HansSpain

Helaas heb ik die keuze niet, zie de drie afbeeldingen van Systeemherstel:

Helaas kan ik 1-4-2013 zien als meest ver weg gelegen herstelpunt. Dus nadat de harde schijf volliep. Er is geen software geinstalleerd.

ComboFix 13-04-04.01 - Hans 05-04-2013 3:32:22.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3071.2115 [GMT 2:00] Gestart vanuit: c:\users\hans\downloads\combofix.exe AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((( Bestanden Gemaakt van 2013-03-05 to 2013-04-05 )))))))))))))))))))))))))))))) 2013-04-05 01:49:50 . 2013-04-05 01:49:55 -------- d-----w- C:\Users\Hans\AppData\Local\temp 2013-04-05 01:49:50 . 2013-04-05 01:49:50 -------- d-----w- C:\Users\Default\AppData\Local\temp 2013-04-04 07:49:33 . 2013-04-04 07:49:33 60872 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3A832F3-6124-46F8-82BF-7D384D948078}\offreg.dll 2013-04-04 06:28:12 . 2013-04-04 06:28:12 -------- d-----w- C:\Program Files\Fibo-Vector 2013-04-02 11:42:06 . 2013-04-02 11:42:06 -------- d-----w- C:\Windows\nl 2013-04-02 11:41:12 . 2012-03-08 16:32:24 39272 ----a-w- C:\Windows\system32\drivers\fssfltr.sys 2013-04-02 11:39:45 . 2013-04-02 11:39:45 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2013-04-02 11:36:00 . 2013-04-02 11:42:15 -------- d-----w- C:\Program Files\Windows Live 2013-04-02 11:32:41 . 2013-04-02 11:32:41 -------- d-----w- C:\Program Files\Microsoft 2013-04-02 11:32:34 . 2009-09-04 15:44:40 69464 ----a-w- C:\Windows\system32\XAPOFX1_3.dll 2013-04-02 11:32:34 . 2009-09-04 15:44:40 515416 ----a-w- C:\Windows\system32\XAudio2_5.dll 2013-04-02 11:32:34 . 2009-09-04 15:29:34 453456 ----a-w- C:\Windows\system32\d3dx10_42.dll 2013-04-02 11:31:11 . 2006-11-29 11:06:18 3426072 ----a-w- C:\Windows\system32\d3dx9_32.dll 2013-04-02 11:30:29 . 2013-04-02 11:30:29 7450888 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\73f12b5d1ce2f9505\bingbarsetup.exe 2013-04-02 11:30:06 . 2013-04-02 11:30:06 15712 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\6c22c0e91ce2f9504\MeshBetaRemover.exe 2013-04-02 11:29:57 . 2013-04-02 11:29:57 89944 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\6666a2d81ce2f9503\DSETUP.dll 2013-04-02 11:29:57 . 2013-04-02 11:29:57 537432 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\6666a2d81ce2f9503\DXSETUP.exe 2013-04-02 11:29:57 . 2013-04-02 11:29:57 1801048 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\6666a2d81ce2f9503\dsetup32.dll 2013-04-02 11:29:51 . 2013-04-02 11:29:51 94040 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\622f1db71ce2f9502\DSETUP.dll 2013-04-02 11:29:51 . 2013-04-02 11:29:51 525656 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\622f1db71ce2f9502\DXSETUP.exe 2013-04-02 11:29:51 . 2013-04-02 11:29:51 1691480 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\622f1db71ce2f9502\dsetup32.dll 2013-04-02 11:25:55 . 2013-03-19 03:50:38 7108640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3A832F3-6124-46F8-82BF-7D384D948078}\mpengine.dll 2013-04-02 10:51:21 . 2010-04-05 20:00:40 221568 ----a-w- C:\Windows\system32\drivers\netio.sys 2013-04-02 10:44:26 . 2013-04-02 10:46:35 1772 ----a-w- C:\FixitRegBackup.reg 2013-04-02 10:38:32 . 2013-04-02 10:38:32 507 ----a-w- C:\Windows\mseclean.bat 2013-03-31 10:18:31 . 2013-03-31 10:18:31 -------- d-----w- C:\Users\Hans\AppData\Local\FixItCenter 2013-03-30 13:37:07 . 2013-03-30 13:37:07 -------- d-----w- C:\Users\Hans\AppData\Roaming\JAM Software 2013-03-30 13:36:55 . 2013-03-30 13:36:55 -------- d-----w- C:\Program Files\JAM Software 2013-03-30 09:46:36 . 2013-03-30 09:46:36 388096 ----a-r- C:\Users\Hans\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-03-30 09:46:33 . 2013-03-30 09:46:33 -------- d-----w- C:\Program Files\Trend Micro 2013-03-30 09:23:17 . 2013-03-30 09:23:18 -------- d-----w- C:\Program Files\CCleaner 2013-03-13 17:15:41 . 2013-02-12 01:57:27 15872 ----a-w- C:\Windows\system32\drivers\usb8023.sys 2013-03-13 12:35:44 . 2013-03-13 12:35:45 -------- d-----w- C:\Windows\MATS 2013-03-13 12:35:43 . 2013-03-13 12:35:47 -------- d-----w- C:\Program Files\Microsoft Fix it Center 2013-03-11 15:53:36 . 2013-03-11 15:53:36 -------- d-----w- C:\Users\Hans\AppData\Roaming\webex 2013-03-11 15:52:41 . 2013-03-11 15:53:30 -------- d-----w- C:\ProgramData\WebEx . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) 2013-04-05 00:04:32 . 2008-01-16 00:11:58 45056 ----a-w- C:\Windows\system32\acovcnt.exe 2013-04-02 11:36:02 . 2011-03-28 16:36:46 19696 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-03-13 11:52:15 . 2012-07-12 16:02:05 693976 ----a-w- C:\Windows\system32\FlashPlayerApp.exe 2013-03-13 11:52:14 . 2012-07-12 16:02:05 73432 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-02-23 22:20:48 . 2013-02-23 22:20:57 94112 ----a-w- C:\Windows\system32\WindowsAccessBridge.dll 2013-02-23 22:20:42 . 2012-07-13 15:02:16 861088 ----a-w- C:\Windows\system32\npDeployJava1.dll 2013-02-23 22:20:41 . 2012-07-13 15:02:17 782240 ----a-w- C:\Windows\system32\deployJava1.dll 2013-01-20 14:59:04 . 2013-01-20 14:59:04 195296 ----a-w- C:\Windows\system32\drivers\MpFilter.sys 2013-01-20 14:59:04 . 2012-08-30 20:03:50 100328 ----a-w- C:\Windows\system32\drivers\NisDrvWFP.sys 2013-01-16 23:28:58 . 2012-06-10 03:42:36 232336 ------w- C:\Windows\system32\MpSigStub.exe 2013-01-05 05:26:01 . 2013-02-13 19:35:26 3550072 ----a-w- C:\Windows\system32\ntoskrnl.exe 2013-01-05 05:26:01 . 2013-02-13 19:35:25 3602808 ----a-w- C:\Windows\system32\ntkrnlpa.exe ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\Hans\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 06:08:30 4480768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 09:31:25 630784] "ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 16:27:32 61440] "ASUS Camera ScreenSaver"="C:\Windows\ASScrProlog.exe" [2008-01-15 23:58:29 37232] "ASUS Screen Saver Protector"="C:\Windows\ASScrPro.exe" [2008-01-15 23:58:39 33136] "PowerForPhone"="C:\Program Files\PowerForPhone\PowerForPhone.exe" [2007-06-26 18:10:44 778240] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 13:57:24 153136] "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 07:35:28 946352] "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 20:32:54 59280] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2012-09-09 22:30:34 421776] "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 08:04:54 252848] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSTPE] 2006-12-12 23:06:42 106496 ----a-w- C:\Windows\System32\ASUSTPE.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2012-06-10 19:31:01 116648 ----atw- C:\Users\Hans\AppData\Local\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2007-06-20 10:49:10 451872 ----a-w- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2007-02-15 09:07:15 4390912 ----a-w- C:\Windows\RtHDVCpl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2006-11-22 21:27:27 815104 ----a-w- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-06-20 10:47:34 451872 ----a-w- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe Inhoud van de 'Gedeelde Taken' map 2013-04-05 C:\Windows\Tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 16:02:06 . 2013-03-13 11:52:16] 2013-04-04 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1775588869-1677236965-1580062531-1000Core.job - C:\Users\Hans\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-10 19:31:07 . 2012-06-10 19:31:01] 2013-04-05 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1775588869-1677236965-1580062531-1000UA.job - C:\Users\Hans\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-10 19:31:07 . 2012-06-10 19:31:01] ------- Bijkomende Scan ------- uStart Page = https://login.yahoo.com/config/login_verify2?&.src=ym uInternet Settings,ProxyOverride = <local>;*.local TCP: DhcpNameServer = 80.81.117.6 213.171.228.11

