-4B58D8528225
Bescherming: Ingeschakeld
14-10-2013 22:06:11
mbam-log-2013-10-14 (22-06-11).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 190178
Verstreken tijd: 18 minuut/minuten, 49 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 2
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Slecht: (1) Goed: (0) -> Succesvol in quarantaine geplaatst en gerepareerd.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Slecht: (1) Goed: (0) -> Succesvol in quarantaine geplaatst en gerepareerd.
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 1
C:\Documents and Settings\HP_Eigenaar\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
# AdwCleaner v3.008 - Report created 14/10/2013 at 21:26:02
# Updated 17/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : HP_Eigenaar - UW-4B58D8528225
# Running from : C:\Documents and Settings\HP_Eigenaar\Local Settings\Temporary Internet Files\Content.IE5\UMU1OGV5\adwcleaner.exe
# Option : Clean
***** *****
***** *****
Folder Deleted : C:\Documents and Settings\HP_Eigenaar\Application Data\registry mechanic
***** *****
***** *****
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF0118D4-63FF-4138-9327-F3028FB1A578}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF0118D4-63FF-4138-9327-F3028FB1A578}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\AVG Security Toolbar
***** *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Google Chrome v28.0.1500.95
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########
fazantje

20-10-2013 20:11

Hoi Katja,
Download zoek.zip naar het bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze in conflict komen met zoek.zip
Klik met de rechtermuisknop op Zoek.zip en klik op de optie “Alles uitpakken”.
Dubbelklik vervolgens op Zoek.exe om de tool te starten.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
firefoxlook;
emptyclsid;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
Klik nu op de knop “Run script”.
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als het nodig is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht.
Succes,
Huib;)
Katja

