Trage PC

zimm

16-12-2013 17:43

Wie kijkt mn logjes na bij na Trage PC?
alvast dank!
Logfile of random's system information tool 1.09 (written by random/random)
Run by Gebruiker at 2013-12-16 17:38:44
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 14 GB (14%) free of 100 GB
Total RAM: 3070 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:38:55, on 16-12-2013
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Gebruiker\Desktop\RSIT.exe
C:\Program Files\trend micro\Gebruiker.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: “C:\Program Files\AVG\AVG2013\avgui.exe” /TRAYONLY
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: “C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\Run: rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18\..\RunOnce: C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User ‘SYSTEEM’)
O4 - HKUS\.DEFAULT\..\RunOnce: C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User ‘Default user’)
O4 - .DEFAULT User Startup: RUN.EXE (User ‘Default user’)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: acaptuser32.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: RMWPService - Apache Software Foundation - C:\Program Files\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: WlanWpsSvc - Unknown owner - C:\Program Files\Thomson\TG122n\WlanWpsSvc.exe
–
End of file - 8279 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Java™ Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
“RtHDVCpl”=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
“AVG_UI”=C:\Program Files\AVG\AVG2013\avgui.exe
“”=
“Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe
“ehTray.exe”=C:\Windows\ehome\ehTray.exe
“WMPNSCFG”=C:\Program Files\Windows Media Player\WMPNSCFG.exe
“Spotify Web Helper”=C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\AdobeUpdate\updater.exe
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Program Files\Google\Google Talk\googletalk.exe /autostart
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Users\Gebruiker\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\Thomson\TG122n\WlanCU.exe
C:\Users\GEBRUI~1\AppData\Roaming\Dropbox\bin\Dropbox.exe
“AppInit_DLLs”=“acaptuser32.dll”
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
“ConsentPromptBehaviorAdmin”=0
“ConsentPromptBehaviorUser”=0
“EnableInstallerDetection”=0
“EnableLUA”=0
“EnableSecureUIAPaths”=0
“PromptOnSecureDesktop”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“EnableUIADesktopToggle”=0
“NoDriveTypeAutoRun”=145
“NoResolveTrack”=1
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“vidc.uyvy”=msyuv.dll
“vidc.yuy2”=msyuv.dll
“vidc.yvyu”=msyuv.dll
“vidc.iyuv”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“vidc.yvu9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“vidc.cvid”=iccvid.dll
“msacm.siren”=sirenacm.dll
“VIDC.DIVX”=divx.dll
“VIDC.XVID”=xvidvfw.dll
“VIDC.YV12”=yv12vfw.dll
“msacm.ac3acm”=ac3acm.acm
“msacm.lameacm”=lameACM.acm
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2013-12-16 17:38:45 —-D—- C:\Program Files\trend micro
2013-12-16 17:38:44 —-D—- C:\rsit
2013-12-16 17:24:02 —-D—- C:\Program Files\ESET
2013-12-16 17:07:10 —-SHD—- C:\Config.Msi
2013-11-30 14:25:42 —-D—- C:\AdwCleaner
2013-11-25 01:48:36 —-A—- C:\Windows\system32\drivers\avgidsdriverx.sys
2013-11-22 11:43:25 —-D—- C:\Program Files\epson
2013-11-22 11:43:24 —-A—- C:\Windows\system32\eswiaml.dll
2013-11-22 11:43:24 —-A—- C:\Windows\system32\eswia43.dll
2013-11-22 11:43:24 —-A—- C:\Windows\system32\esint43.dll
2013-11-22 11:39:32 —-D—- C:\EPSON
2013-11-21 13:21:24 —-D—- C:\Program Files\iPod
2013-11-21 13:21:22 —-D—- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-21 13:21:22 —-D—- C:\Program Files\iTunes
2013-11-21 11:02:23 —-D—- C:\Program Files\SpotLite