Dank u,!

Bedankt voor de toelichting, het is gelukt! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 2:02:56, on 1-4-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Program Files\ASUS\ATK Media\DMedia.exe C:\Windows\ASScrPro.exe C:\Program Files\PowerForPhone\PowerForPhone.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Users\Hans\AppData\Local\Akamai\netsession_win.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\Hans\AppData\Local\Akamai\netsession_win.exe C:\Users\Hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\MetaTrader - EXNESS\terminal.exe C:\Users\Hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify2?&.src=ym R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Hans\AppData\Local\Akamai\netsession_win.exe" O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe -- End of file - 5576 bytes

Bedankt voor de reactie. Zelf ben ik gebruiker met Administrator rechten. Met de rechter klik verschijnt geen optie om als Administrator verder te gaan/HijackThis te starten. HijackThis start wel, maar met de eerder geschetste problemen. Inmiddels loopt de schijf weer vol. En rap. Ik las ergens dat schijfdefragmentatie ook meldingen genereert/toont. Maar ik krijg zulke meldingen niet. Is er iets anders dat kan detecteren wat er aan de hand is? CCleaner heb ik al gebruikt maar er was weinig te verwijderen/corrigeren. HijackThis genereert nog steeds geen log.... Bij voorbaat dank voor de hulp, mvg Hans

Hallo, Mijn harde schijf is plots volgelopen: Ik heb uw instructie gevolgd: http://www.pc-helpforum.be/f182/harde-schijf-loopt-vol-44997/ Het HijackThis scan rapport verscheen en een leeg Kladblok scherm, maar dat werd niet gevuld. Daarop startte ik de computer opnieuw op en ik zag enige verbetering: Maar de vrije ruimte is nog steeds zeer beperkt. Opnieuw HijackThis gestart, met hetzelfde gemis van de log. Ook een nieuwe lognaam gegeven, maar ook die kan ik niet terugvinden... VRAAG: HijackThis nu verwijderen en opnieuw installeren (en dan weer de instructies verder opvolgen)? Of is er iets anders aan de hand? Bij voorbaat dank, Hans