20-10-2013 22:44

Hoi Huib,
Bij deze het gevraagde logje.
Zoek.exe Version 4.0.0.5 Updated 17-October-2013
Tool run by HP_Eigenaar on di 15-10-2013 at 22:18:16,56.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\HP_Eigenaar\Bureaublad\zoek\zoek.exe
==== Older Logs ======================
C:\zoek-results2013-10-15-195242.log 983 bytes
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-88286813-915873391-3079341789-1008\Software\Microsoft\Internet Explorer\SearchScopes\{482A013D-862C-4FCE-B9E4-6B1BAF37B0E4} deleted successfully
HKEY_USERS\S-1-5-21-88286813-915873391-3079341789-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully
HKEY_USERS\S-1-5-21-88286813-915873391-3079341789-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully
HKEY_USERS\S-1-5-21-88286813-915873391-3079341789-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-88286813-915873391-3079341789-1008\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully
HKEY_USERS\S-1-5-21-88286813-915873391-3079341789-1008\Software\Microsoft\Internet Explorer\URLSearchHooks\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully
==== Running Processes ======================
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\HP_Eigenaar\Bureaublad\zoek\zoek.exe
C:\WINDOWS\system32\msfeedssync.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\found.000 deleted
C:\WINDOWS\wininit.ini deleted
==== System Specs ======================
Windows: Windows XP Home Edition Service Pack 3 (Build 2600)
Memory (RAM): 448 MB
CPU Info: Intel(R) Celeron(R) CPU 3.06GHz
CPU Speed: 3042,7 MHz
Sound Card: Realtek HD Audio rear output |
Display Adapters: ATI RADEON XPRESS 200 Series | ATI RADEON XPRESS 200 Series | NetMeeting driver | RDPDD Chained DD
Monitors: 1x; hp m703 Color Monitor | hp m703 Color Monitor |
Screen Resolution: 1024 X 768 - 32 bit
Network: Network Present
Network Adapters: Realtek RTL8139/810x Family Fast Ethernet NIC - Pakketplanner-minipoort
CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRRW GCA-4164B
Ports: COM3 LPT1
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 68,5GB | D: 6,0GB
Hard Disks - Free: C: 52,5GB | D: 2,1GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 12/02/05 | HP-CPC - 12000502
Time Zone: West-Europa (standaardtijd)
Motherboard *: Hewleet-Packard Asterope
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Updated)
Internet Explorer version: 8.0.6001.18702
Google Chrome version: 30.0.1599.101
Sun Java version: 1.5.0_05 (32-bit)
Shockwave Player version: 11.5.9r615
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
====== C:\DOCUME~1\HP_EIG~1\LOCALS~1\Temp ====
====== C:\WINDOWS\system32 =====
2013-10-14 20:46:26 180E1D44727EB72CB11EC5953C5E4C52 117760 ——w- C:\WINDOWS\System32\prntvpt.dll
2013-10-14 20:46:25 81C4B0077427391D582FBB1B6B9578CB 575488 ——w- C:\WINDOWS\System32\xpsshhdr.dll
2013-10-14 20:46:24 89B23B4BE691942072E0E3F7EDEB33B6 1676288 ——w- C:\WINDOWS\System32\xpssvcs.dll
====== C:\WINDOWS\system32\drivers =====
2013-10-15 13:22:01 0DB7527DB188C7D967A37BB51BBF3963 40776 —-a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2013-10-14 19:49:35 4470E3C1E0C3378E4CAB137893C12C3A 22856 —-a-w- C:\WINDOWS\System32\drivers\mbam.sys
2013-09-25 18:57:14 8A7DC10E81E73994AF8D8FB4E921BA20 120632 —-a-w- C:\WINDOWS\System32\drivers\avgdiskx.sys
====== C:\WINDOWS\Tasks ======
2013-10-10 20:51:09 9C962622B8E263D5310EC30DCAF8B3A8 940 —-a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2013-10-14 22:33:31 ——– d—–w- C:\Program Files\trend micro
2013-10-14 20:49:10 ——– d—–w- C:\Program Files\Reference Assemblies
2013-10-14 20:48:30 ——– d—–w- C:\Program Files\ESET
2013-10-10 19:46:35 ——– d—–w- C:\Program Files\AVG
======= C: =====
====== C:\Documents and Settings\HP_Eigenaar\Application Data ======
2013-10-14 20:54:38 670A6BFFCD7FF4F938FF30C9BD933A6B 170776 —-a-w- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-10-10 19:58:26 ——– d—–w- C:\Documents and Settings\HP_Eigenaar\Application Data\AVG2014
2013-10-10 19:57:05 ——– d—–w- C:\WINDOWS\system32\config\systemprofile\Application Data\AVG2014
2013-10-10 19:55:10 ——– d—–w- C:\Documents and Settings\HP_Eigenaar\Application Data\TuneUp Software
2013-10-10 19:47:07 ——– d—–w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2014
2013-10-10 19:33:07 ——– d—–w- C:\Documents and Settings\HP_Eigenaar\Local Settings\Application Data\Avg2014
====== C:\Documents and Settings\HP_Eigenaar ======