======List of files/folders modified in the last 1 month======
2013-12-16 17:38:55 —-D—- C:\Windows\Prefetch
2013-12-16 17:38:52 —-D—- C:\Windows\Temp
2013-12-16 17:38:45 —-RD—- C:\Program Files
2013-12-16 17:31:46 —-D—- C:\ProgramData\MFAData
2013-12-16 17:30:32 —-D—- C:\Windows\system32\drivers
2013-12-16 17:24:17 —-SD—- C:\Windows\Downloaded Program Files
2013-12-16 17:21:07 —-D—- C:\Windows\Tasks
2013-12-16 17:20:40 —-D—- C:\Windows\System32
2013-12-16 17:20:40 —-A—- C:\Windows\system32\PerfStringBackup.INI
2013-12-16 17:20:38 —-D—- C:\Windows\inf
2013-12-16 17:12:40 —-D—- C:\ProgramData\NVIDIA
2013-12-16 17:12:35 —-D—- C:\Windows
2013-12-16 17:09:56 —-HD—- C:\ProgramData
2013-12-16 17:09:32 —-D—- C:\Users\Gebruiker\AppData\Roaming\uTorrent
2013-12-16 17:07:48 —-SHD—- C:\Windows\Installer
2013-12-16 17:07:36 —-D—- C:\Windows\system32\catroot
2013-12-16 17:07:01 —-SHD—- C:\System Volume Information
2013-12-16 17:06:01 —-D—- C:\Users\Gebruiker\AppData\Roaming\vlc
2013-12-16 17:01:06 —-D—- C:\Windows\winsxs
2013-12-16 17:01:00 —-D—- C:\Program Files\Common Files\Research In Motion
2013-12-16 16:58:04 —-D—- C:\Program Files\Native Instruments
2013-12-16 16:58:04 —-D—- C:\Program Files\Common Files\Native Instruments
2013-12-16 16:56:33 —-D—- C:\Program Files\Belastingdienst
2013-12-16 16:56:26 —-D—- C:\Program Files\Elsevier
2013-12-16 16:56:24 —-D—- C:\Elsevier
2013-12-15 11:54:02 —-D—- C:\Windows\system32\catroot2
2013-12-13 08:48:29 —-D—- C:\Users\Gebruiker\AppData\Roaming\EndNote
2013-12-10 17:54:50 —-A—- C:\Windows\system32\FlashPlayerApp.exe
2013-12-04 13:47:16 —-D—- C:\Users\Gebruiker\AppData\Roaming\Spotify
2013-12-02 10:18:58 —-D—- C:\Program Files\Microsoft Silverlight
2013-12-01 12:24:16 —-D—- C:\ProgramData\Microsoft Help
2013-11-22 11:43:24 —-D—- C:\Windows\twain_32
2013-11-21 13:21:23 —-D—- C:\Program Files\Common Files\Apple
2013-11-21 11:00:21 —-D—- C:\Users\Gebruiker\AppData\Roaming\Vso
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys
R0 AvgMfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys
R0 AvgRkx86;AVG Anti-Rootkit Driver; C:\Windows\System32\Drivers\avgrkx86.sys
R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys
R1 AvgLdx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys
R1 AvgTdiX;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys
S3 a6iti5bh;a6iti5bh; C:\Windows\system32\drivers\a6iti5bh.sys
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys
S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2013\avgfws.exe
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
R2 WlanWpsSvc;WlanWpsSvc; C:\Program Files\Thomson\TG122n\WlanWpsSvc.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 RMWPService;RMWPService; C:\Program Files\Reference Manager 12\WebPublisher\thirdparty\Apache2\bin\RMWP_Apache_Admin.exe
S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
—————–EOF—————–
# AdwCleaner v3.015 - Report created 16/12/2013 at 17:09:55
# Updated 10/12/2013 by Xplode
# Operating System : Windows Vista (TM) Ultimate Service Pack 1 (32 bits)
# Username : Gebruiker - GEBRUIK-XFHAWDX
# Running from : C:\Users\Gebruiker\Desktop\adwcleaner.exe
# Option : Clean
***** *****
***** *****
Folder Deleted : C:\ProgramData\~0
File Deleted : C:\Windows\System32\Tasks\NCH Software
***** *****
***** *****
***** *****
-\\ Internet Explorer v8.0.6001.19088
-\\ Google Chrome v
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2013.12.16.04
Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 8.0.6001.19088
Gebruiker :: GEBRUIK-XFHAWDX
16-12-2013 17:17:47
mbam-log-2013-12-16 (17-17-47).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 241921
Verstreken tijd: 10 minuut/minuten, 38 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Ben

