• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

Virus Malware

Status
Niet open voor verdere reacties.

jjeroen00

Bekend gezicht
Lid geworden
18 jun 2011
Berichten
140
Waarderingsscore
0
ken iemand mij helpen ik had 2 virussen op me laptop mini hpen heb die volgens mij verwijderd maar nu start me laptop heel langzaam op en oook met afsluiten en windows explore hangt telkens en bijna de hele tijd cpu op 100%

wie kan me helpen!!!
 
Hoi Jeroen, dat moeten we dan wel samen doen, ok?


Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:
  • Lees alle instrukties goed door.
  • Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken.
  • Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken.
  • Gebruik altijd n scanner per keer, nooit meerdere tegelijk gebruiken.
  • Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht.
  • De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.

Stap 1
Welk programma: sUbs dds.scr
Waarvoor/waarom: DDS is een diagnosetool en maakt gebruik van scripts.
Moeilijkheidsgraad: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen!
Download sUBs dds.scr hier

dds_scr.gif


sUBs dds.scr gebruiken:
  • Belangrijk: deaktiveer eerst de antivirussoftware en de aktieve spywarescanners!
  • Sluit vervolgens eerst alle nog openstaande programmavensters!
    • Windows 2000 en Windows XP: start sUBs dds.scr middels dubbelklik op de snelkoppeling.
    • Windows Vista en Windows 7: start sUBs dds.scr rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
  • Na de scan worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt - post de inhoud van beide logs maar let even op het volgende!
  • Ga naar DDRMMR's kleurcodeerder
  • Kopieer en plak de gehele inhoud van de DDS-logfile in het venster en klik op de knop Converteer
  • Kopieer en plak de inhoud van de kleurcodeerder in je aansluitende bericht en post tevens de inhoud van Attach.txt.

Stap 2
Welk programma: Microsoft Safety Scanner
Waarvoor/waarom: specialistische scanner van Microsoft om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
Moeilijkheidsgraad: geen.
Opmerking: Microsoft Safety Scanner verloopt 10 dagen nadat het is gedownload.
Als u opnieuw een scan wilt uitvoeren met de nieuwste definities ter voorkoming van schadelijke software,
downloadt u Microsoft Safety Scanner opnieuw en voert u het opnieuw uit.
Dowload de Microsoft Safety Scanner hier.

Windows 2000 en Windows XP: start Microsoft's Safety Scanner middels dubbelklik op de snelkoppeling.
Windows Vista en Windows 7: start Microsoft's Safety Scanner middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
Zet vervolgens een vinkje bij "Ik accepteer de voorwaarden van de bovenstaande gebruiksovereenkomst".

Scannen:
  • Bij het starten van 'Microsoft's Safety Scanner', klik op de knop "Volgende", vervolgens kies je voor 'Snelle Scan'.
  • Het scannen duurt wel even, dus wees geduldig.

Stap 3
Welk programma: Malwarebytes MBAM
Waarvoor/waarom: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
Moeilijkheidsgraad: geen.

Download Malwarebytes MBAM via n van deze locaties:
Allereerst:
  • Al meteen na de installatie wil 'MBAM' zijn database opwaarderen toestaan dus.
  • Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'!
Malwarebytes MBAM opstarten:
Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
  • Let op:
    • Malwarebytes verstrekt nu de volledige versie van MBAM.
    • Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie.
    • Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken.
    • Zodoende zal MBAM als gratis versie verder te gebruiken zijn
mbam2.png


  • Doe ook nog het volgende:
    • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".

Scannen:
  • Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
  • Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
  • Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.
Infecties gevonden:
  • Klik nu eerst op OK om de melding weg te klikken
  • Klik vervolgens rechtsonder op de knop Bekijk resultaten.
  • Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  • Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven dan telkens op 'OK' klikken!
  • Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.
MBAM-Log:
  • Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.
Post aansluitend in je volgende bericht de inhoud van het MBAM-log.


Stap 4
Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:
  • DDS-logfile
  • Attach,txt-log
  • MBAM scanlog
 