2013-10-15 13:17:58 ——– d–h–r- C:\Documents and Settings\HP_Eigenaar\Onlangs geopend
====== C: exe-files ==
2013-10-14 22:33:31 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\HP_Eigenaar.exe
2013-10-14 20:48:53 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2013-10-14 20:48:51 BDB7D97012F9B3102DB72AA76A24942A 546944 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
2013-10-14 20:48:42 7ABF8849E76732C357F419B1AF5668F2 546944 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2013-10-14 20:48:39 CE0D0B11986FD2C0247AE88A59B36A6E 579904 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2013-10-14 20:48:30 7C9EEC809FB9CDA26EFC245C001EA980 2347384 —-a-w- C:\Program Files\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2013-10-14 20:46:26 9CAC2BEE7724FC829567400EE751856A 597504 ——w- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2013-10-14 20:46:26 9CAC2BEE7724FC829567400EE751856A 597504 ——w- C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe
2013-10-14 19:56:06 9B155261BA16C36605B2046101A2BFA6 12663648 —-a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.101\30.0.1599.101_28.0.1500.95_chrome_updater.exe
2013-10-14 19:45:12 CEFEBDB9E274BD90C12D131ED25CC819 59784 —-atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe
2013-10-14 19:45:11 EB8EEB98D01B5D31898D8E53C3789832 59784 —-atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateBroker.exe
2013-10-14 19:45:05 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 —-a-w- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateSetup.exe
2013-10-14 19:44:14 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 —-atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
2013-10-14 19:44:13 CF7B0E597C1F34E528285495721DEEE9 237960 —-atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
2013-10-14 19:44:12 506708142BC63DABA64F2D3AD1DCD5BF 116648 —-atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdate.exe
2013-10-14 19:43:12 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 —-a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe
2013-10-10 20:55:39 30D0AD41CC60C6A62277BB350A1EBE4E 4369632 —-a-w- C:\Documents and Settings\HP_Eigenaar\Mijn documenten\Downloads\ccsetup406.exe
2013-10-10 20:19:56 2BF1A08F7CB7752AF697EE228514497F 234872 -c—-w- C:\WINDOWS\ie8updates\KB2879017-IE8\spuninst\spuninst.exe
2013-10-10 20:19:45 5520AB5CD41DF70E749E51E92A77B8B9 174592 -c—-w- C:\WINDOWS\ie8updates\KB2879017-IE8\ie4uinit.exe
2013-10-10 19:58:32 4B78E9AE06F7C310E30EE2FA5B7EBC3C 1721296 —-a-w- C:\Program Files\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C993F490EED40C1B.exe
2013-10-10 19:58:14 BB4F6465EEB9ACAA5C60C36983740219 310352 —-a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_4814EB429669E41D.exe
2013-10-10 19:58:07 B9D8842FF3EDAC918039C6F62F322E9A 1073232 —-a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_08875ABF44579E20.exe
2013-10-10 19:56:11 A30351F539D71D6199BD2295CC234E96 531424 —-a-w- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe
2013-10-10 19:55:40 A30351F539D71D6199BD2295CC234E96 531424 —-a-w- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4601.54\GoogleToolbarInstaller_updater_signed.exe
2013-10-10 18:35:26 30161650D725611B0608B9167271ADA1 5516336 —-a-w- C:\Program Files\AVG\AVG2014\avgcremx.exe
=== C: other files ==
2013-10-15 13:22:01 0DB7527DB188C7D967A37BB51BBF3963 40776 —-a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2013-10-14 19:49:35 4470E3C1E0C3378E4CAB137893C12C3A 22856 —-a-w- C:\WINDOWS\system32\drivers\mbam.sys
2013-10-10 19:54:54 F8EDE2B6928970DCE3D5614C27D9E7F6 14976 ——w- C:\WINDOWS\Driver Cache\i386\usbscan.sys
2013-10-10 19:54:54 C569EF030B11F896E123A30AC92678DB 25088 ——w- C:\WINDOWS\system32\dllcache\hidparse.sys
2013-10-10 19:54:54 C569EF030B11F896E123A30AC92678DB 25088 ——w- C:\WINDOWS\Driver Cache\i386\hidparse.sys
2013-10-10 19:52:26 813236B1183CFCF289E367BD5DE6E29E 123008 ——w- C:\WINDOWS\system32\dllcache\usbvideo.sys
2013-10-10 19:52:26 813236B1183CFCF289E367BD5DE6E29E 123008 ——w- C:\WINDOWS\Driver Cache\i386\usbvideo.sys
2013-10-10 19:52:26 65898A183FBF1D1F7759D5CCB364DCD4 60160 ——w- C:\WINDOWS\system32\dllcache\usbaudio.sys
2013-10-10 19:52:26 65898A183FBF1D1F7759D5CCB364DCD4 60160 ——w- C:\WINDOWS\Driver Cache\i386\usbaudio.sys
2013-10-10 19:52:26 4F9694BDEFC1F0629704A1E2B7B96A66 46848 ——w- C:\WINDOWS\Driver Cache\i386\irbus.sys
2013-10-10 19:50:02 1B611611C28D2DF25BC057D79C6F13FC 32384 ——w- C:\WINDOWS\system32\dllcache\usbccgp.sys
