Vraag & Antwoord

Beveiliging & privacy

Laptop gefixed, desktop traag

Anoniem
Abraham54
5 antwoorden
 • Hallo Abraham 54,
  Wat betreft de laptop: Mijn dank, ik heb al je adviezen opgevolgd en deze loopt weer als een trein.
  Kun je me ook helpen met mijn desktop. Is een oudje, maar deed het een jaar geleden nog redelijk en nu is hij zo traag hoewel er meer van af gehaald is dan dat er is op gezet. Alvast voor je hulp.
  Mvg
  Ben
 • Een ouwertje al, dan gaan we eens kijken.

  [b:650f072e37]Welk programma[/b:650f072e37]: RSIT
  [b:650f072e37]Waarvoor/waarom[/b:650f072e37]: geeft een zeer uitgebreid overzicht van Windows
  [b:650f072e37]Moeilijkheidsgraad[/b:650f072e37]: geen
  [b:650f072e37]Downloadlokatie[/b:650f072e37]: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen!
  [list:650f072e37]
  [*:650f072e37] [b:650f072e37][/b:650f072e37] (RSIT.exe)
  [*:650f072e37] [b:650f072e37][/b:650f072e37] (RSITx64.exe)[/list:u:650f072e37]
  Dubbelklik op [b:650f072e37]RSIT.exe[/b:650f072e37] om de tool te starten.
  [list:650f072e37]
  [*:650f072e37] Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor [i:650f072e37][b:650f072e37]Als Administrator uitvoeren[/b:650f072e37][/i:650f072e37].
  [*:650f072e37] Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "[b:650f072e37]Continue[/b:650f072e37]"
  [*:650f072e37] Wanneer het tool gereed is, wordt er een kladblok bestand - genaamd "[b:650f072e37]Log[/b:650f072e37]" - geopend.
  [*:650f072e37] Post de inhoud van dit log in jouw volgende bericht.[/list:u:650f072e37]
 • Eeen ouwertje inderdaad, maar toch keurig het log geproduceerd waar je om vroeg:

  Logfile of random's system information tool 1.09 (written by random/random)
  Run by Administrator at 2013-03-29 21:20:25
  Microsoft Windows XP Professional Service Pack 3
  System drive C: has 64 GB (82%) free of 78 GB
  Total RAM: 255 MB (16% free)

  Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 21:21:22, on 29-3-2013
  Platform: Windows XP SP3 (WinNT 5.01.2600)
  MSIE: Internet Explorer v8.00 (8.00.6001.18702)
  Boot mode: Normal

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
  C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
  C:\WINDOWS\System32\CTsvcCDA.EXE
  C:\Program Files\Java\jre6\bin\jqs.exe
  C:\WINDOWS\System32\nvsvc32.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\System32\MsPMSPSv.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\Creative\ShareDLL\CtNotify.exe
  C:\WINDOWS\system32\ctfmon.exe
  C:\Program Files\Creative\ShareDLL\MediaDet.Exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\WINDOWS\system32\wuauclt.exe
  c:\Program Files\Microsoft Security Client\MsMpEng.exe
  C:\Program Files\Microsoft Security Client\msseces.exe
  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
  C:\WINDOWS\SoftwareDistribution\Download\Install\Windows-KB890830-V4.18.exe
  c:\900989b9e5a76f6567\mrtstub.exe
  C:\WINDOWS\system32\MRT.exe
  C:\Documents and Settings\Administrator\Bureaublad\RSIT.exe
  C:\Program Files\trend micro\Administrator.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.imesh.com/sidebar.html?src=ssb
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/ymj/*http://www.yahoo.com
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/ymj/*http://www.yahoo.com/ext/search/search.html
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/ymj/*http://www.yahoo.com
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
  O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
  O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
  O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
  O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
  O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
  O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
  O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100429 -Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; BRI/2)
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
  O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
  O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
  O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
  O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
  O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB
  O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab
  O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
  O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} (OCXDownloadChecker Control) - http://babybeeld.st-anna.nl/cab/OCXChecker_8000.cab
  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
  O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
  O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
  O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
  O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
  O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
  O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
  O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
  O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  O24 - Desktop Component 0: (no name) - http://www.rijkswaterstaat.nl/rws/dnb/projecten/zuid-willemsvaart/img/foto/sluis6.jpg