heey abraham bij deze de log van dds

dds log geconveert

[hjt]
.
dds (ver_2011-08-26.01) - ntfsx86
internet explorer: 8.0.7601.17514
run by user at 20:50:49 on 2011-10-02
microsoft windows 7 starter 6.1.7601.1.1252.31.1033.18.1012.595 [gmt -4:00]
.
av: avast! antivirus *disabled/updated* {2b2d1395-420b-d5c9-657e-930fe358fc3c}
sp: avast! antivirus *disabled/updated* {904cf271-6431-da47-5fce-a87d98dfb681}
sp: windows defender *disabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
.
============== running processes ===============
.
c:\windows\system32\wininit.exe
c:\windows\system32\lsm.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k networkservice
c:\windows\system32\wlanext.exe
c:\windows\system32\conhost.exe
c:\windows\explorer.exe
c:\windows\system32\spoolsv.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\program files\synaptics\syntp\syntpenh.exe
c:\program files\avast software\avast\avastui.exe
c:\program files\tuneup utilities 2011\tuneuputilitiesservice32.exe
c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
c:\program files\tuneup utilities 2011\tuneuputilitiesapp32.exe
c:\program files\common files\microsoft shared\windows live\wlidsvcm.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
c:\program files\synaptics\syntp\syntphelper.exe
c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe
c:\windows\system32\wuauclt.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
c:\windows\system32\dllhost.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\wbem\wmiprvse.exe
.
============== pseudo hjt report ===============
.
uwindow title =
mstart page = hxxp://www.msn.com
mrun: [syntpenh] c:\program files\synaptics\syntp\syntpenh.exe
mrun: [avast] c:\program files\avast software\avast\avastui.exe /nogui
upolicies-explorer: maxrecentdocs = 15 (0xf)
mpolicies-system: consentpromptbehavioradmin = 5 (0x5)
mpolicies-system: consentpromptbehavioruser = 3 (0x3)
mpolicies-system: enableuiadesktoptoggle = 0 (0x0)
mpolicies-system: promptonsecuredesktop = 0 (0x0)
trusted zone: microsoft.com\*.windowsupdate
trusted zone: microsoft.com\update
trusted zone: windowsupdate.com
tcp: dhcpnameserver = 10.0.0.254
tcp: interfaces\{33245d4b-691e-4a05-a2d7-0b773038211a} : dhcpnameserver = 10.0.0.254
masetup: {2c7339cf-2b09-4501-b3f3-f3508c9228ed} - c:\windows\system32\regsvr32.exe /s /n /i:/userinstall c:\windows\system32\themeui.dll
.
============= services / drivers ===============
.
r1 aswsnx;aswsnx;c:\windows\system32\drivers\aswsnx.sys [2011-9-28 371544]
r1 aswsp;aswsp;c:\windows\system32\drivers\aswsp.sys [2011-9-28 301528]
r1 vwififlt;virtual wifi filter driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
r2 aswfsblk;aswfsblk;c:\windows\system32\drivers\aswfsblk.sys [2011-9-28 19544]
r2 aswmonflt;aswmonflt;c:\windows\system32\drivers\aswmonflt.sys [2011-9-28 53592]
r2 clr_optimization_v4.0.30319_32;microsoft .net framework ngen v4.0.30319_x86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
r2 iastordatamgrsvc;intel(r) rapid storage technology;c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe [2011-9-7 13336]
r2 tuneup.utilitiessvc;tuneup utilities service;c:\program files\tuneup utilities 2011\tuneuputilitiesservice32.exe [2011-1-19 1517376]
r3 rspciestor;realtek pcie cardreader driver;c:\windows\system32\drivers\rtspstor.sys [2011-7-25 230944]
r3 rtl8167;realtek 8167 nt driver;c:\windows\system32\drivers\rt86win7.sys [2011-7-25 267880]
r3 tuneuputilitiesdrv;tuneuputilitiesdrv;c:\program files\tuneup utilities 2011\tuneuputilitiesdriver32.sys [2010-11-29 10064]
s2 avast! antivirus;avast! antivirus;c:\program files\avast software\avast\avastsvc.exe [2011-9-28 42184]
s2 hp support assistant service;hp support assistant service;c:\program files\hewlett-packard\hp support framework\hpsa_service.exe --> c:\program files\hewlett-packard\hp support framework\hpsa_service.exe [?]
s2 hpdrvmntsvc.exe;hp quick synchronization service;c:\program files\hewlett-packard\shared\hpdrvmntsvc.exe --> c:\program files\hewlett-packard\shared\hpdrvmntsvc.exe [?]
s3 b57nd60x;broadcom netxtreme gigabit ethernet - ndis 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
s3 eboostrsvc;eboostr service;c:\program files\eboostr\ebstrsvc.exe --> c:\program files\eboostr\ebstrsvc.exe [?]
s3 revoflt;revoflt;c:\windows\system32\drivers\revoflt.sys [2011-9-8 27192]
s3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys [2011-9-7 52224]
s4 aestfilters;andrea st filters service;c:\program files\idt\wdm\aestsrv.exe [2011-7-25 81920]
s4 gupdate;google update service (gupdate);c:\program files\google\update\googleupdate.exe /svc --> c:\program files\google\update\googleupdate.exe [?]
s4 gupdatem;google update service (gupdatem);c:\program files\google\update\googleupdate.exe /medsvc --> c:\program files\google\update\googleupdate.exe [?]
.
=============== file associations ===============
.
jsefile=notepad.exe %1
vbefile=notepad.exe %1
.
=============== created last 30 ================
.
2011-10-03 00:39:34 -------- d-----w- c:\users\user\appdata\local\{5189a4c4-25bd-4800-820b-30407ee67c04}
2011-10-03 00:38:36 -------- d-----w- c:\users\user\appdata\local\{f854ab7f-d35c-4501-af98-a616cdd9db49}
2011-10-02 08:26:49 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{817bf018-1fa9-40ca-9f19-cb6fe8c05e74}\offreg.dll
2011-10-02 06:40:25 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-10-02 06:12:36 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-02 06:12:34 -------- d-----w- c:\program files\malwarebytes' anti-malware
2011-10-02 05:30:23 388096 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\hijackthis.exe
2011-10-02 05:30:22 -------- d-----w- c:\program files\trend micro
2011-10-01 22:37:52 -------- d-sh--w- c:\programdata\{24036256-bfdb-4cd3-be8a-a3d6160f2e16}
2011-09-30 20:00:52 -------- d-----w- c:\users\user\appdata\local\apps
2011-09-30 18:55:19 -------- d-----w- c:\program files\common files\magix shared
2011-09-30 16:10:27 -------- d-----w- c:\users\user\appdata\roaming\magix
2011-09-30 16:04:40 663552 ----a-w- c:\windows\system32\mgxoschk.dll
2011-09-30 16:03:11 14208 ----a-w- c:\windows\system32\drivers\disksec.sys
2011-09-30 15:58:51 -------- d-----w- c:\programdata\magix
2011-09-30 14:55:51 -------- d-----w- c:\users\user\appdata\local\packageaware
2011-09-30 13:36:13 -------- d-----w- c:\users\user\appdata\local\hewlett-packard
2011-09-30 12:34:39 -------- d-----w- c:\programdata\{d3b41b92-9bc2-43eb-916a-4fa9e8191837}
2011-09-30 11:56:21 -------- d-----w- c:\program files\msecache
2011-09-30 11:55:11 -------- d-----w- c:\program files\conduit
2011-09-30 11:54:52 -------- d-----w- c:\users\user\appdata\local\conduit
2011-09-30 09:03:56 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{817bf018-1fa9-40ca-9f19-cb6fe8c05e74}\mpengine.dll
2011-09-30 06:19:57 -------- d-----w- c:\programdata\martau
2011-09-28 11:49:02 371544 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2011-09-28 11:48:54 53592 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2011-09-28 11:47:23 40648 ----a-w- c:\windows\avastss.scr
2011-09-28 11:47:06 -------- d-----w- c:\programdata\avast software
2011-09-28 11:47:05 -------- d-----w- c:\program files\avast software
2011-09-28 11:38:05 41 ----a-w- c:\users\user\appdata\roaming\smss.exe.tmp
2011-09-28 11:28:59 57503 ----a-w- c:\users\user\appdata\roaming\user3sqlite3.dll
2011-09-28 11:11:30 -------- d-----w- c:\users\user\appdata\roaming\install
2011-09-28 10:01:44 -------- d-----w- c:\windows\xsxs
2011-09-28 09:59:56 -------- d-----w- c:\users\user\appdata\roaming\sammsoft
2011-09-28 08:30:25 -------- d-----w- c:\users\user\appdata\local\{b1a1048b-528c-45b7-ad20-1c7c049fab50}
2011-09-28 08:29:36 -------- d-----w- c:\users\user\appdata\local\{40a282e7-5ccc-4a35-af5d-c18963f5bef2}
2011-09-27 10:35:59 -------- d-----w- c:\users\user\appdata\roaming\malwarebytes
2011-09-27 10:35:46 -------- d-----w- c:\programdata\malwarebytes
2011-09-27 10:30:48 -------- d-----w- c:\users\user\appdata\local\{5706c816-c237-435e-aa2c-bbf3f8c42100}
2011-09-27 10:30:23 -------- d-----w- c:\users\user\appdata\local\{3e1b07a1-5488-4864-8530-fcd357f8c988}
2011-09-27 05:21:43 -------- d-----w- c:\programdata\iobit
2011-09-27 05:06:59 -------- d-----w- c:\users\user\appdata\roaming\iobit
2011-09-25 10:50:55 -------- dc----w- c:\users\user\appdata\local\migwiz
2011-09-25 08:48:31 20392 ----a-w- c:\windows\system32\drivers\elrawdsk.sys
2011-09-25 03:53:52 -------- d-----w- c:\users\user\appdata\local\spotlite
2011-09-25 03:17:01 -------- d-----w- c:\users\user\appdata\roaming\grabit
2011-09-25 03:07:16 -------- d-----w- c:\program files\spotlite
2011-09-25 03:03:06 -------- d-----w- c:\program files\grabit
2011-09-24 10:36:29 -------- d-----w- c:\windows\windowsmobile
2011-09-24 10:36:29 -------- d-----w- c:\windows\system32\drivers\umdf\nl-nl
2011-09-24 10:36:20 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\nl-nl\lmprtprc.dll.mui
2011-09-24 10:36:15 -------- d-----w- c:\windows\system32\nl
2011-09-24 10:36:14 -------- d-----w- c:\windows\system32\xpsviewer
2011-09-24 10:35:53 -------- d-----w- c:\program files\windows journal
2011-09-24 10:35:40 -------- d-----w- c:\program files\microsoft games
2011-09-24 10:35:32 -------- d-----w- c:\program files\windows collaboration
2011-09-24 10:35:17 -------- d-----w- c:\windows\system32\0413
2011-09-24 10:34:47 -------- d-----w- c:\windows\ehome
2011-09-24 10:34:44 -------- d-----w- c:\windows\system32\wbem\nl-nl
2011-09-24 10:34:41 -------- d-----w- c:\windows\nl-nl
2011-09-24 10:34:41 -------- d-----w- c:\windows\msagent
2011-09-24 10:34:33 -------- d-----w- c:\windows\system32\drivers\nl-nl
2011-09-24 10:34:24 40960 ----a-w- c:\program files\common files\microsoft shared\ink\nl\microsoft.ink.resources.dll
2011-09-24 10:32:24 -------- d-----w- c:\windows\system32\vistalizator
2011-09-24 08:56:29 47984 ----a-w- c:\windows\system32\advuninstcpl.cpl
2011-09-24 08:44:14 -------- d-----w- c:\users\user\appdata\local\elevateddiagnostics
2011-09-24 08:42:43 12164 ----a-w- c:\windows\system32\domainbackup.reg
2011-09-24 08:41:48 -------- d-----w- c:\aulogs
2011-09-24 07:00:31 -------- d-----w- c:\program files\microsoft sql server
2011-09-24 06:49:02 88 ----a-w- c:\users\user\appdata\roaming\netstat.bat
2011-09-24 02:23:01 74703 ----a-w- c:\windows\system32\mfc45.dll
2011-09-22 12:55:47 -------- d-----w- c:\users\user\appdata\local\utorrent
2011-09-22 11:29:59 -------- d-----w- c:\users\user\appdata\local\innovative solutions
2011-09-22 11:29:53 -------- d-----w- c:\program files\common files\innovative solutions
2011-09-22 11:29:48 -------- d-----w- c:\programdata\innovative solutions
2011-09-22 09:22:30 -------- d-----w- c:\users\user\appdata\roaming\sunbelt
2011-09-22 09:22:26 -------- d-----w- c:\programdata\sunbelt
2011-09-22 07:37:09 -------- d-----w- c:\08e88613159f8a5318
2011-09-20 08:02:27 767952 ----a-w- c:\windows\bdtsupport.dll
2011-09-20 08:02:26 149456 ----a-w- c:\windows\sgdetectiontool.dll
2011-09-20 08:02:25 2078672 ----a-w- c:\windows\pctbdcore.dll