2013-10-10 19:50:02 1B611611C28D2DF25BC057D79C6F13FC 32384 ——w- C:\WINDOWS\Driver Cache\i386\usbccgp.sys
2013-10-10 19:50:02 04FE5EF6ED4818EC4839EA5C611A6310 5376 ——w- C:\WINDOWS\system32\dllcache\usbd.sys
2013-10-10 19:50:02 04FE5EF6ED4818EC4839EA5C611A6310 5376 ——w- C:\WINDOWS\Driver Cache\i386\usbd.sys
2013-10-10 19:50:00 6DF35CA139C3BC15CC74390ABB114EFE 144128 ——w- C:\WINDOWS\system32\dllcache\usbport.sys
2013-10-10 19:50:00 6DF35CA139C3BC15CC74390ABB114EFE 144128 ——w- C:\WINDOWS\Driver Cache\i386\usbport.sys
2013-10-10 19:50:00 4BAC8DF07F1D8434FC640E677A62204E 30336 ——w- C:\WINDOWS\system32\dllcache\usbehci.sys
2013-10-10 19:50:00 4BAC8DF07F1D8434FC640E677A62204E 30336 ——w- C:\WINDOWS\Driver Cache\i386\usbehci.sys
==== Startup Registry Enabled ======================
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE”
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE”
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe”
“swg”=“C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
“MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe /background”
“TkBellExe”=“C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot”
“KBD”=“C:\HP\KBD\KBD.EXE”
“ps2”=“C:\WINDOWS\system32\ps2.exe”
“RTHDCPL”=“RTHDCPL.EXE”
“ALCMTR”=“ALCMTR.EXE”
“ATIPTA”=“C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe”
“hpsysdrv”=“c:\windows\system\hpsysdrv.exe”
“SunJavaUpdateSched”=“C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe”
“RECGUARD”=“C:\WINDOWS\SMINST\RECGUARD.EXE”
“AVG_UI”=“C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY”
“HP Software Update”=“C:\Program Files\HP\HP Software Update\HPwuSchd2.exe”
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe”
“swg”=“C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
“MSMSGS”=“C:\Program Files\Messenger\msmsgs.exe /background”
==== Startup Folders ======================
2009-04-14 10:32:46 572 —-a-w- C:\Documents and Settings\Default User\Menu Start\Programma's\Opstarten\Pin.lnk
==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\Adobe Flash Player Updater.job –a—— C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job –a——
C:\WINDOWS\tasks\RMSchedule.job –a—— C:\Program Files\Registry Mechanic\RegMech.exe
C:\WINDOWS\tasks\Symantec NetDetect.job –a——
C:\WINDOWS\tasks\User_Feed_Synchronization-{110406E2-973A-4878-B93E-6D28F5E2C128}.job –ah—– C:\WINDOWS\system32\msfeedssynC:.exe
==== Firefox Extensions Registry ======================
“{20a82645-c095-46ed-80e3-08825760534b}”=“C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension”
==== Chrome Look ======================
Google Docs - HP_Eigenaar - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - HP_Eigenaar - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - HP_Eigenaar - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - HP_Eigenaar - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - HP_Eigenaar - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.google.nl/”
New Values:
“Start Page”=“http://www.google.nl/”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
==== HijackThis Entries ======================
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM\..\Run: C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: RTHDCPL.EXE
O4 - HKLM\..\Run: ALCMTR.EXE
O4 - HKLM\..\Run: “C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe”
O4 - HKLM\..\Run: c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: “C:\Program Files\AVG\AVG2014\avgui.exe” /TRAYONLY
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKUS\S-1-5-19\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)
O4 - HKUS\S-1-5-20\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User ‘Default user’)
O4 - Global Startup: Statusvenster.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra ‘Tools’ menuitem: Verbindingshelp - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
==== Empty IE Cache ======================
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\HP_Eigenaar\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Documents and Settings\HP_Eigenaar\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\HP_EIG~1\LOCALS~1\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
“C:\Documents and Settings\HP_Eigenaar\Local Settings\Temporary Internet Files\Content.IE5\index.dat” not found
“C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat” not deleted
==== EOF on di 15-10-2013 at 22:35:46,56 ======================
fazantje