  End of file - 7744 bytes

  ======Scheduled tasks folder======

  C:\WINDOWS\tasks\Adobe Flash Player Updater.job
  C:\WINDOWS\tasks\AppleSoftwareUpdate.job
  C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

  ======Registry dump======

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
  Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll []

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
  Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-25 325408]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
  Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-25 42272]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
  JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-04-25 79648]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
  EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
  {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]

  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "Disc Detector"=C:\Program Files\Creative\ShareDLL\CtNotify.exe [2001-08-01 191488]
  "CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE [2001-09-15 28672]
  "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 947176]

  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  "Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE [2008-03-19 439736]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
  C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-06 57344]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
  C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detection]
  C:\Program Files\Blokker Fotoservice\dd.exe []

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
  C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EM_EXEC]
  C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE [2001-10-04 35328]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX7400 Series]
  C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [2007-04-12 182272]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
  C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe [2001-04-20 28672]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
  C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe [2006-02-23 16384]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LELA]
  C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe /minimized []

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
  c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 947176]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
  C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
  C:\WINDOWS\System32\NvCpl.dll [2003-05-02 4640768]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
  nwiz.exe /install []

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedTouch USB Diagnostics]
  C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe [2002-06-06 861184]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Taskbar]
  C:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe [2001-09-20 122880]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TaskTray]
  C:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe [2001-06-29 163840]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
  C:\WINDOWS\Updreg.exe [2000-05-11 90112]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zBrowser Launcher]
  C:\Program Files\Logitech\iTouch\iTouch.exe [2001-10-12 200704]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]
  C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk]
  C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2006-02-23 156160]

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
  C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
  C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
  WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
  "authentication packages"=msv1_0
  nwprovau

  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
  "dontdisplaylastusername"=0
  "legalnoticecaption"=
  "legalnoticetext"=
  "shutdownwithoutlogon"=1
  "undockwithoutlogon"=1

  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
  "NoDriveTypeAutoRun"=0x5F000000
  ""=

  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
  "HonorAutoRunSetting"=1

  [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
  "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
  "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
  "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Disabled:backWeb-8876480"
  "C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
  "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
  "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
  "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
  "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
  "C:\Program Files\iMesh Applications\iMesh6\iMesh6.exe"="C:\Program Files\iMesh Applications\iMesh6\iMesh6.exe:*:Enabled:iMesh"
  "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
  "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
  "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
  "C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Disabled:iMesh"
  "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"="C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Platform Service"
  "C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe"="C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe:*:Enabled:EpsonNet Setup"
  "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Disabled:EEventManager Application"

  [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
  "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
  "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
  "midimapper"=midimap.dll
  "msacm.imaadpcm"=imaadp32.acm
  "msacm.msadpcm"=msadp32.acm
  "msacm.msg711"=msg711.acm
  "msacm.msgsm610"=msgsm32.acm
  "msacm.trspch"=tssoft32.acm
  "vidc.cvid"=iccvid.dll
  "vidc.I420"=msh263.drv
  "vidc.iv31"=ir32_32.dll
  "vidc.iv32"=ir32_32.dll
  "vidc.iyuv"=iyuv_32.dll
  "vidc.mrle"=msrle32.dll
  "vidc.msvc"=msvidc32.dll
  "vidc.uyvy"=msyuv.dll
  "vidc.yuy2"=msyuv.dll
  "vidc.yvu9"=tsbyuv.dll
  "vidc.yvyu"=msyuv.dll
  "wavemapper"=msacm32.drv
  "midi"=wdmaud.drv
  "wave"=wdmaud.drv
  "midi1"=wdmaud.drv
  "mixer"=wdmaud.drv
  "aux"=wdmaud.drv
  "msacm.msg723"=msg723.acm
  "vidc.M263"=msh263.drv
  "vidc.M261"=msh261.drv
  "msacm.msaudio1"=msaud32.acm
  "msacm.sl_anet"=sl_anet.acm
  "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
  "msacm.ctmp3"=C:\WINDOWS\System32\ctmp3.acm
  "wave1"=wdmaud.drv
  "midi2"=wdmaud.drv
  "mixer1"=wdmaud.drv
  "VIDC.MPG4"=mpg4c32.dll
  "VIDC.MP42"=mpg4c32.dll
  "vidc.tscc"=tsccvid.dll
  "vidc.GEOX"=C:\WINDOWS\system32\v8120\GeoCodec.dll
  "vidc.GEOV"=C:\WINDOWS\system32\v8120\GeoCodec.dll
  "vidc.GMP4"=C:\WINDOWS\system32\v8120\GXAMP4.dll
  "vidc.GM40"=C:\WINDOWS\system32\v8120\GXAMP4.dll
  "vidc.G264"=C:\WINDOWS\system32\v8120\GX264.dll
  "msacm.geoadpcm"=C:\WINDOWS\system32\v8100\GeoADPCM.acm
  "vidc.GM4H"=C:\WINDOWS\system32\v8120\GXAMP4D.dll
  "vidc.GM4S"=C:\WINDOWS\system32\v8120\GXAMP4D.dll