2011-09-20 08:02:25 1533904 ----a-w- c:\windows\pctbdres.dll
2011-09-20 06:50:10 -------- d-sh--w- c:\$recycle.bin
2011-09-20 06:01:00 -------- d-----w- c:\windows\system32\catroot2
2011-09-20 05:25:12 -------- d-----w- c:\a994effe1ccf55e91bb3
2011-09-19 13:02:38 527872 ----a-w- c:\windows\system32\stapi32.dll
2011-09-19 05:39:22 -------- d-----w- c:\windows\system32\msmq
2011-09-19 05:38:53 -------- d-sh--w- c:\incinerate
2011-09-19 04:43:38 -------- d-----w- c:\system.sav
2011-09-18 19:27:57 -------- d-----w- c:\users\user\appdata\local\pokerstars
2011-09-18 08:36:58 2036 ----a-w- c:\windows\system32\asoroset.bin
2011-09-18 08:29:38 15592 ----a-w- c:\windows\system32\roboot.exe
2011-09-18 07:34:56 -------- d-----w- c:\users\user\appdata\local\diagnostics
2011-09-18 06:55:34 43520 ----a-w- c:\windows\system32\libusb0.dll
2011-09-18 06:55:34 32256 ----a-w- c:\windows\system32\drivers\libusb0.sys
2011-09-18 06:19:37 -------- d-----w- c:\program files\pokerstars
2011-09-16 05:50:15 -------- d--h--w- c:\windows\pif
2011-09-15 09:22:33 -------- d-----w- c:\users\user\appdata\local\microsoft_corporation
2011-09-14 05:05:02 87688 ----a-w- c:\windows\system32\inccontxmenu.dll
2011-09-14 05:05:02 2233016 ----a-w- c:\windows\system32\incinerator.dll
2011-09-14 05:05:01 9341 ----a-w- c:\windows\system32\drivers\filedisk.sys
2011-09-14 05:04:55 29696 ----a-w- c:\windows\system32\iolobtdfg.exe
2011-09-14 05:04:55 11776 ----a-w- c:\windows\system32\smrgdf.exe
2011-09-14 04:07:38 511328 ----a-w- c:\program files\common files\microsoft shared\capicom\capicom.dll
2011-09-14 03:19:51 -------- d-----w- c:\windows\system32\wat
2011-09-14 02:04:01 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-09-13 21:37:16 -------- d-----w- c:\program files\ccleaner
2011-09-13 05:08:50 1081616 ----a-w- c:\windows\system32\mscomctl.ocx
2011-09-13 02:19:04 29992 ----a-w- c:\windows\system32\drivers\grd.sys
2011-09-12 22:33:08 47560 ----a-w- c:\windows\system32\drivers\pkticpt.sys
2011-09-12 22:30:31 61512 ----a-w- c:\windows\system32\drivers\miniicpt.sys
2011-09-12 22:30:25 33480 ----a-w- c:\windows\system32\drivers\gdbehave.sys
2011-09-12 22:30:10 40904 ----a-w- c:\windows\system32\drivers\gdwfpcd32.sys
2011-09-12 22:18:28 -------- d-----w- c:\users\user\appdata\local\downloaded installations
2011-09-12 09:28:03 2081832 ----a-w- c:\users\user\appdata\local\setup.exe
2011-09-12 07:15:39 20552 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-09-12 04:50:12 -------- d-----w- c:\windows\system32\catroot2_201192015019
2011-09-11 08:18:46 -------- d-----w- c:\users\user\appdata\roaming\glarysoft
2011-09-11 02:47:38 -------- d-----w- c:\programdata\skype extras
2011-09-10 22:42:08 -------- d-----w- c:\users\user\appdata\local\microsoft corporation
2011-09-10 19:23:30 -------- d-----w- c:\programdata\synaptics
2011-09-10 19:23:02 -------- d-----w- c:\users\user\appdata\roaming\synaptics
2011-09-10 10:20:16 -------- d-----w- c:\windows\system32\vs08
2011-09-10 10:17:46 -------- d-----w- c:\temp.intel
2011-09-10 05:06:19 -------- d-----w- c:\pfiles
2011-09-10 01:32:34 -------- d-----w- c:\windows\pss
2011-09-10 00:39:02 -------- d-----w- c:\windows\system32\bestpractices
2011-09-10 00:38:58 -------- d-----w- c:\inetpub
2011-09-10 00:14:12 9472 ----a-w- c:\windows\system32\drivers\pnetmdm.sys
2011-09-09 14:39:09 -------- d-----w- c:\mft 477
2011-09-09 14:38:50 -------- d-----w- c:\mft 327
2011-09-09 14:38:49 -------- d-----w- c:\mft 324
2011-09-09 07:50:29 -------- d-----w- c:\users\user\appdata\local\virtualstore
2011-09-09 03:14:55 13488 ----a-w- c:\windows\cscmondump.bin
2011-09-09 01:33:32 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-09-09 01:33:31 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-09-08 20:48:22 -------- d-----w- c:\users\user\appdata\roaming\windows live writer
2011-09-08 20:48:22 -------- d-----w- c:\users\user\appdata\local\windows live writer
2011-09-08 07:27:18 -------- d-----w- c:\users\user\appdata\local\windows live
2011-09-08 07:27:16 -------- d-----w- c:\program files\common files\windows live
2011-09-08 05:30:04 -------- d-----w- c:\users\user\appdata\local\netdragon
2011-09-08 04:45:43 -------- d-----w- c:\users\user\appdata\local\vs revo group
2011-09-08 04:45:07 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-09-08 04:44:58 -------- d-----w- c:\program files\vs revo group
2011-09-08 04:27:48 -------- d-----w- c:\program files\videolan
2011-09-08 04:16:57 152848 ----a-w- c:\windows\system32\comdlg32.ocx
2011-09-08 04:16:56 124688 ----a-w- c:\windows\system32\mswinsck.ocx
2011-09-08 03:47:48 31552 ----a-w- c:\windows\system32\turegopt.exe
2011-09-08 03:47:45 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-09-08 03:47:45 21312 ----a-w- c:\windows\system32\authuitu.dll
2011-09-08 03:46:49 -------- d-----w- c:\users\user\appdata\roaming\tuneup software
2011-09-08 03:46:13 -------- d-----w- c:\program files\tuneup utilities 2011
2011-09-08 03:45:00 -------- d-----w- c:\programdata\tuneup software
2011-09-08 03:21:12 -------- d-----w- c:\windows\checksur
2011-09-08 02:24:01 -------- d-----w- c:\users\user\appdata\roaming\utorrent
2011-09-08 01:43:04 354840 ----a-w- c:\windows\system32\drivers\iastor.sys
2011-09-08 00:39:22 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-08 00:37:09 -------- d-----w- c:\windows\system32\spreview
2011-09-08 00:36:31 -------- d-----w- c:\windows\system32\eventproviders
2011-09-08 00:11:14 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-09-08 00:11:02 52224 ----a-w- c:\windows\system32\drivers\tsusbflt.sys
2011-09-08 00:11:01 11776 ----a-w- c:\windows\system32\tsusbredirectiongrouppolicyextension.dll
2011-09-08 00:11:00 3215872 ----a-w- c:\windows\system32\mstscax.dll
2011-09-08 00:09:59 1288488 ----a-w- c:\windows\system32\ntdll.dll
2011-09-08 00:08:59 974336 ----a-w- c:\windows\system32\sppobjs.dll
2011-09-08 00:07:59 2311168 ----a-w- c:\windows\system32\wpdshext.dll
2011-09-08 00:06:59 173440 ----a-w- c:\windows\system32\drivers\rdyboost.sys
2011-09-08 00:05:59 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
2011-09-08 00:04:59 242176 ----a-w- c:\windows\system32\eapp3hst.dll
2011-09-08 00:03:59 47104 ----a-w- c:\windows\system32\wkscli.dll
2011-09-08 00:02:59 45568 ----a-w- c:\windows\system32\g711codc.ax
2011-09-08 00:01:59 7168 ----a-w- c:\windows\system32\kbdsg.dll
2011-09-07 23:59:38 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2011-09-07 23:59:37 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-09-07 23:55:48 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-09-07 23:55:00 222080 ----a-w- c:\windows\system32\mpsigstub.exe
2011-09-07 23:38:21 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-07 23:38:11 -------- d-----w- c:\users\user\appdata\roaming\hpqlog
2011-09-07 23:35:23 981504 ----a-w- c:\windows\system32\wininet.dll
2011-09-07 23:35:13 163328 ----a-w- c:\program files\internet explorer\ieproxy.dll
2011-09-07 23:35:11 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-07 23:34:58 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-09-07 23:34:58 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-09-07 23:34:57 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-09-07 23:34:56 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-09-07 23:34:55 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-09-07 23:34:55 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-09-07 23:34:55 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-09-07 23:34:49 1076736 ----a-w- c:\windows\system32\dwrite.dll
2011-09-07 23:34:47 805376 ----a-w- c:\windows\system32\fntcache.dll
2011-09-07 23:34:46 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-09-07 23:34:39 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-07 23:04:12 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2011-09-07 23:04:11 94208 ----a-w- c:\program files\common files\system\ole db\msdaosp.dll
2011-09-07 23:04:11 86016 ----a-w- c:\windows\system32\odbccu32.dll
2011-09-07 23:04:11 81920 ----a-w- c:\windows\system32\odbccr32.dll
2011-09-07 23:04:11 163840 ----a-w- c:\windows\system32\odbctrac.dll
2011-09-07 23:04:11 122880 ----a-w- c:\windows\system32\odbccp32.dll
2011-09-07 22:39:19 -------- d-----w- c:\windows\system32\x64
2011-09-07 22:21:03 -------- d-----w- c:\program files\synaptics
2011-09-07 22:18:21 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-09-07 22:16:23 428032 ----a-w- c:\windows\system32\vbscript.dll
2011-09-07 22:15:59 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-09-07 22:15:58 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-09-07 22:15:58 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-09-07 22:15:40 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-09-07 22:15:40 293376 ----a-w- c:\windows\system32\umpnpmgr(2181).dll
2011-09-07 22:15:40 145920 ----a-w- c:\windows\system32\cfgmgr32.dll
2011-09-07 22:15:33 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-09-07 22:15:12 70656 ----a-w- c:\windows\system32\fontsub.dll
2011-09-07 22:15:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-09-07 22:15:12 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-09-07 22:14:48 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-09-07 22:14:48 187776 ----a-w- c:\windows\system32\drivers\fwpkclnt.sys
2011-09-07 22:14:39 542208 ----a-w- c:\windows\system32\kerberos.dll
2011-09-07 22:14:35 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-09-07 22:14:34 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
.
==================== find3m ====================
.
2011-09-24 10:35:52 3072 ----a-w- c:\windows\system32\drivers\nl-nl\srv.sys.mui
2011-09-24 10:35:51 12288 ----a-w- c:\windows\system32\drivers\nl-nl\fvevol.sys.mui
2011-09-24 10:35:38 3584 ----a-w- c:\windows\system32\drivers\nl-nl\rndismp.sys.mui
2011-09-24 10:35:38 3584 ----a-w- c:\windows\system32\drivers\nl-nl\pacer.sys.mui
2011-09-24 10:35:38 3072 ----a-w- c:\windows\system32\drivers\nl-nl\qwavedrv.sys.mui
2011-09-24 10:35:31 73728 ----a-w- c:\windows\system32\drivers\nl-nl\ntfs.sys.mui
2011-09-24 10:35:26 3584 ----a-w- c:\windows\system32\drivers\nl-nl\nfsrdr.sys.mui
2011-09-24 10:35:22 4096 ----a-w- c:\windows\system32\drivers\nl-nl\dxgkrnl.sys.mui
2011-09-24 10:35:21 7168 ----a-w- c:\windows\system32\drivers\nl-nl\luafv.sys.mui
2011-09-24 10:35:21 4096 ----a-w- c:\windows\system32\drivers\nl-nl\ipnat.sys.mui
2011-09-24 10:35:16 31744 ----a-w- c:\windows\system32\drivers\nl-nl\http.sys.mui
2011-09-08 01:06:22 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-08-04 13:20:38 33656 ----a-w- c:\windows\system32\drivers\epfwlwf.sys
2011-07-25 23:42:49 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2011-07-16 04:27:30 290816 ----a-w- c:\windows\system32\kernelbase.dll
2011-07-16 02:17:19 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-09 02:30:00 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-07-05 22:37:00 94208 ----a-w- c:\windows\system32\quicktimevr.qtx
2011-07-05 22:37:00 69632 ----a-w- c:\windows\system32\quicktime.qts
.
============= finish: 20:52:32.62 ===============