21-10-2013 00:10

Hoi Katja,
Hoe staat het er nu mee?
Update java, want deze is zeer sterk verouderd.
Laat het volgende bestand hier even scannen en plaats het verkregen logje.
Het gaat om het volgende bestand: C:\WINDOWS\system32\ps2.exe
Groetjes Huib;)
Katja

21-10-2013 00:35

Hoi Huib
BedanktCLSID Name Filename Description Status
{7FFBBA7A-4237-40A2-9FF0-E600A34AA000} Microsoft.SupportCenter 0 Windows-LEIC.SCenter, Windows-****.SCenter Keylogger, detected by Kaspersky antivirus as Trojan-Downloader.Win32.BHO.dw and by AntiVir as TR/Spy.Agen.35328.B X BHO
{0B56B5C3-3D91-4E1D-A234-EB1068624EDA} Microsoft.WirelessNetworks 0 Windows-BETE.wirellesn, Windows-****.wirellesn Keylogger, detected by Kaspersky antivirus as Trojan-Downloader.Win32.BHO.dw and by AntiVir as TR/Spy.Agen.35328.B X BHO
{I1OP5NK3-GKJ1-JP60-6R7Y-Y2Y80P2UWBA3} (no name) windows player.exe Infostealer trojan, see here X BHO
{36DBC179-A19F-48F2-B16A-6A3E19B42A87} (no name) systeminfo.dll, rundll32.dll, esentutl.dll, tskill.dll, odbcad32.dll, winver.dll, rasdial.dll, setup.dll, spoolsv.dll, finger.dll, charmap.dll, runonce.dll, scardsvr.dll, winspool.dll, any filename taken at random from the System or System32 folder Password stealer trojan, detected by Symantec as Infostealer.Bzup.B X BHO
{051276BF-A27E-4C90-8950-E1C6B1141047} windows sidebar windows-sidebar.dll, WINDOW~1.DLL Parasite of Korean origin hailing from winsidebar.net and detected as Win32.Spyware.windowssidebar X BHO
More results in the CLSID List…
Startup List Results
Startup Entry
Name Filename Description Status
hack1x2 C:\WINDOWS\system32:hlpnod32.exe A variant of the Backdoor.Bifrose Note: Located in \%WINDIR%\system32:hlpnod32.exe Note: Please note that this infection is an Alternate Data Stream file attached to the legitimate C:\Windows\System32 folder. Do not delete the C:\Windows\System32 folder as Windows will not operate correctly without it. To delete the Alternate Data Stream you should read this tutorial. Note: Use SDFix under supervision. X
CTFMON wscript.exe /E:vbs C:\WINDOWS\system32\winjpg.jpg Added by the W32/Autorun-ALB ADWARE! Note: Located in \%WINDIR%\%System%\ Note: Spreads via removable media. X
WinShowUpdate copy C:\WINDOWS\winshow.new C:\WINDOWS\winshow.dll Winshow parasiate related - from the “RunOnce” keys it replaces “winshow.dll” with a new version X
DriverPath system32.exe Added by the Troj/Prorat-S TROJAN! Note: This trojan file is found in the Windows or Winnt folder. X
System32 System32.exe Added by the MARI, SYSXXX and other VIRUSES! X
More results in the Startup List…
O20 List Results
AppInit_DLLs & Winlogon Notify
Name Filename Description Status
st3 C:\WINDOWS\system32\st3.dll TrojanDownloader.Delf.NBH X Winlogon Notify
sunotify WINDOWS\SYSTEM32\sunotify.dll ShadowUser_Pro - Create a virtual copy of your system for private and safe Web surfing. L Winlogon Notify
(no name) Windows\System32\vsmvhk.dll folder in (XP) ShadowUser_Pro - Create a virtual copy of your system for private and safe Web surfing. L AppInit_DLLs
welcome .dll ins System32 directory Spyware.Look2Me X Winlogon Notify
winnt32 %SYSDIR%\SYSTEM32\WinNt32.dll W32/Mutant.XE!tr.dldr X Winlogon Notify
More results in the O20 List…
O21 List Results
ShellServiceObjectDelayLoad
CLSID Name Filename Description Status
{1DBD6574-D6D0-4782-94C3-69619E719765} (no name) %WINDOWS%\help\B41346EFA848.dll Troj/Lineag-FC X
{BCBCD383-3E06-11D3-91A9-00C04F68105C} AUHook C:\WINDOWS\SYSTEM\AUHOOK.DLL Windows ME Microsoft AutoUpdate L
{********-****-****-****-************} System %SYSDIR%\system32.dll CWS variant (Greatsearch) X
{7849596a-48ea-486e-8937-a2a3009f31a9} PostBootReminder %SystemRoot%\system32\SHELL32.dll Microsoft Windows L
{fbeb8a05-beee-4442-804e-409d6c4515e9} CDBurn %SystemRoot%\system32\SHELL32.dll Microsoft Windows L
O22 List Results
Shared Task Scheduler
CLSID Name Filename Description Status
{3F143C3A-1457-6CCA-03A7-7AA23B61E40F} (no name) c:\windows\system32\mtwirl32.dll CWSChronicles X
O23 List Results
Windows Services
Name Filename Description Status
Service name: Messenger system32.exe See Symantec Trojan.Esteems.B Location: C\Windows\system\system32.exe (9X\ME) or C\Windows or Winnt\system32\system32.exe (NT\2000\XP) X