16-12-2013 18:02

Hallo,
Waarom is jou Windows Vista niet up-to-date?
Download
Zoek.zip naar het bureaublad.
Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Antivirussoftware uitschakelen
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Antivirus software uitschakelen
Antispy & malware software uitschakelen
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
Dubbelklik vervolgens op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Klik nu op de knop "Run script".
Er verschijnt een popup met de melding dat er geen script aangetroffen is, druk gewoon op OK.
Zoek.exe gaat nu een scan + reparatie uitvoeren, bij sommige systemen kan dit langer dan een half uur duren.
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht .
zimm

16-12-2013 18:35

Zoek.exe v5.0.0.0 Updated 16-December-2013
Tool run by Gebruiker on ma 16-12-2013 at 18:19:56,79.
Microsoft® Windows Vista™ Ultimate 6.0.6001 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Desktop\zoek (1)\zoek.exe
==== System Restore Info ======================
16-12-2013 18:21:11 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\ProgramData\Thomson.ResearchSoft.Installers deleted
C:\Users\Gebruiker\AppData\Roaming\ISI ResearchSoft deleted
“C:\Users\Gebruiker\AppData\Roaming\Vso” deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
====== C:\Windows\system32\drivers =====
2013-11-25 00:48:36 5BCAE36134162830ED283F4C3D88476A 208184 —-a-w- C:\Windows\System32\drivers\avgidsdriverx.sys
====== C:\Windows\Tasks ======
2013-12-16 16:44:08 EA99CEAC682AC6976F4028005BB14C3C 4046 —-a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2013-12-16 16:44:08 9FD4E7486F07FCAF87568E1959F7A94D 1050 —-a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-16 16:44:06 070A9CA850FF7BB94492626C20C759C0 3794 —-a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2013-12-16 16:44:05 DB5548B98BCA3EE99321125E574EFC59 1046 —-a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-12-16 16:38:45 ——– d—–w- C:\Program Files\trend micro
2013-12-16 16:24:02 ——– d—–w- C:\Program Files\ESET
2013-11-22 10:43:25 ——– d—–w- C:\Program Files\epson
2013-11-21 12:21:24 ——– d—–w- C:\Program Files\iPod
2013-11-21 12:21:22 ——– d—–w- C:\Program Files\iTunes
2013-11-21 10:02:23 ——– d—–w- C:\Program Files\SpotLite
======= C: =====
====== C:\Users\Gebruiker\AppData\Roaming ======
====== C:\Users\Gebruiker ======
2013-12-16 16:44:53 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-12-16 16:09:19 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\Users\Gebruiker\Desktop\RSIT.exe
2013-12-12 15:42:55 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2013-11-22 10:43:25 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
2013-11-21 12:22:47 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2013-11-21 12:21:22 ——– d—–w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
====== C: exe-files ==
2013-12-16 17:19:32 6BC5C2E01151611C13056C08F30717E7 544 —-a-w- C:\$Recycle.Bin\S-1-5-21-1655639956-999997758-1324162407-1000\$I4IKJ4Z.exe
2013-12-16 16:52:54 600B1A4BCC0823A96DC7B86F005ADBB8 51080 —-atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe
2013-12-16 16:52:53 CA0A340ABCF0C14A09691CBC90186AB4 51080 —-atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateBroker.exe
2013-12-16 16:52:49 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 —-a-w- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateSetup.exe
2013-12-16 16:49:33 9CCBA5E2489E603BB1578D1D541252A8 273800 —-atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
2013-12-16 16:49:32 465680BDE344CE4FF6646626AA3A9125 223112 —-atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
2013-12-16 16:49:27 506708142BC63DABA64F2D3AD1DCD5BF 116648 —-atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdate.exe
2013-12-16 16:49:25 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 —-a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe
2013-12-16 16:44:31 8D8E67E5A438E9906CC90C5ED4AA1AD7 35337056 —-a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\31.0.1650.63\31.0.1650.63_chrome_installer.exe
2013-12-16 16:44:02 506708142BC63DABA64F2D3AD1DCD5BF 116648 —-atw- C:\Program Files\Google\Update\GoogleUpdate.exe
2013-12-16 16:43:54 A6F8D4FBC12177A75AB4C06D059229B6 784664 —-a-w- C:\Users\Gebruiker\AppData\Local\Apps\2.0\CRT6NBO1.0YO\2VNXXCQD.T4V\inst…app_4fe91ede9f9bdca3_0001.0003_fc100576141c6894\GoogleUpdateSetup.exe
2013-12-16 16:43:54 A6F8D4FBC12177A75AB4C06D059229B6 784664 —-a-w- C:\Users\Gebruiker\AppData\Local\Apps\2.0\CRT6NBO1.0YO\2VNXXCQD.T4V\clic…exe_4fe91ede9f9bdca3_0001.0003_none_81523f7b64d98436\GoogleUpdateSetup.exe
2013-12-16 16:43:54 2D479A35439E0DFBDBF2FDB6DEE8D49B 10120 ——w- C:\Users\Gebruiker\AppData\Local\Apps\2.0\CRT6NBO1.0YO\2VNXXCQD.T4V\inst…app_4fe91ede9f9bdca3_0001.0003_fc100576141c6894\clickonce_bootstrap.exe
2013-12-16 16:38:47 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\Gebruiker.exe
2013-12-16 16:24:16 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2013-12-16 16:24:15 BDB7D97012F9B3102DB72AA76A24942A 546944 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
2013-12-16 16:24:09 7ABF8849E76732C357F419B1AF5668F2 546944 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2013-12-16 16:24:08 CE0D0B11986FD2C0247AE88A59B36A6E 579904 —-a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2013-12-16 16:24:02 7C9EEC809FB9CDA26EFC245C001EA980 2347384 —-a-w- C:\Program Files\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2013-12-16 16:09:19 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\Users\Gebruiker\Desktop\RSIT.exe
2013-12-16 15:53:44 FFA683DC592D4E91F76714D9BA2272D1 1226750 —-a-w- C:\$Recycle.Bin\S-1-5-21-1655639956-999997758-1324162407-1000\$R4IKJ4Z.exe
2013-12-12 15:40:34 73A4E4E33BAA90B986BC18E693876F44 7658936 —-a-w- C:\Program Files\AVG\AVG2013\avgmfapx.exe
=== C: other files ==
2013-12-16 17:20:23 90A594537C3731C9A3AB3B540868B60B 346 —-a-w- C:\Users\Gebruiker\AppData\Local\Temp\drives.vbs
2013-12-16 17:19:39 B11C8C8985B291D5F8EB42F4BCB86A0C 544 —-a-w- C:\$Recycle.Bin\S-1-5-21-1655639956-999997758-1324162407-1000\$IWSQVVV.zip
2013-12-16 17:19:19 D0B1EB748B562CE8552994A80A6BC1A1 4060908 —-a-w- C:\$Recycle.Bin\S-1-5-21-1655639956-999997758-1324162407-1000\$RWSQVVV.zip
2013-12-12 15:43:31 E178B57D7D59ABF8CEBD8C8D1C7FCAB8 1370673 —-a-w- C:\Program Files\AVG\AVG2013\banners\banners.zip
==== Startup Registry Enabled ======================
“WindowsWelcomeCenter”=“rundll32.exe oobefldr.dll,ShowWelcomeCenter”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /detectMem”