[/hjt]


de dds attacht log


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Starter
Boot Device: \Device\HarddiskVolume1
Install Date: 7/25/2011 4:48:07
System Uptime: 10/2/2011 7:36:12 (1 hours ago)
.
Motherboard: Hewlett-Packard | | 148A
Processor: Intel(R) Atom(TM) CPU N455 @ 1.66GHz | CPU | 999/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 54.963 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
avast! Pro Antivirus
Broadcom 802.11 Wireless LAN Adapter
CCleaner
Google Chrome
GrabIt 1.7.2 Beta 5 (build 1007)
HiJackThis
Intel(R) Graphics Media Accelerator Driver
Intel(R) Rapid Storage Technology
Malwarebytes' Anti-Malware versie 1.51.2.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Realtek Ethernet Controller Driver For Windows 7
Realtek PCIE Card Reader
Revo Uninstaller Pro 2.5.5
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Skype 5.3
SpotLite
Synaptics Pointing Device Driver
TuneUp Utilities 2011
TuneUp Utilities Language Pack (nl-NL)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
VLC media player 1.1.11
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
9/30/2011 8:26:17, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom SBRE
9/30/2011 5:58:43, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.
9/30/2011 5:56:31, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.
9/30/2011 5:56:01, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RasMan service.
9/30/2011 4:58:07, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Message Queuing service to connect.
9/30/2011 4:58:07, Error: Service Control Manager [7001] - The Message Queuing Triggers service depends on the Message Queuing service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
9/30/2011 4:58:07, Error: Service Control Manager [7000] - The Message Queuing service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/30/2011 4:48:52, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
9/30/2011 11:19:59, Error: Service Control Manager [7000] - The Compaq Dfw service failed to start due to the following error: The system cannot find the file specified.
9/30/2011 11:07:37, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.
9/30/2011 11:07:37, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/29/2011 2:01:11, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
9/29/2011 2:01:11, Error: Service Control Manager [7031] - The Wired AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
9/29/2011 2:01:11, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
9/29/2011 2:01:11, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/29/2011 2:01:11, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/29/2011 2:01:11, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/29/2011 2:01:11, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
9/29/2011 2:01:11, Error: Service Control Manager [7031] - The HomeGroup Listener service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/29/2011 2:01:11, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
9/28/2011 6:53:22, Error: Service Control Manager [7022] - The CounterSpy Antispyware service hung on starting.
9/28/2011 6:47:42, Error: Service Control Manager [7023] - The Message Queuing service terminated with the following error: %%-2147024877
9/28/2011 5:20:26, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.
9/28/2011 1:31:37, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
9/26/2011 12:31:25, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.
9/25/2011 9:20:21, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The process cannot access the file because it is being used by another process.
9/25/2011 9:13:22, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WPDBusEnum service.
9/25/2011 8:10:57, Error: Schannel [36888] - The following fatal alert was generated: 42. The internal error state is 250.
9/25/2011 7:05:10, Error: Service Control Manager [7001] - The HomeGroup Listener service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
9/25/2011 4:50:04, Error: Service Control Manager [7022] - The iolo System Service service hung on starting.
9/25/2011 4:26:33, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
9/25/2011 10:22:22, Error: Service Control Manager [7023] -
9/25/2011 10:22:00, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
9/25/2011 1:29:39, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom is3srv szkg5 szkgfs
10/2/2011 8:49:42, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
10/2/2011 8:49:25, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
10/2/2011 8:49:25, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
10/2/2011 7:39:14, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The system cannot find the file specified.
10/2/2011 7:37:11, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
10/2/2011 7:37:00, Error: Service Control Manager [7000] - The HP Quick Synchronization Service service failed to start due to the following error: The system cannot find the file specified.
10/2/2011 6:03:14, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
10/2/2011 5:43:06, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2468871).
10/2/2011 5:13:26, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c4 (0x000000f6, 0x00000108, 0x87bafd40, 0xb4a0e12c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 100211-86486-01.
10/2/2011 5:03:33, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
10/2/2011 5:03:09, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
10/2/2011 5:00:25, Error: Service Control Manager [7001] - The World Wide Web Publishing Service service depends on the Windows Process Activation Service service which failed to start because of the following error: The system cannot find the path specified.
10/2/2011 5:00:21, Error: Service Control Manager [7023] - The Windows Management Instrumentation Driver Extensions service terminated with the following error: The specified procedure could not be found.
10/2/2011 5:00:16, Error: Service Control Manager [7023] - The Windows Process Activation Service service terminated with the following error: The system cannot find the path specified.
10/2/2011 5:00:16, Error: Service Control Manager [7023] - The Diagnostic System Host service terminated with the following error: The requested control is not valid for this service.
10/2/2011 5:00:15, Error: Microsoft-Windows-WAS [5188] - The directory specified for the temporary application pool config files is either missing or is not accessible by the Windows Process Activation Service. Please specify an existing directory and/or ensure that it has proper access flags. The data field contains the error number.
10/2/2011 5:00:15, Error: Microsoft-Windows-WAS [5005] - Windows Process Activation Service (WAS) is stopping because it encountered an error. The data field contains the error number.
10/2/2011 4:59:48, Error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.
10/2/2011 4:59:23, Error: Service Control Manager [7023] - The WWAN AutoConfig service terminated with the following error: Access is denied.
10/2/2011 4:59:03, Error: Microsoft-Windows-Eventlog [22] - The event logging service encountered an error while initializing publishing resources for channel Microsoft-Windows-RPC/Debug. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.
10/2/2011 4:26:14, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023828.
10/2/2011 4:26:04, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service HomeGroupProvider with arguments "" in order to run the server: {6F7C8E8F-DC69-4E3F-BC05-439962A05FD5}
10/2/2011 3:47:30, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TuneUp Utilities Service service to connect.
10/2/2011 3:47:30, Error: Service Control Manager [7000] - The TuneUp Utilities Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/2/2011 3:46:18, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TuneUp.UtilitiesSvc with arguments "" in order to run the server: {5EF1CF5D-87A9-434B-8786-2A08E1C30F6C}
10/2/2011 1:25:35, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x8ccb0fa8, 0x00000002, 0x00000000, 0x81b1ac72). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 100211-32479-01.
10/1/2011 9:31:16, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Rapid Storage Technology service to connect.
10/1/2011 9:31:16, Error: Service Control Manager [7000] - The Intel(R) Rapid Storage Technology service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/1/2011 9:30:45, Error: Service Control Manager [7000] - The Diagnostic Policy Service service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.
10/1/2011 9:23:35, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
10/1/2011 9:06:36, Error: Service Control Manager [7030] - The Diagnostic Policy Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/1/2011 9:06:17, Error: Service Control Manager [7030] - The Diagnostic Service Host service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/1/2011 9:05:59, Error: Service Control Manager [7030] - The Diagnostic System Host service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/1/2011 8:20:12, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
10/1/2011 8:20:11, Error: Service Control Manager [7001] - The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
10/1/2011 8:19:25, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.
10/1/2011 7:24:48, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Message Queuing Triggers service to connect.
10/1/2011 7:24:48, Error: Service Control Manager [7000] - The Message Queuing Triggers service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/1/2011 6:46:32, Error: Service Control Manager [7034] - The HP Quick Synchronization Service service terminated unexpectedly. It has done this 1 time(s).
10/1/2011 6:46:22, Error: Service Control Manager [7034] - The HP Software Framework Service service terminated unexpectedly. It has done this 1 time(s).
10/1/2011 6:45:59, Error: Service Control Manager [7031] - The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/1/2011 2:08:23, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
.
==== End Of File ===========================
 