system32 (system32) system32.exe Added by the Troj/GrayBird-U TROJAN! Note: This trojan file is found in the Windows or Winnt folder. Note: Also see Troj/Graybird-G X
WindowsFirewall system32.exe Added by a variant of the IRCBOT Note: Located in \%WINDIR%\ Note: Use SDFix under supervision. X
MS Internet Countermeasures Framework (ICF) \System32:svchost.exe Added by an unidentified TROJAN! of the Sdbot family. Note Note: DO NOT delete the svchost.exe file. X
Java development Services windows.exe Added by an unidentified TROJAN! of the Sdbot family. Note: This worm\trojan is located in C:\%WINDIR%\ folder. X
More results in the O23 List…
O16 List Results
ActiveX
CLSID Name Filename Description Status
{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} DPF jinstall-142-windows-i586.cab Related to an old version of Sun Microsystems Java Software. For your Security you are urged to update your version. Sun Java update site ?
{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} DPF jinstall-14-windows-i586.cab Related to an old version of Sun Microsystems Java Software. For your Security you are urged to update your version. http://www.java.com/en/download/installed.jsp ?
{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA} Java Plug-in 1.4.2_13 jinstall-142-windows-i586.cab Related to an old version of Sun Microsystems Java Software. For your Security you are urged to update your version. Sun Java update site ?
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} Java Plug-in 1.4.2_03 jinstall-windows-i586.cab Related to an old version of Sun Microsystems Java Software. For your Security you are urged to update your version. Sun Java update site ?
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Java Plug-in *.*.*_** jinstall-*_*_*_**-windows-i586.cab Could be related to an old version of Sun Microsystems Java Software. For your Security you are urged to check and update your version if required. Verify Java Version ?
More results in the O16 List…
SEH List Results
ShellExecuteHook
CLSID Name Filename Description Status
{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} Microsoft AntiMalware ShellExecuteHook Windows Defender\MpShHook.dll Windows Defender L
{AEB6717E-7E19-11d0-97EE-00C04FD91974} (no name) %SYSDIR%\windows.dll, winforms.dll TSPY_ONLINEG.IOT trojan X
{ACC52793-08DC-42BB-99AB-F70FD2A7E244} ??- SEApproved %PROGRAMFILES%\Windows???\WinCipShe
ll.dll Infostealer trojan, see here X
{56F9679E-7826-4C84-81F3-532071A8BCC5} Windows Desktop Search Namespace Manager %ProgramFiles%\Windows Desktop Search\MSNLNamespaceMgr.dll Windows Desktop Search L
Drivers List Results
Driver Entry
Name Filename Description Status
Hp.Skyroom.Windows.Service Hp.Skyroom.Windows.Service.exe Related to Hp.Skyroom.Windows.Service.exe HP SkyRoom service from Hewlett-Packard L
Windows RemoteHelp Desk Windows RemoteHelp Desk.DLL Added by the Windows RemoteHelp Desk.DLL Infostealer trojan, detected by ESET's Nod32 antivirus as a variant of Win32/Korplug.J Note: Located in \%AppData%\ X
FF Extensions List Results
Firefox Extension
CLSID Name Filename Description Status
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} JAVA jinstall-1_6_0_35-windows-i586.cab Related to an old version of Sun Microsystems Java Software. ?
Active Setup List Results
Active Setup - Installed Component
CLSID Name Filename Description Status
{89B4C1CD-B018-4511-B0A1-5476DBF70820} (no name) Rundll32.exe C:\Windows\system32\mscories.dll,In
stall Microsoft® .NET Framework L
{2D46B6DC-2207-486B-B523-A557E6D54B47} (no name) (Command Line): cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache Microsoft Internet Explorer L
{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} (no name) (command:) rundll32.exe c:\windows\system32\advpack.dll,lau
nchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall
.ResetTour,,12 Microsoft Internet Explorer L
{56J64GHE-13D3-RQRI-Y280-4S76L44INOE3} (no name) SYSTEM32.exe Infostealer trojan, detected by ESET's Nod32 antivirus as Win32/Injector.JRX, see here X
{NX2654R4-OO7W-VU3E-L4HK-QF5TM2F4X1QB} (no name) SYSTEM32.exe Infostealer trojan, detected by Microsoft as Worm:Win32/Rebhip.A - also see here X
More results in the Active Setup List…
Powered by SystemLookup Engine. © 2008-2012 BrightFort. All Rights Reserved. | Privacy Policy | Terms of Use voor je reactie bedoel je dit?
fazantje