  ======List of files/folders created in the last 1 month======

  2013-03-29 21:20:49 —-D—- C:\Program Files\trend micro
  2013-03-29 21:20:25 —-D—- C:\rsit
  2013-03-29 21:09:42 —-D—- C:\900989b9e5a76f6567
  2013-03-29 20:28:41 —-D—- C:\WINDOWS\TempF2BC203B-1AD9-023A-205F-8F08376FD1A2-Signatures
  2013-03-29 20:26:12 —-D—- C:\9da291faa04fe41cde691c9ed6ef
  2013-03-29 14:45:42 —-D—- C:\WINDOWS\LastGood

  ======List of files/folders modified in the last 1 month======

  2013-03-29 21:20:49 —-RD—- C:\Program Files
  2013-03-29 21:19:49 —-D—- C:\WINDOWS\Prefetch
  2013-03-29 21:11:40 —-D—- C:\WINDOWS\Temp
  2013-03-29 21:11:34 —-RSD—- C:\WINDOWS\assembly
  2013-03-29 21:07:54 —-SHD—- C:\WINDOWS\Installer
  2013-03-29 21:06:03 —-D—- C:\WINDOWS\Microsoft.NET
  2013-03-29 21:05:55 —-HD—- C:\Config.Msi
  2013-03-29 21:00:02 —-D—- C:\WINDOWS
  2013-03-29 20:59:46 —-HD—- C:\WINDOWS\inf
  2013-03-29 20:57:46 —-SD—- C:\WINDOWS\Tasks
  2013-03-29 20:49:36 —-D—- C:\WINDOWS\system32\CatRoot2
  2013-03-29 20:46:56 —-D—- C:\Program Files\Microsoft Security Client
  2013-03-29 20:46:42 —-D—- C:\WINDOWS\system32\CatRoot
  2013-03-29 20:15:57 —-D—- C:\Program Files\Microsoft Silverlight
  2013-03-29 20:10:24 —-D—- C:\WINDOWS\system32
  2013-03-29 20:10:24 —-A—- C:\WINDOWS\system32\PerfStringBackup.INI
  2013-03-29 20:09:28 —-D—- C:\WINDOWS\WinSxS
  2013-03-29 15:13:31 —-A—- C:\WINDOWS\system32\FlashPlayerApp.exe
  2013-03-04 14:15:42 —-A—- C:\WINDOWS\system32\MRT.exe

  ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-13 42368]
  R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
  R1 ATMhelpr;ATMhelpr; C:\WINDOWS\system32\drivers\ATMhelpr.sys [1997-06-17 4064]
  R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40448]
  R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
  R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS-compatibel transportprotocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
  R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2002-09-28 63232]
  R2 NwlnkSpx;NWLink SPX/SPXII-protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2002-09-28 55936]
  R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
  R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
  R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2001-09-11 110084]
  R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2001-09-11 11036]
  R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2001-10-18 207572]
  R3 emu10kx;Creative EMU10K1/EMU10K2 Audio Driver (WDM); C:\WINDOWS\system32\drivers\e10kx2k.sys [2001-10-18 1759036]
  R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2001-09-11 154284]
  R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
  R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2001-08-10 10256]
  R3 l8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042Pr2.sys [2001-10-04 50433]
  R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys [2001-10-04 5841]
  R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.sys [2001-10-04 67441]
  R3 ms_mpu401;Microsoft MPU-401 MIDI UART-stuurprogramma; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
  R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
  R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-05-02 1312555]
  R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
  R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2001-09-11 186944]
  R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-28 5888]
  R3 rtl8139;NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
  R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
  S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter; C:\WINDOWS\System32\DRIVERS\ADM8511.SYS [2001-08-17 20160]
  S3 alcan5wn;Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2002-06-06 53168]
  S3 alcaudsl;Alcatel Speed Touch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2002-06-06 743136]
  S3 gwiopm;gwiopm; \??\C:\Program Files\Unknown Device Identifier\gwiopm.sys []
  S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
  S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
  S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
  S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
  S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
  S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
  S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
  S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

  ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-06-28 106496]
  R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
  R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.EXE [1999-12-13 44032]
  R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
  R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-04-25 153376]
  R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 20472]
  R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-05-02 69632]
  R2 NWCWorkstation;Clientservice voor NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
  R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
  S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-29 253656]
  S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
  S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
  S3 fsssvc;De service Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
  S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
  S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504]
  S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
  S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

  —————–EOF—————–
 • Graag de drie logs in één keer posten.

 • Hier komen de drie logs. Achtereenvolgens: Adware; JRT en Malwarebyte…

  # AdwCleaner v2.115 - Verslag gemaakt op 30/03/2013 om 11:45:06
  # Geactualiseerd op 17/03/2013 door Xplode
  # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
  # Gebruiker : Administrator - COMPUTERKAMER
  # Opstarten Modus : Normale modus
  # Gelanceerd vanaf : C:\Documents and Settings\Administrator\Bureaublad\adwcleaner.exe
  # Optie [Verwijderen]


  ***** [Diensten] *****


  ***** [Files / Mappen] *****

  Map Verwijdert : C:\Documents and Settings\All Users\Application Data\Ask

  ***** [Register] *****

  Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
  Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
  Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B7D3E479-CC68-42B5-A338-938ECE35F419}
  Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
  Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
  Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
  Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
  Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49D6-A4D5-2E8D7341384E}
  Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
  Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pm_launcher
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.tbtoolband
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.useroptions
  Sleutel Verwijdert : HKLM\SOFTWARE\Classes\toolband.useroptions.1
  Sleutel Verwijdert : HKLM\Software\ImInstaller
  Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
  Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
  Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
  Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B7D3E479-CC68-42B5-A338-938ECE35F419}]
  Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
  Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

  ***** [Browsers] *****

  -\\ Internet Explorer v8.0.6001.18702

  Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.imesh.com/sidebar.html?src=ssb –> hxxp://www.google.com

  *************************

  AdwCleaner[S1].txt - [4015 octets] - [30/03/2013 11:45:06]

  ########## EOF - C:\AdwCleaner[S1].txt - [4075 octets] ##########

  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  Junkware Removal Tool (JRT) by Thisisu
  Version: 4.7.4 (03.29.2013:1)
  OS: Microsoft Windows XP x86
  Ran by Administrator on za 30-03-2013 at 12:22:20,57
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  ~~~ Services  ~~~ Registry Values

  Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
  Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL  ~~~ Registry Keys  ~~~ Files  ~~~ Folders

  Successfully deleted: [Folder] "C:\Program Files\imesh applications"

  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  Scan was completed on za 30-03-2013 at 12:37:07,06
  End of JRT log
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  Malwarebytes Anti-Malware 1.70.0.1100
  www.malwarebytes.org

  Databaseversie: v2013.03.30.05

  Windows XP Service Pack 3 x86 NTFS
  Internet Explorer 8.0.6001.18702
  Administrator :: COMPUTERKAMER [administrator]

  30-3-2013 17:36:03
  mbam-log-2013-03-30 (17-36-03).txt

  Scan type: Snelle scan
  Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
  Uitgeschakelde scan opties: P2P
  Objecten gescand: 198193
  Verstreken tijd: 13 minuut/minuten, 15 seconde(n)

  Geheugenprocessen gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels gedetecteerd: 1
  HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} (Rogue.Multiple) -> Succesvol in quarantaine geplaatst en verwijderd.

  Registerwaarden gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  Registerdata gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  Mappen gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden gedetecteerd: 0
  (Geen kwaadaardige objecten gedetecteerd)

  (einde)

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.