Hier de log van malware bytes:


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Databaseversie: 7850

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

10/2/2011 9:37:55
mbam-log-2011-10-02 (21-37-55).txt

Scantype: Snelle scan
Objecten gescand: 164418
Verstreken tijd: 10 minuut/minuten, 59 seconde(n)

Geheugenprocessen genfecteerd: 0
Geheugenmodulen genfecteerd: 0
Registersleutels genfecteerd: 0
Registerwaarden genfecteerd: 0
Registerdata genfecteerd: 0
Mappen genfecteerd: 0
Bestanden genfecteerd: 0

Geheugenprocessen genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)


tevens krijg ik telkens een windows uodate error met het installeren van een uodate kunt u hier ook wellicht iets mee?

error found code 66A met de update Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2468871)

Download size: 18.9 MB

You may need to restart your computer for this update to take effect.

Update type: Recommended

Install this update to resolve issues in Microsoft .NET Framework 4. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer.

More information:
http://go.microsoft.com/fwlink/?LinkID=210664

Help and Support:
http://support.microsoft.com
 
Het opstarten van jouw Windows Starter gaat langzaam, omdat er tijdens het opstarten allerlei fouten geconstateerd worden.
Waaronder het gegeven dat de Windows update ook niet meer werkt.

Ongetwijfeld houdt het verband met de besmetting die jij verwijderd hebt!

Hoe heb je dat verwijderen gedaan?
 
ik heb ze verwijderd met Lorains trojan remover gedaan en met sunbelt counterspy en met avast pro ook tijdens het opnieuw opstarten?

zit ik zwaar in de problemen nu:huh:?
 
Die eerste twee tools zijn mij volkomen onbekend, de eerste kan ik ook niet via Google vinden.

Laten we eens kijken wat ComboFix met jouw Windows aankan:

Welk programma: ComboFix
Waarvoor/waarom: Zeer specialistische scanner om Windows diepgaand te onderzoeken en op te schonen.
Moeilijkheidsgraad: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden!
Download ComboFix via n van deze locaties:
Hier zie je hoe je ComboFix moet gebruiken.

Antivirusprogramma en actieve malwarescanners dienen al voor je ComboFix start gedeaktiveert zijn!
Hier en hier
vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

Opmerkingen:
  • Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren!
    Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
ComboFix opstarten:
  • Windows 2000 en Windows XP: start ComboFix.exe middels dubbelklik op ComboFix.exe.
  • Windows Vista en Windows 7: start ComboFix.exe via rechtsklik op ComboFix.exe en kies dan voor "Als Administrator uitvoeren".
ComboFix is opgestart:
  • Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
  • Combofix sluit tijdens de scan de internet verbinding probeer deze tussentijds niet te herstellen!
  • Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
  • Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
  • Post de inhoud van dit logbestand via DDRMMR's kleurcodeerder in je volgende bericht.
  • Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt
Belangrijke opmerking:
  • Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
  • Illegal operation attempted on a registery key that has been marked for deletion.
  • Start dan de computer opnieuw op.
 