21-10-2013 08:17

Hoi Katja,
Download securitycheck en sla het op je Bureaublad op.
Start Security Check.
Volg de Instructies in het scherm.
Aan het eind verschijnt een log (checkup.txt) plaats de inhoud ervan in je volgende antwoord.
Groetjes Huib;)
Katja

21-10-2013 11:09

Hallo Huib
Nog weinig verandering. Gisteravond kwam bij het uitzetten de melding dat er nog weer 20 updates waren van windows. heb hem vanacht maar aan laten staan wan Results of screen317's Security Check version 0.99.74
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
AVG 2014
ESET Online Scanner v3
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java(TM) 6 Update 45
Java version out of Date!
Google Chrome 28.0.1500.95
Google Chrome 30.0.1599.101
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````
t ook dat duurt erg lang.Kan ik al weer wat verwijderen of zeg je wacht nog maar even? Alvast weer bedankt.
fazantje

21-10-2013 11:32

Hoi Katja,
Ik heb de logjes nog eens doorgenomen en zag ook nog dat het ramgeheugen aan het opraken is, zie: Memory (RAM): 448 MB
Dit is wel heel erg weinig en dat verklaard ook de traagheid.
Mijn advies is om een geheugenbankje erbij te laten plaatsen en daarna ons schoonmaakplan eens uit te voeren.
Als je jou bankje er uit haalt, dan kun je op dat bankje lezen welk type je moet hebben en zo op marktplaats een bankje kopen.
Deze bankjes kosten bijna niks.
Voor maximaal €10,00 ben je klaar.
Laat even weten hoe het daarna gaat.
De gebruikte programma's mag je verwijderen, en wel op de volgende manier:
ADW cleaner gebruik de eigen uninstal, door het programma te starten.
Rest op onderstaande manier:
Download Delfix by Xplode naar het bureaublad.
Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:
Remove disinfection tools
Create registry backup
Purge System Restore
Reset system settings
Klik nu op “Run” en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt.
Dit hoeft je echter niet te plaatsen.
Mochten er nog tools overgebleven zijn dan kan je die zelf verwijderen.
Groetjes Huib;)
Katja

21-10-2013 12:22

Hallo Huib
Zal het doorgeven ik krijg vanmiddag nog een andere pc van ze die mischien iets beter is? Dus of ze geheugen gaan kopen? Zoja laat ik weten hoe het verder gaat. In ieder geval vriendelijk bedankt voor het kijken en advies.
Groetjes Katja
Jos H

21-10-2013 14:27

Geheugen zal waarschijnlijk 512 MB zijn waar shared videogeheugen afgaat.?

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

trage pc

Katja

fazantje

Katja

fazantje

Katja

fazantje

Katja

fazantje

Katja

Jos H