“WindowsWelcomeCenter”=“rundll32.exe oobefldr.dll,ShowWelcomeCenter”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /detectMem”
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
“ehTray.exe”=“C:\Windows\ehome\ehTray.exe”
“WMPNSCFG”=“C:\Program Files\Windows Media Player\WMPNSCFG.exe”
“Spotify Web Helper”=“C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”
“AutoLaunch”=“C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly”
“AutoLaunch”=“C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly”
“RtHDVCpl”=“C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe”
“AVG_UI”=“C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY”
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
“ehTray.exe”=“C:\Windows\ehome\ehTray.exe”
“WMPNSCFG”=“C:\Program Files\Windows Media Player\WMPNSCFG.exe”
“Spotify Web Helper”=“C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”
“AppInit_DLLs”=“acaptuser32.dll”
==== Startup Registry Disabled ======================
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Acrobat Assistant 8.0”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\Acrotray.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Ad-Watch”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Lavasoft\\Ad-Aware\\AAWTray.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe Acrobat Speed Launcher”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\Acrobat_sl.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe ARM”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe Reader Speed Launcher”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe Updater”
“hkey”=“HKCU”
“command”=“C:\\Program Files\\AdobeUpdate\\updater.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“AdobeCS4ServiceManager”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe\“ -launchedbylogin”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“APSDaemon”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Google Update”
“hkey”=“HKCU”
“command”=“\”C:\\Users\\Gebruiker\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\“ /c”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“googletalk”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files\\Google\\Google Talk\\googletalk.exe\“ /autostart”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“iTunesHelper”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\iTunes\\iTunesHelper.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“QuickTime Task”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\QuickTime\\QTTask.exe\“ -atboottime”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Reader Application Helper”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Sony\\ReaderDesktop\\appHelper\\ReaderAppHelper.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“RGSC”
“hkey”=“HKCU”
“command”=“C:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe /silent”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“RIMBBLaunchAgent.exe”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Common Files\\Research In Motion\\USB Drivers\\RIMBBLaunchAgent.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Spotify”
“hkey”=“HKCU”
“command”=“\”C:\\Users\\Gebruiker\\AppData\\Roaming\\Spotify\\Spotify.exe\“ /uri spotify:autostart”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Spotify Web Helper”
“hkey”=“HKCU”
“command”=“\”C:\\Users\\Gebruiker\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SunJavaUpdateSched”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Windows Defender”
“hkey”=“HKLM”
“command”=“%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide”
“path”=“C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Wireless Configuration Utility.lnk”
“backup”=“C:\\Windows\\pss\\Wireless Configuration Utility.lnk.CommonStartup”
“backupExtension”=“.CommonStartup”
“command”=“C:\\PROGRA~1\\Thomson\\TG122n\\WlanCU.exe ”
“item”=“Wireless Configuration Utility”
“path”=“C:\\Users\\Gebruiker\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk”
“backup”=“C:\\Windows\\pss\\Dropbox.lnk.Startup”
“backupExtension”=“.Startup”
“command”=“C:\\Users\\GEBRUI~1\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe ”
“item”=“Dropbox”
==== Startup Folders ======================
2009-08-01 14:42:07 384073 —-a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.EXE
2009-08-01 14:42:07 384073 —-a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.EXE
2013-01-28 10:59:16 384073 —-a-w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.EXE
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Ad-Aware Update (Weekly).job –a—— C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files\Google\Update\GoogleUpdate.exe
==== Other Scheduled Tasks ======================
“C:\Windows\system32\tasks\Ad-Aware Update (Weekly)”
“C:\Windows\system32\tasks\CCleanerSkipUAC”
“C:\Windows\system32\tasks\CreateChoiceProcessTask”
“C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore”
“C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA”
“C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate”
==== Firefox Extensions Registry ======================
“{20a82645-c095-46ed-80e3-08825760534b}”=“C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension”
==== Chrome Look ======================
Google Docs - Gebruiker - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gebruiker - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gebruiker - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gebruiker - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Gebruiker - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gebruiker - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.startpagina.nl/”
“Default_Page_URL”=“http://www.google.nl”
“Default_Page_URL”=“http://www.google.nl”
No DefaultScope Set For HKCU
New Values:
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Page”=“http://www.startpagina.nl/”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url=“http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC”
{450369DE-3275-4B5D-8FEE-8CD3603A8058} Google zoeken Url=“http://www.google.nl/search?hl=nl&q={searchTerms}&meta=”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe deleted successfully
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not found
“C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not found
“C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not found
==== EOF on ma 16-12-2013 at 18:33:16,61 ======================
Ben