de log van combo fix



[hjt]
combofix 11-10-04.04 - user 10/05/2011 0:43.1.2 - x86
microsoft windows 7 starter 6.1.7601.1.1252.31.1033.18.1012.412 [gmt -4:00]
gestart vanuit: c:\users\user\desktop\combofix.exe
av: avast! antivirus *disabled/updated* {2b2d1395-420b-d5c9-657e-930fe358fc3c}
sp: avast! antivirus *disabled/updated* {904cf271-6431-da47-5fce-a87d98dfb681}
sp: windows defender *disabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
.
.
(((((((((((((((((((((((((((((((((( andere verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\user\appdata\local\setup.exe
c:\users\user\appdata\roaming\user3sqlite3.dll
c:\windows\cscmondump.bin
c:\windows\system32\domainbackup.reg
c:\windows\system32\oem12.inf
c:\windows\temp\catchme.dll
.
.
(((((((((((((((((((( bestanden gemaakt van 2011-09-05 to 2011-10-05 ))))))))))))))))))))))))))))))
.
.
2011-10-05 05:01 . 2011-10-05 05:01 -------- d-----w- c:\users\user\appdata\local\temp
2011-10-05 05:01 . 2011-10-05 05:01 -------- d-----w- c:\users\default\appdata\local\temp
2011-10-04 14:10 . 2011-10-04 14:10 -------- d-----w- c:\windows\sun
2011-10-04 14:09 . 2011-10-04 14:09 -------- d-----w- c:\program files\common files\java
2011-10-04 14:09 . 2011-10-04 14:09 -------- d-----w- c:\archive
2011-10-04 14:09 . 2011-10-04 14:08 472808 ----a-w- c:\windows\system32\deployjava1.dll
2011-10-04 14:08 . 2011-10-04 14:08 -------- d-----w- c:\program files\java
2011-10-04 13:58 . 2011-10-04 14:14 -------- d-----w- c:\winsslog
2011-10-04 10:24 . 2011-10-04 10:24 -------- d-----w- c:\program files\ashampoo
2011-10-04 10:12 . 2011-10-04 10:12 -------- d-----w- c:\programdata\createpart
2011-10-04 09:57 . 2011-10-04 09:57 -------- d-----w- c:\programdata\explauncher
2011-10-04 09:57 . 2011-10-04 09:57 -------- d-----w- c:\programdata\launcher
2011-10-04 09:53 . 2011-10-04 10:24 -------- d-----w- c:\program files\paragon software
2011-10-04 08:24 . 2011-10-04 10:30 -------- d-----w- c:\programdata\filecure
2011-10-04 07:37 . 2011-10-04 10:57 -------- d-----w- c:\users\user\appdata\local\crashdumps
2011-10-04 07:36 . 2011-10-04 07:36 -------- d-----w- c:\program files\hewlett-packard
2011-10-03 07:41 . 2011-10-03 07:41 -------- d-----w- c:\users\user\appdata\local\fixitcenter
2011-10-03 07:31 . 2011-10-04 13:24 -------- d-----w- c:\program files\microsoft fix it center
2011-10-03 07:19 . 2011-10-03 07:19 -------- d-----w- c:\users\user\appdata\roaming\microsoft corporation
2011-10-03 01:23 . 2011-08-31 21:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-03 01:23 . 2011-10-03 01:24 -------- d-----w- c:\program files\malwarebytes' anti-malware
2011-10-02 08:26 . 2011-10-02 09:01 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{817bf018-1fa9-40ca-9f19-cb6fe8c05e74}\offreg.dll
2011-10-02 06:40 . 2011-10-02 06:40 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2011-10-02 05:30 . 2011-10-02 05:30 388096 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\hijackthis.exe
2011-10-02 05:30 . 2011-10-02 05:30 -------- d-----w- c:\program files\trend micro
2011-10-01 22:37 . 2011-10-04 13:24 -------- d-sh--w- c:\programdata\{24036256-bfdb-4cd3-be8a-a3d6160f2e16}
2011-09-30 20:00 . 2011-09-30 20:00 -------- d-----w- c:\users\user\appdata\local\apps
2011-09-30 18:55 . 2011-09-30 18:55 -------- d-----w- c:\program files\common files\magix shared
2011-09-30 16:04 . 2007-01-04 15:02 663552 ----a-w- c:\windows\system32\mgxoschk.dll
2011-09-30 16:03 . 2008-04-04 22:34 14208 ----a-w- c:\windows\system32\drivers\disksec.sys
2011-09-30 14:55 . 2011-09-30 14:55 -------- d-----w- c:\users\user\appdata\local\packageaware
2011-09-30 12:34 . 2011-10-04 13:24 -------- d-----w- c:\programdata\{d3b41b92-9bc2-43eb-916a-4fa9e8191837}
2011-09-30 11:56 . 2011-10-04 10:51 -------- d-----w- c:\program files\msecache
2011-09-30 11:55 . 2011-09-30 11:55 -------- d-----w- c:\program files\conduit
2011-09-30 09:03 . 2011-09-12 23:14 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{817bf018-1fa9-40ca-9f19-cb6fe8c05e74}\mpengine.dll
2011-09-30 06:19 . 2011-09-30 06:19 -------- d-----w- c:\programdata\martau
2011-09-28 11:49 . 2011-09-06 20:37 320856 ----a-w- c:\windows\system32\drivers\aswsp.sys
2011-09-28 11:49 . 2011-09-06 20:36 20568 ----a-w- c:\windows\system32\drivers\aswfsblk.sys
2011-09-28 11:49 . 2011-09-06 20:36 34392 ----a-w- c:\windows\system32\drivers\aswrdr.sys
2011-09-28 11:49 . 2011-09-06 20:36 52568 ----a-w- c:\windows\system32\drivers\aswtdi.sys
2011-09-28 11:49 . 2011-09-06 20:38 442200 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2011-09-28 11:48 . 2011-09-06 20:36 54616 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2011-09-28 11:47 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastss.scr
2011-09-28 11:47 . 2011-09-06 20:45 199304 ----a-w- c:\windows\system32\aswboot.exe
2011-09-28 11:47 . 2011-09-28 11:47 -------- d-----w- c:\programdata\avast software
2011-09-28 11:47 . 2011-09-28 11:47 -------- d-----w- c:\program files\avast software
2011-09-28 09:59 . 2011-09-28 09:59 -------- d-----w- c:\users\user\appdata\roaming\sammsoft
2011-09-27 10:35 . 2011-10-02 06:15 -------- d-----w- c:\users\user\appdata\roaming\malwarebytes
2011-09-27 10:35 . 2011-10-02 06:12 -------- d-----w- c:\programdata\malwarebytes
2011-09-25 10:50 . 2011-09-30 11:34 -------- dc----w- c:\users\user\appdata\local\migwiz
2011-09-25 08:48 . 2008-12-09 14:59 20392 ----a-w- c:\windows\system32\drivers\elrawdsk.sys
2011-09-25 03:53 . 2011-09-25 03:53 -------- d-----w- c:\users\user\appdata\local\spotlite
2011-09-25 03:17 . 2011-09-26 19:13 -------- d-----w- c:\users\user\appdata\roaming\grabit
2011-09-25 03:07 . 2011-09-25 03:53 -------- d-----w- c:\program files\spotlite
2011-09-25 03:03 . 2011-09-25 03:03 -------- d-----w- c:\program files\grabit
2011-09-24 10:36 . 2011-10-01 00:49 -------- d-----w- c:\windows\system32\drivers\umdf\nl-nl
2011-09-24 10:36 . 2011-09-24 10:36 -------- d-----w- c:\windows\windowsmobile
2011-09-24 10:34 . 2011-09-24 10:34 -------- d-----w- c:\windows\msagent
2011-09-24 10:34 . 2011-10-01 00:49 -------- d-----w- c:\windows\system32\drivers\nl-nl
2011-09-24 10:34 . 2011-09-24 10:34 40960 ----a-w- c:\program files\common files\microsoft shared\ink\nl\microsoft.ink.resources.dll
2011-09-24 10:32 . 2011-10-01 00:51 -------- d-----w- c:\windows\system32\vistalizator
2011-09-24 08:56 . 2009-11-05 21:36 47984 ----a-w- c:\windows\system32\advuninstcpl.cpl
2011-09-24 08:44 . 2011-10-04 13:03 -------- d-----w- c:\users\user\appdata\local\elevateddiagnostics
2011-09-24 08:41 . 2011-09-24 08:42 -------- d-----w- c:\aulogs
2011-09-24 07:00 . 2011-09-24 07:00 -------- d-----w- c:\program files\microsoft sql server
2011-09-24 06:49 . 2011-09-27 09:45 88 ----a-w- c:\users\user\appdata\roaming\netstat.bat
2011-09-24 02:23 . 2011-09-24 02:23 74703 ----a-w- c:\windows\system32\mfc45.dll
2011-09-22 12:55 . 2011-09-28 09:29 -------- d-----w- c:\users\user\appdata\local\utorrent
2011-09-22 11:29 . 2011-09-22 11:29 -------- d-----w- c:\program files\common files\innovative solutions
2011-09-22 10:44 . 2011-09-22 10:44 -------- d-----w- c:\program files\msbuild
2011-09-22 09:22 . 2011-09-30 05:59 -------- d-----w- c:\users\user\appdata\roaming\sunbelt
2011-09-20 08:02 . 2011-05-20 15:44 767952 ----a-w- c:\windows\bdtsupport.dll
2011-09-20 08:02 . 2011-05-20 15:44 149456 ----a-w- c:\windows\sgdetectiontool.dll
2011-09-20 08:02 . 2011-05-20 15:44 2078672 ----a-w- c:\windows\pctbdcore.dll
2011-09-20 08:02 . 2011-05-20 15:44 1533904 ----a-w- c:\windows\pctbdres.dll
2011-09-20 06:01 . 2011-10-04 13:25 -------- d-----w- c:\windows\system32\catroot2
2011-09-19 13:02 . 2010-06-09 08:06 527872 ----a-w- c:\windows\system32\stapi32.dll
2011-09-19 07:35 . 2011-09-19 07:35 -------- d-----w- c:\program files\microsoft.net
2011-09-19 05:39 . 2011-10-01 00:51 -------- d-----w- c:\windows\system32\msmq
2011-09-19 05:38 . 2011-09-19 05:38 -------- d-----w- c:\incinerate
2011-09-19 04:43 . 2011-09-27 06:29 -------- d-----w- c:\system.sav
2011-09-18 19:27 . 2011-09-28 08:47 -------- d-----w- c:\users\user\appdata\local\pokerstars
2011-09-18 08:36 . 2011-09-18 08:40 2036 ----a-w- c:\windows\system32\asoroset.bin
2011-09-18 08:29 . 2011-03-25 22:03 15592 ----a-w- c:\windows\system32\roboot.exe
2011-09-18 07:34 . 2011-09-25 07:55 -------- d-----w- c:\users\user\appdata\local\diagnostics
2011-09-18 06:55 . 2009-06-24 23:46 32256 ----a-w- c:\windows\system32\drivers\libusb0.sys
2011-09-18 06:55 . 2007-03-20 15:33 43520 ----a-w- c:\windows\system32\libusb0.dll
2011-09-18 06:19 . 2011-09-27 06:29 -------- d-----w- c:\program files\pokerstars
2011-09-16 05:50 . 2011-09-16 05:50 -------- d--h--w- c:\windows\pif
2011-09-15 09:22 . 2011-09-21 05:35 -------- d-----w- c:\users\user\appdata\local\microsoft_corporation
2011-09-14 05:05 . 2010-09-26 20:43 87688 ----a-w- c:\windows\system32\inccontxmenu.dll
2011-09-14 05:05 . 2010-09-26 20:35 2233016 ----a-w- c:\windows\system32\incinerator.dll
2011-09-14 05:05 . 2010-06-29 22:30 9341 ----a-w- c:\windows\system32\drivers\filedisk.sys
2011-09-14 05:04 . 2010-09-26 20:43 11776 ----a-w- c:\windows\system32\smrgdf.exe
2011-09-14 05:04 . 2010-09-26 20:43 29696 ----a-w- c:\windows\system32\iolobtdfg.exe
2011-09-14 04:07 . 2010-09-23 17:29 511328 ----a-w- c:\program files\common files\microsoft shared\capicom\capicom.dll
2011-09-14 03:19 . 2011-10-01 00:51 -------- d-----w- c:\windows\system32\wat
2011-09-14 02:04 . 2010-11-09 19:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-09-13 21:37 . 2011-10-04 13:24 -------- d-----w- c:\program files\ccleaner
2011-09-13 05:08 . 2004-03-09 04:00 1081616 ----a-w- c:\windows\system32\mscomctl.ocx
2011-09-13 02:19 . 2011-09-13 02:19 29992 ----a-w- c:\windows\system32\drivers\grd.sys
2011-09-12 22:33 . 2011-09-12 22:33 47560 ----a-w- c:\windows\system32\drivers\pkticpt.sys
2011-09-12 22:30 . 2011-09-12 22:30 61512 ----a-w- c:\windows\system32\drivers\miniicpt.sys
2011-09-12 22:30 . 2011-09-12 22:30 33480 ----a-w- c:\windows\system32\drivers\gdbehave.sys
2011-09-12 22:30 . 2011-09-12 22:30 40904 ----a-w- c:\windows\system32\drivers\gdwfpcd32.sys
2011-09-12 22:18 . 2011-09-12 22:18 -------- d-----w- c:\users\user\appdata\local\downloaded installations
2011-09-12 07:15 . 2011-09-20 06:40 20552 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-09-12 04:50 . 2011-10-01 00:49 -------- d-----w- c:\windows\system32\catroot2_201192015019
2011-09-12 01:30 . 2011-10-02 09:00 4194304 ----a-w- c:\windows\serviceprofiles\networkservice\msmqlog.bin
2011-09-11 08:18 . 2011-09-22 11:42 -------- d-----w- c:\users\user\appdata\roaming\glarysoft
2011-09-11 05:22 . 2011-09-26 00:04 -------- d-----w- c:\users\administrator
2011-09-11 02:47 . 2011-10-01 18:49 -------- d-----w- c:\users\user\appdata\roaming\skypepm
2011-09-11 02:47 . 2011-09-30 05:53 -------- d-----w- c:\programdata\skype extras
2011-09-11 01:40 . 2011-10-04 13:24 -------- d-----w- c:\users\user\appdata\roaming\dvdcss
2011-09-10 22:42 . 2011-09-10 22:42 -------- d-----w- c:\users\user\appdata\local\microsoft corporation
2011-09-10 19:23 . 2011-09-10 19:23 -------- d-----w- c:\programdata\synaptics
2011-09-10 19:23 . 2011-09-10 19:23 -------- d-----w- c:\users\user\appdata\roaming\synaptics
2011-09-10 10:20 . 2011-09-10 23:22 -------- d-----w- c:\windows\system32\vs08
2011-09-10 10:17 . 2011-09-10 23:22 -------- d-----w- c:\temp.intel
2011-09-10 05:06 . 2011-09-10 05:06 -------- d-----w- c:\pfiles
2011-09-10 00:39 . 2011-10-01 00:49 -------- d-----w- c:\windows\system32\bestpractices
2011-09-10 00:38 . 2011-09-24 09:21 -------- d-----w- c:\inetpub
2011-09-10 00:14 . 2011-10-04 10:21 -------- dc----w- c:\windows\system32\drvstore
2011-09-10 00:14 . 2006-09-28 18:32 9472 ----a-w- c:\windows\system32\drivers\pnetmdm.sys
2011-09-09 23:04 . 2011-10-04 13:25 -------- d-----w- c:\users\user\appdata\roaming\vlc
.
.
((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-24 10:36 . 2011-09-24 10:36 6656 ----a-w- c:\windows\system32\drivers\umdf\nl-nl\wpdmtpdr.dll.mui
2011-09-24 10:36 . 2011-09-24 10:36 2560 ----a-w- c:\windows\system32\drivers\nl-nl\wd.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 16896 ----a-w- c:\windows\system32\drivers\nl-nl\volsnap.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 4096 ----a-w- c:\windows\system32\drivers\nl-nl\tpm.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 4096 ----a-w- c:\windows\system32\drivers\nl-nl\scr111.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 4096 ----a-w- c:\windows\system32\drivers\nl-nl\scmstcs.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 4096 ----a-w- c:\windows\system32\drivers\nl-nl\pscr.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 4096 ----a-w- c:\windows\system32\drivers\nl-nl\grserial.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 3584 ----a-w- c:\windows\system32\drivers\nl-nl\umbus.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 3584 ----a-w- c:\windows\system32\drivers\nl-nl\stcusb.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 3584 ----a-w- c:\windows\system32\drivers\nl-nl\gpr400.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 3072 ----a-w- c:\windows\system32\drivers\nl-nl\serscan.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 3072 ----a-w- c:\windows\system32\drivers\nl-nl\cxbp0wdm.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 3072 ----a-w- c:\windows\system32\drivers\nl-nl\cmbp0wdm.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 5632 ----a-w- c:\windows\system32\drivers\nl-nl\nv4_mini.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 5120 ----a-w- c:\windows\system32\drivers\nl-nl\pcmcia.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 4608 ----a-w- c:\windows\system32\drivers\nl-nl\ntrigdigi.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 6656 ----a-w- c:\windows\system32\drivers\nl-nl\yk60x86.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 6144 ----a-w- c:\windows\system32\drivers\nl-nl\sermouse.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 5632 ----a-w- c:\windows\system32\drivers\nl-nl\bcm4sbxp.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 5632 ----a-w- c:\windows\system32\drivers\nl-nl\b57nd60x.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 5120 ----a-w- c:\windows\system32\drivers\nl-nl\mouclass.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 5120 ----a-w- c:\windows\system32\drivers\nl-nl\e100b325.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 4608 ----a-w- c:\windows\system32\drivers\nl-nl\msdsm.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 4096 ----a-w- c:\windows\system32\drivers\nl-nl\parport.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 36352 ----a-w- c:\windows\system32\drivers\nl-nl\e1e6032.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 3584 ----a-w- c:\windows\system32\drivers\nl-nl\rndismpx.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 3584 ----a-w- c:\windows\system32\drivers\nl-nl\parvdm.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 3584 ----a-w- c:\windows\system32\drivers\nl-nl\mouhid.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 2560 ----a-w- c:\windows\system32\drivers\nl-nl\amdide.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 24064 ----a-w- c:\windows\system32\drivers\nl-nl\mpio.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 19968 ----a-w- c:\windows\system32\drivers\nl-nl\e1g60i32.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 3584 ----a-w- c:\windows\system32\drivers\nl-nl\scsiport.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 9216 ----a-w- c:\windows\system32\drivers\nl-nl\afd.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 3072 ----a-w- c:\windows\system32\drivers\nl-nl\wdf01000.sys.mui
2011-09-24 10:36 . 2011-09-24 10:36 4096 ----a-w- c:\windows\system32\drivers\nl-nl\modem.sys.mui
2011-09-24 10:35 . 2011-09-24 10:35 3072 ----a-w- c:\windows\system32\drivers\nl-nl\srv.sys.mui
2011-09-24 10:35 . 2011-09-24 10:35 12288 ----a-w- c:\windows\system32\drivers\nl-nl\fvevol.sys.mui
2011-09-24 10:35 . 2011-09-24 10:35 3584 ----a-w- c:\windows\system32\drivers\nl-nl\rndismp.sys.mui
2011-09-24 10:35 . 2011-09-24 10:35 3584 ----a-w- c:\windows\system32\drivers\nl-nl\pacer.sys.mui
2011-09-24 10:35 . 2011-09-24 10:35 3072 ----a-w- c:\windows\system32\drivers\nl-nl\qwavedrv.sys.mui
2011-09-24 10:35 . 2011-09-24 10:35 73728 ----a-w- c:\windows\system32\drivers\nl-nl\ntfs.sys.mui
2011-09-24 10:35 . 2011-09-24 10:35 3584 ----a-w- c:\windows\system32\drivers\nl-nl\nfsrdr.sys.mui
2011-09-24 10:35 . 2011-09-24 10:35 4096 ----a-w- c:\windows\system32\drivers\nl-nl\dxgkrnl.sys.mui
2011-09-24 10:35 . 2011-09-24 10:35 7168 ----a-w- c:\windows\system32\drivers\nl-nl\luafv.sys.mui
2011-09-24 10:35 . 2011-09-24 10:35 4096 ----a-w- c:\windows\system32\drivers\nl-nl\ipnat.sys.mui
2011-09-24 10:35 . 2011-09-24 10:35 31744 ----a-w- c:\windows\system32\drivers\nl-nl\http.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 5632 ----a-w- c:\windows\system32\drivers\nl-nl\fltmgr.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3072 ----a-w- c:\windows\system32\drivers\nl-nl\pnpmem.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 9216 ----a-w- c:\windows\system32\drivers\nl-nl\pci.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 6656 ----a-w- c:\windows\system32\drivers\nl-nl\ipmidrv.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 5632 ----a-w- c:\windows\system32\drivers\nl-nl\kbdclass.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 4608 ----a-w- c:\windows\system32\drivers\nl-nl\isapnp.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3584 ----a-w- c:\windows\system32\drivers\nl-nl\mssmbios.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3072 ----a-w- c:\windows\system32\drivers\nl-nl\viaagp.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3072 ----a-w- c:\windows\system32\drivers\nl-nl\uliagpkx.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3072 ----a-w- c:\windows\system32\drivers\nl-nl\sisagp.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3072 ----a-w- c:\windows\system32\drivers\nl-nl\nv_agp.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3072 ----a-w- c:\windows\system32\drivers\nl-nl\kbdhid.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3072 ----a-w- c:\windows\system32\drivers\nl-nl\amdagp.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3072 ----a-w- c:\windows\system32\drivers\nl-nl\agp440.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 11776 ----a-w- c:\windows\system32\drivers\nl-nl\i8042prt.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 11264 ----a-w- c:\windows\system32\drivers\nl-nl\ltmdmnt.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 4608 ----a-w- c:\windows\system32\drivers\nl-nl\wacompen.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3584 ----a-w- c:\windows\system32\drivers\nl-nl\hidbth.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3072 ----a-w- c:\windows\system32\drivers\nl-nl\dot4usb.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 11776 ----a-w- c:\windows\system32\drivers\nl-nl\serial.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 8192 ----a-w- c:\windows\system32\drivers\nl-nl\bthport.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 5120 ----a-w- c:\windows\system32\drivers\nl-nl\bthpan.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 21504 ----a-w- c:\windows\system32\drivers\nl-nl\viac7.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 21504 ----a-w- c:\windows\system32\drivers\nl-nl\processr.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 21504 ----a-w- c:\windows\system32\drivers\nl-nl\intelppm.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 21504 ----a-w- c:\windows\system32\drivers\nl-nl\crusoe.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 21504 ----a-w- c:\windows\system32\drivers\nl-nl\amdk8.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 21504 ----a-w- c:\windows\system32\drivers\nl-nl\amdk7.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3584 ----a-w- c:\windows\system32\drivers\nl-nl\atikmdag.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3584 ----a-w- c:\windows\system32\drivers\nl-nl\ati2mtag.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3584 ----a-w- c:\windows\system32\drivers\nl-nl\ati2mpad.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3072 ----a-w- c:\windows\system32\drivers\nl-nl\uagp35.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 3072 ----a-w- c:\windows\system32\drivers\nl-nl\gagp30kx.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 2560 ----a-w- c:\windows\system32\drivers\nl-nl\brparwdm.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 12288 ----a-w- c:\windows\system32\drivers\nl-nl\ohci1394.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 11264 ----a-w- c:\windows\system32\drivers\nl-nl\brserid.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 10752 ----a-w- c:\windows\system32\drivers\nl-nl\acpi.sys.mui
2011-09-24 10:34 . 2011-09-24 10:34 10240 ----a-w- c:\windows\system32\drivers\nl-nl\battc.sys.mui
2011-09-08 07:32 . 2011-03-28 22:36 18328 ----a-w- c:\programdata\microsoft\identitycrl\production\ppcrlconfig600.dll
2011-09-08 01:06 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-08-04 13:20 . 2011-08-04 13:20 33656 ----a-w- c:\windows\system32\drivers\epfwlwf.sys
2011-07-25 23:42 . 2011-07-25 21:28 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
.
.
((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
regedit4
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083b0-c522-11cf-8763-00608cc02f24}"
[hkey_classes_root\clsid\{472083b0-c522-11cf-8763-00608cc02f24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\avast software\avast\ashshell.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"syntpenh"=c:\program files\synaptics\syntp\syntpenh.exe [2010-05-28 1721640]
"avast"=c:\program files\avast software\avast\avastui.exe [2011-09-06 3722416]
"sunjavaupdatesched"=c:\program files\common files\java\java update\jusched.exe [2011-06-09 254696]
.
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioradmin"= 5 (0x5)
"consentpromptbehavioruser"= 3 (0x3)
"enableuiadesktoptoggle"= 0 (0x0)
"promptonsecuredesktop"= 0 (0x0)
.
[hkey_current_user\software\microsoft\windows\currentversion\policies\explorer]
"maxrecentdocs"= 15 (0xf)
.
[hkey_local_machine\system\currentcontrolset\control\lsa]
security packages reg_multi_sz kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[hkey_local_machine\software\microsoft\shared tools\msconfig\startupreg\google update]
c:\users\user\appdata\local\google\update\googleupdate.exe [bu]
.
[hkey_local_machine\software\microsoft\shared tools\msconfig\startupreg\hijackthis startup scan]
2010-03-25 22:42 388096 ----a-w- c:\program files\trend micro\hijackthis\hijackthis.exe
.
[hkey_local_machine\software\microsoft\shared tools\msconfig\startupreg\malwarebytes' anti-malware]
2011-08-31 21:00 449608 ----a-w- c:\program files\malwarebytes' anti-malware\mbamgui.exe
.
[hkey_local_machine\software\microsoft\shared tools\msconfig\startupreg\malwarebytes' anti-malware (reboot)]
2011-08-31 21:00 1047208 ----a-w- c:\program files\malwarebytes' anti-malware\mbam.exe
.
[hkey_local_machine\software\microsoft\shared tools\msconfig\startupreg\windows media center]
c:\users\user\appdata\roaming\smss.exe [bu]
.
[hkey_local_machine\software\microsoft\windows\currentversion\run-]
"windows defender"=c:\program files\windows defender\msascui.exe -hide
"persistence"=c:\windows\system32\igfxpers.exe
.
[hkey_local_machine\software\microsoft\windows\currentversion\run-disabled]
"igfxtray"=c:\windows\system32\igfxtray.exe
.
r3 revoflt;revoflt;c:\windows\system32\drivers\revoflt.sys [2009-12-30 27192]
r3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
r4 aestfilters;andrea st filters service;c:\program files\idt\wdm\aestsrv.exe [2009-03-03 81920]
s1 aswsnx;aswsnx; [x]
s1 aswsp;aswsp; [x]
s1 vwififlt;virtual wifi filter driver;c:\windows\system32\drivers\vwififlt.sys [2009-07-13 48128]
s2 aswfsblk;aswfsblk; [x]
s2 aswmonflt;aswmonflt;c:\windows\system32\drivers\aswmonflt.sys [2011-09-06 54616]
s2 clr_optimization_v4.0.30319_32;microsoft .net framework ngen v4.0.30319_x86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
s2 iastordatamgrsvc;intel(r) rapid storage technology;c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe [2010-11-06 13336]
s2 tuneup.utilitiessvc;tuneup utilities service;c:\program files\tuneup utilities 2011\tuneuputilitiesservice32.exe [2011-01-19 1517376]
s3 rspciestor;realtek pcie cardreader driver;c:\windows\system32\drivers\rtspstor.sys [2010-05-07 230944]
s3 rtl8167;realtek 8167 nt driver;c:\windows\system32\drivers\rt86win7.sys [2010-05-31 267880]
s3 tuneuputilitiesdrv;tuneuputilitiesdrv;c:\program files\tuneup utilities 2011\tuneuputilitiesdriver32.sys [2010-11-29 10064]
.
.
[hkey_local_machine\software\microsoft\windows nt\currentversion\svchost]
localserviceandnoimpersonation reg_multi_sz ssdpsrv upnphost scardsvr tbs fontcache fdrespub appidsvc qwave wcncsvc
iissvcs reg_multi_sz w3svc was
apphost reg_multi_sz apphostsvc
ipripsvc reg_multi_sz iprip
.
hkey_local_machine\software\microsoft\windows nt\currentversion\svchost - netsvcs
uxtuneup
.
[hkey_local_machine\software\microsoft\active setup\installed components\{2c7339cf-2b09-4501-b3f3-f3508c9228ed}]
2010-11-20 12:21 2755072 ----a-w- c:\windows\system32\themeui.dll
.
.
------- bijkomende scan -------
.
mstart page = hxxp://www.msn.com
trusted zone: microsoft.com\*.windowsupdate
trusted zone: microsoft.com\update
trusted zone: windowsupdate.com
tcp: dhcpnameserver = 10.0.0.254
.
.
------- bestandsassociaties -------
.
jsefile=notepad.exe %1
.
.
--------------------- vergrendelde register sleutels ---------------------
.
[hkey_local_machine\system\controlset002\control\pcw\security]
@denied: (full) (everyone)
.
voltooingstijd: 2011-10-05 01:08:40
combofix-quarantined-files.txt 2011-10-05 05:08
.
pre-run: 81,245,548,544 bytes free
post-run: 80,978,415,616 bytes free
.
- - end of file - - d74aea293947854ed34d54481f1bf0f6