16-12-2013 18:48

Hallo,
Installeer nu eerst service pack 2: http://www.microsoft.com/nl-nl/download/details.aspx?id=15278
Plaats daarna een nieuw RSIT logje.
zimm

16-12-2013 19:02

Mijn windows is niet legaal…
Vrees dat bij deze update ik steeds een pop-up krijg van genuine tool
Ben

16-12-2013 19:13

Hallo,
Dan heeft verder helpen geen nut, dan is het dweilen met de kraan open
Zo ben je een bron van verspreiden van infecties niet alleen voor je eigen maar ook voor andere.
Ik zou zeker geen bank zaken doen op deze pc en je adviseren om er toch over na te denken om een legale versie te kopen.
Dit lijkt kinderachtig maar er zijn zoveel aanvallen op Windows dat als we nu je probleem verhelpen het kan zijn dat je morgen het weer terug heb.
zimm

16-12-2013 19:23

Kun je me niet gewoon vertellen of er uit deze logjes blijkt dat er een probleem is?
mvg
Ben

16-12-2013 19:28

Hallo,
Ik zou \Lavasoft\\Ad-Aware in ieder geval verwijderen.
Verder zie ik nog niet direct de oorzaak daarvoor zou ik verder moeten onderzoeken.
Maar dat heeft geen zin zoals ik net uitlegde.
Jos H

16-12-2013 19:51

Uit deze logjes blijkt dat je pc niet up to date is i.v.m. ilegale versie zoals je schrijft. Mogelijk bieden ze je nergens ondersteuning zolang je niet legaal installeert zoals Ben schrijft.
rudi

16-12-2013 20:11

Ik begrijp dan niet dat u desondanks problemen door vrijwilligers wilt laten oplossen, problemen die om de haverklap terug zullen terugkomen

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Trage PC

zimm

Ben

zimm

Ben

zimm

Ben

zimm

Ben

Jos H

rudi