[/hjt]
 
Hoe heeft Windows gereageerd op de scan?

En je gebruikt TuneUp Utilities.
Ik ben daar geen voorstander van, mede omdat TuneUp al veel Windows'en compleet vernaggeld heeft.
 
windows reageert goed
ik gebruik inderdaad tuneup en dat werkt prima moet ik zeggen helpt enorm
 
ik heb nieuwe updates geinstalleerd maar denk niet dzat hij goed werkt want kan nu momenteel geen nieuwe meer vinden en denk dat ik er nog een paar mis!
 
en chrome gebruikt ook veel memort terwijl ik nu maar 2 tabbladen open heb en memory van chrome in 4 aparte processen is ongeveer 140.000kb ?
 
Ik gebruik Firefox 7.01, vier tabbladen openstaan en een geheugengebruik van bijna 196.000 kB!

Dus wat Chrome gebruikt valt in vergelijking met de vos mee.

Want start bijvoorbeeld IE en zet de dezelfde tabs open, dan denk ik dat IE ongeveer hetzelfde geheugengebruik heeft als Chrome.


Wat de Updates betreft, ga naar "Start\Alle programma's\Windows Update".

Klik eerst in het linkergedeelte op "Optionele updates".

Ik denk dat daar wel een en ander vermeld staat wat nog in jouw Windows genstalleerd dient te worden.

Daarna kan je op de link "Naar nieuwe updates zoeken" klikken
 
ik heb nergens optionele updates staan in me menu en btw me windows 7 starter is engels volledig kan ik die vertalen naar NL
 
No, dat gaat niet.

Hoezo heb jij dan een Engelstalige versie?

Heb je er al over gedacht desnoods een volwaardige Windows 7 in dat netbook van je te zetten?
 
omdat ik inmiddels op curacao woon en me laptop is hier kapot gegaan en de hp store heeft er een engelse versie opgezet terwijl ik eerst een nl had.
 
eerst wel maar naar de nieuwe installatie hier niet meer alleen c schijf 150gig zou ik die wel weer kunnen maken dan?
 
Verdikkie, dan weten ze op jouw eiland bij HP ook niet hoe Windows te installeren!

Stel ze maar verantwoordelijk voor het feit dat jij nu Windows NL kwijt bent!
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan