Probleen Avast GrimeFighter

[juisterr]

Download ZHPDiag naar het bureaublad.

 

Antivirussoftware uitschakelen

Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met ZHPDiag.

Antivirus software uitschakelen

Antispy & malware software uitschakelen

 

ZHPDiag installeren

Dubbelklik op zhpdiag.exe om de installatie te starten.

Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

Klik meerdere keren op "Suivant" om het installatieproces te doorlopen.

Klik op "Installer" wanneer daar om gevraagd wordt en op "Terminer" wanneer de installatie voltooid is.

 

ZHPDiag uitvoeren

Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

• Dubbelklik op de snelkoppeling met de naam ZHPDiag

Het startvenster verschijnt, klik nu op "Configureren".

Als de taal niet als Nederlands is ingesteld klik rechts onderaan op het icoontje "Sélectionner une langue" en kies "Néerlandais".

Klik daarna links onderaan op het icoontje "Diagnosemogelijkheden".

Er wordt nu een scan van je systeem gemaakt wacht geduldig tot deze voltooid is.

 

ZHPDiag.txt logbestand plaatsen

Voeg het logbestand met de naam "ZHPDiag.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op het bureaublad.)

 

3 juni 2015 aangepast door juisterr

[vtveen]

~ Verslag van ZHPDiag v2015.5.31.53 - Nicolas Coolman  (31-5-2015)
~ Gelanceerd door Gebruiker (4-6-2015 10:59:02)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Het adres van de webforum : http://forum.nicolascoolman.fr
~ Vertaald door de gebruiker
~ Staat van de versie : Bijgewerkte versie.
~  Lijst wit : Ingeschakeld door het programma
~ Tot misbruik van bevoegdheden : OK
~ Gebruikersaccountbeheer (UAC) : Activate by user


---\\ Internet-browsers
MSIE: Internet Explorer v11.0.9600.17801
MFIE: Mozilla Firefox 38.0.5 (Defaut)

---\\ Windows productinformatie
~ Langage: Néerlandais
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)

---\\ Software om het systeem te beveiligen
Avast Free Antivirus v10.2.2218
Emsisoft Anti-Malware
Malwarebytes Anti-Malware versie 2.1.6.1022
Windows Defender W7 (Activate)

---\\ Systeem optimalisatie software
CCleaner v5.05

---\\ Delen van software PeerToPeer

---\\ Software die extra aandacht behoeft
Adobe Flash Player 17 NPAPI
Adobe Acrobat Reader DC - Nederlands

---\\ Informatie over het systeem
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3487 MB (47% free)
System Restore: Activé (Enable)
System drive C: has 253 GB (54%) free of 466 GB

---\\ Verbinding met het systeem-modus
~ Computer Name: GEBRUIKER2-PC
~ User Name: Gebruiker
~ All Users Names: Gebruiker, Gast, Administrator,
~ Unselected Option: None
Logged in as Administrator

---\\ Omgevingsvariabelen
~ System Unit : C:\
~ %AppZHP% : C:\Users\Gebruiker\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Gebruiker\AppData\Roaming\
~ %Desktop% : C:\Users\Gebruiker\Desktop\
~ %Favorites% : C:\Users\Gebruiker\Favorites\
~ %LocalAppData% : C:\Users\Gebruiker\AppData\Local\
~ %StartMenu% : C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Overzicht vaste en verwisselbare stations
C: Hard drive, Flash drive, Thumb drive (Free 253 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 60 Go of 153 Go)



---\\ Staat van het Windows Beveiligingscentrum
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Zoeken naar bepaalde algemene bestanden
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Verkenner.) (.25-2-2011 - 6:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Windows Toepassing Opstarten.) (.14-7-2009 - 2:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.CB5F450D21B9D76B7F01D006E4AEDB40] - (.Microsoft Corporation - Internetuitbreidingen voor Win32.) (.21-4-2015 - 16:02:00.) -- C:\Windows\System32\wininet.dll [1882112]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Toepassing Windows-aanmelden.) (.17-7-2014 - 2:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Software Licensing-bibliotheek.) (.20-11-2010 - 22:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30-5-2014 - 7:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14-7-2009 - 2:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14-7-2009 - 0:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20-11-2010 - 22:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20-11-2010 - 22:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20-11-2010 - 22:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - i8042-poortstuurprogramma.) (.14-7-2009 - 0:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14-7-2009 - 0:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27-4-2011 - 3:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20-11-2010 - 22:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - NT-bestandssysteemstuurprogramma.) (.24-1-2014 - 3:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) (.14-7-2009 - 0:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14-7-2009 - 0:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20-11-2010 - 22:29:49.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14-7-2009 - 0:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) (.11-11-2014 - 2:32:14.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) (.20-11-2010 - 22:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes:  Scanned in 00mn 03s



---\\ Status van de verborgen bestanden (verborgen/totaal)
~ Mes images (My Pictures) : 1/25035
~ Mes Favoris (My Favorites) : 1/532
~ Mes Documents (My Documents) : 2/25593
~ Mon Bureau (My Desktop) : 1/87
~ Menu demarrer (Programs) : 1/51
~ Hidden Files:  Scanned in 00mn 45s



---\\ Gestarte processen
[MD5.F979E2139F2DD221ECB8506EEAC9931F] - (.Realtek Semiconductor - Realtek HD Audio configuratie.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe   [10996368] [PID.2184]
[MD5.65C6AA484AD2287D20541C7735989437] - (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe   [5515496] [PID.2232]
[MD5.4C2ECFF76CE32EC594545152D1DCEB35] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe   [145880] [PID.2248]
[MD5.1B422F7D2238612919EE9771D26B0208] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe   [181208] [PID.2280]
[MD5.22884291BD017D70E047D50DAD3C4602] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe   [189912] [PID.2296]
[MD5.E61C378A29979BD8840EEFAC0F36C231] - (.Microsoft Corporation - GWX.) -- C:\Windows\system32\GWX\GWX.exe   [406528] [PID.2516]
[MD5.34D296AFC913E302953C70463EF09A48] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe   [96056] [PID.2560]
[MD5.F8A3337DE768B126B061F1B7CD38A436] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe   [311616] [PID.2604]
[MD5.8FB1A3AB319F21CC8DB34198CB4A88E7] - (.Emsisoft Ltd - Emsisoft Real-Time Protection.) -- C:\Program Files\Emsisoft Anti-Malware\a2guard.exe   [4923832] [PID.2648]
[MD5.2F85D5E63A1ECE08085D32C1B615BBFD] - (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe   [1562264] [PID.2708]
[MD5.1F014EA12ECB13C909DA9395E9CD3D18] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe   [6278424] [PID.2908]
[MD5.7E212E742BF06BF678AE35E9C1B74B8F] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe   [6212920] [PID.3492]
[MD5.82496FC05D85C9C3B9ABBC66B3A97F11] - (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.exe   [196440] [PID.6048]
[MD5.4ADB31B7C88BBBBB6203968E6C2CBDA1] - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe   [12317848] [PID.2328]
[MD5.923FE895B22B22A9CA03C72F3D15CE20] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [376944] [PID.6100]
[MD5.F3198BA5BA8CC86D3F2DEA8C2ACA7385] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8212992] [PID.1432]
[MD5.BBFD6BC7E79989B69F0998D0FEF4E6B8] - (.Emsisoft Ltd - Emsisoft Protection Service.) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe   [5155576] [PID.1356]
[MD5.C04C5487155FF65CEA329BF3368787E0] - (.SurfRight B.V. - HitmanPro Scheduler.) -- C:\Program Files\HitmanPro\hmpsched.exe   [106248] [PID.1632]
[MD5.2638395F6E61889D75C363A80A0E17F4] - (.SurfRight B.V. - HitmanPro.Alert.) -- C:\Program Files\HitmanPro.Alert\hmpalert.exe   [1876816] [PID.1676]
[MD5.54236E79A44F909612391C8A2D70D512] - (.Avast Software s.r.o. - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [343336] [PID.1976]
[MD5.929593D76589294BA3F74540298D1B3E] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe   [81088] [PID.1540]
[MD5.1878A79551F2EDAE7EBD110AAE6D33AD] - (.Hewlett-Packard Company - SolutionsFrameworkService.) -- C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe   [89840] [PID.2160]
[MD5.516E29AD03BDF610CC36A95AE692FE42] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe   [1871160] [PID.2988]
[MD5.2B983F067AEE3F9EB4DF5E97F45D21D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe   [1080120] [PID.3176]
[MD5.E5CA07C1A5A4C7095FC8937D84B37243] - (.Avast Software - AvastVirtualBox Interface.) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe   [3207800] [PID.2772]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Microsoft Software Protection Platform-serv.) -- C:\Windows\system32\sppsvc.exe   [3179520] [PID.1848]
[MD5.2C49B175AEE1D4364B91B531417FE583] - (.Microsoft Corporation - Installatieprogramma voor Windows-modules.) -- C:\Windows\servicing\TrustedInstaller.exe   [204800] [PID.4632]
[MD5.835CE0647E4E9F01BEB26201DA6705B4] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 11.0 (component).) -- C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe   [171600] [PID.4848]
[MD5.5456DE5A8E11EDBD68BF19C70B0A8F58] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe   [326168] [PID.5088]
[MD5.D87FB12563F65088B1904871D86E5164] - (.Intel Corporation - User Notification Service.) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe   [2656280] [PID.2244]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, start, zoeken, extensies (G0, G1, G2)
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Google Chrome extensie map
~ Google Lines Browser: 10 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins, start, zoeken, extensies (P2, M0, M1, M2, M3)
M0 - MFSP: prefs.js [Gebruiker - om83l57t.default-1432806240564] http://www.ipernity.com
M2 - MFEP: Extension [Gebruiker - i0nb2dcx.default] {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
M2 - MFEP: Extension [Gebruiker - om83l57t.default-1432806240564] {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bolcom-nl.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\marktplaats-nl.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-nl.xml
~ Firefox Browser: 24 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, proxybeheer (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse van lijnen F0, F1, F2, F3 - IniFiles, Autoloading programma's
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts-bestand omleiding (O1)
~ Le fichier hôte est sain (The hosts file is clean) (1)
~ Hosts File:  Scanned in 00mn 00s



---\\ Toepassingen gestart door register & bestand (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio configuratie.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [AvastUI.exe] . (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe   =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe   =>.Samsung Electronics Co
O4 - HKLM\..\Run: [emsisoft anti-malware] . (.Emsisoft Ltd - Emsisoft Real-Time Protection.) -- c:\program files\emsisoft anti-malware\a2guard.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe   =>.Piriform Ltd
O4 - HKUS\S-1-5-21-4230844291-488404651-3536562176-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-4230844291-488404651-3536562176-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe   =>.Piriform Ltd
~ Application:  Scanned in 00mn 00s



---\\ Knoppen op de werkbalk "belangrijkste instrumenten" Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Domeinadres van de DNS (O17) wijzigen
O17 - HKLM\System\CCS\Services\Tcpip\..\{C38DBE90-E1A1-457B-9DF4-E7A7A7EF6FEE}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\..\{C38DBE90-E1A1-457B-9DF4-E7A7A7EF6FEE}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{C38DBE90-E1A1-457B-9DF4-E7A7A7EF6FEE}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{C38DBE90-E1A1-457B-9DF4-E7A7A7EF6FEE}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{C38DBE90-E1A1-457B-9DF4-E7A7A7EF6FEE}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{C38DBE90-E1A1-457B-9DF4-E7A7A7EF6FEE}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
~ Domain:  Scanned in 00mn 00s



---\\ Aanvullend Protocol (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ AppInit_DLLs waarde en subsleutels Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lijst van niet-Microsoft NT services die niet uitgeschakeld zijn (O23)
O23 - Service: HitmanPro.Alert Service (hmpalertsvc) . (.SurfRight B.V. - HitmanPro.Alert.) - C:\Program Files\HitmanPro.Alert\hmpalert.exe
~ Services: 11 Legitimates Filtered in 00mn 11s



---\\ Taken die zijn gepland in de automatische modus (O39)
[MD5.00000000000000000000000000000000] [APT] [{3DD5E559-259C-4A57-AAF9-9123237C5E0D}] (...) -- C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{4058A6CF-C396-4C58-808A-9F55CAD2C574}] (...) -- C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{4BC8B01C-A5E0-4839-8B67-A68340891EF2}] (...) -- C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{5064731C-EE71-486B-BB8B-3D7A79FD50E8}] (...) -- C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{5AF9B4F0-B01A-435E-B51D-F5C1D90916E5}] (...) -- C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{75765059-F1FB-4E09-B34F-707B1C9ED8B6}] (...) -- C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{94488CBB-AAE4-491E-AF37-8114750DE063}] (...) -- C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{98865E0D-B13E-4DD6-8408-C1FE94DEA5EE}] (...) -- C:\Users\Gebruiker\Downloads\CF_UNINST.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{A715D6E7-B611-4047-8E75-37532102F7C4}] (...) -- C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{B1961593-7EB4-47E3-AE61-3D757694EEE9}] (...) -- C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{BF486570-E969-44DF-8116-24ECFD56DB42}] (...) -- C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{C5F75F44-36E6-4E7C-8D8D-DFA6B6A2ECE6}] (...) -- C:\Users\Gebruiker\Downloads\CanoScan_D660U.exe (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [940]
~ Scheduled Task: 20 Legitimates Filtered in 00mn 04s



---\\ Geïnstalleerde software (O42)
O42 - Logiciel: Aangifte inkomstenbelasting 2013 - (.Belastingdienst.) [HKLM] -- Aangifte inkomstenbelasting 2013
~ Logic: 13 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKLM\Software\jumpshot.com]
~ Key Software: 164 Legitimates Filtered in 00mn 00s



---\\ 'Inhoud van mappen programma's, ProgramFiles, ProgramData, AppData (O43)
O43 - CFD: 12-3-2013 - 15:09:04 - [] ----D C:\Program Files\Belastingdienst
O43 - CFD: 25-2-2014 - 17:35:45 - [] ----D C:\Program Files\Disconnect
O43 - CFD: 3-5-2014 - 14:04:11 - [] ----D C:\Program Files\GUMB2CA.tmp
O43 - CFD: 11-9-2012 - 12:50:02 - [] ----D C:\Program Files\Wortmann_AG
O43 - CFD: 12-3-2013 - 15:09:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst
O43 - CFD: 21-11-2010 - 2:47:05 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 8-1-2015 - 18:13:03 - [] ----D C:\Users\Gebruiker\AppData\Roaming\Belastingdienst
O43 - CFD: 18-4-2015 - 21:24:34 - [] -SH-D C:\Users\Gebruiker\AppData\Local\EmieBrowserModeList
O43 - CFD: 21-3-2015 - 14:58:04 - [] ----D C:\Users\Gebruiker\AppData\Local\Hema Fotoalbum
~ 6 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 168 Legitimates Filtered in 00mn 00s



---\\ Meest recente bestanden gewijzigd of gemaakt op Windows en System32 (O44)
O44 - LFC:[MD5.73FE8285D075FE7F0CD980870A09AF3D] - 4-6-2015 - 9:49:40 ---A- . (...) -- C:\Windows\wininit.ini   [79]
~ Files: 8 Legitimates Filtered in 00mn 02s



---\\ Controle van veilige Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\hitmanpro37.sys . (...) -- C:\Windows\System32\Drivers\hitmanpro37.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\hitmanpro37.sys . (...) -- C:\Windows\System32\Drivers\hitmanpro37.sys (.not file.)
~ CSB: 15 Legitimates Filtered in 00mn 00s



---\\ Opsomming van het register sleutels PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Overzicht van de drivers (SDL) (O58)
O58 - SDL:3-5-2015 - 7:59:48 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys   [24144]  =>.ALWIL Software
O58 - SDL:3-5-2015 - 7:59:48 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [49904]  =>.ALWIL Software
O58 - SDL:3-5-2015 - 7:59:48 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [209048]  =>.ALWIL Software
O58 - SDL:14-7-2009 - 2:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [453712]
O58 - SDL:13-7-2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [26624]
O58 - SDL:9-4-2014 - 17:42:15 ---A- . (.No owner - HitmanPro.Alert Support Driver.) -- C:\Windows\System32\Drivers\hmpalert.sys   [75640]
O58 - SDL:16-6-2014 - 7:01:38 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys   [89856]
O58 - SDL:16-6-2014 - 7:01:38 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys   [184192]
O58 - SDL:14-7-2009 - 2:19:04 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [21072]
O58 - SDL:13-7-2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:13-7-2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:13-7-2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:13-7-2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:13-7-2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:13-7-2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:13-7-2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:13-7-2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:13-7-2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:13-7-2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:13-7-2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:13-7-2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:13-7-2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:13-7-2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:13-7-2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
~ Drivers: 87 Legitimates Filtered in 00mn 04s



---\\ Lijst van cleaning tools (CLAB) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
O63 - Logiciel: RSIT - (.random/random.)
~ ADS:  Scanned in 00mn 00s



---\\ Overzicht met LEGACY services (LALS) (O64)
O64 - Services: CurCS - 3-5-2015 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 9-4-2014 - C:\Windows\system32\drivers\hmpalert.sys (hmpalert)  .(.No owner - HitmanPro.Alert Support Driver.) - LEGACY_HMPALERT
~ Legacy: 87 Legitimates Filtered in 00mn 00s



---\\ Startmenu Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Zoek "infecties in internetbrowsers (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys:  Scanned in 00mn 00s



---\\ Algemene toestand van niet-Microsoft services (GSR) (SR = Running, SS = gestopt)
SS - | Demand 20-5-2015 268464 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 7-11-2013 279000 |  (cphs) . (.Intel Corporation.) - C:\Windows\System32\IntelCpHeciSvc.exe
SS - | Demand 3-6-2015 148080 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 26-5-2015 5155576 |  (a2AntiMalware) . (.Emsisoft Ltd.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
SR - | Auto 23-9-2012 171600 |  (AdobeActiveFileMonitor11.0) . (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
SR - | Auto 6-3-2015 81088 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 3-5-2015 343336 |  (avast! Antivirus) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Demand 3-5-2015 3207800 |  (AvastVBoxSvc) . (.Avast Software.) - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
SR - | Auto 10-5-2015 106248 |  (HitmanProScheduler) . (.SurfRight B.V..) - C:\Program Files\HitmanPro\hmpsched.exe
SR - | Auto 9-4-2014 1876816 |  (hmpalertsvc) . (.SurfRight B.V..) - C:\Program Files\HitmanPro.Alert\hmpalert.exe
SR - | Auto 28-3-2015 89840 |  (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
SR - | Auto 22-2-2011 326168 |  (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
SR - | Auto 14-4-2015 1871160 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 14-4-2015 1080120 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 22-2-2011 2656280 |  (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
SR - | Auto 14-7-2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14-7-2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 10s



---\\ Onderzoek gelijktijdige op de Master Boot Record (MBR) (O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Filtered in 00mn 02s



---\\ Onderzoek de Master Boot Record op Infecties (MBRCheck) (O80)
Written by ad13, http://ad13.geekstog
Run by Gebruiker at 4-6-2015 11:04:16
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 04s



---\\ Extra scan (O88)
Database Version : 13008 - (31-5-2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

~ Additionnel Scan: 235021 Items scanned in 00mn 39s



---\\ Additional information about modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/  =>.Internet Explorer, proxybeheer (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/  =>.Toepassingen gestart door register & bestand (O4)
~ AMI: 2 Legitimates Filtered in 00mn 00s



~ 704 Legitimates filtered by white list
End of the scan (427 lines in 05mn 54s)(0.6)
 

[juisterr]

Er wordt geen rommel meer gevonden, probleem is nog niet weg ?

[vtveen]

Nee, nog steeds ha peringen en vastlopers.

[juisterr]

Graag speedfan downloaden http://www.almico.com/sfdownload.php  kijk de temperaturen na aub.

Kijk ook ( laatste tapblad) bij fitness en performance ivm de conditie van je schijf.

[vtveen]

Krijg allerlei 'temperaturen' te zien; en dan ??

Fitness en performance zie ik niet. Wat bedoel je met 'laatste tabblad' ??

[juisterr]

Bovenin staan tapbladen, met keuzes, ga naar de laatste bovenin helemaal rechts en klik daar op, selecteer je schijf.

onderaan staan 2 vakjes , fitness en performance, die moet je hebben.

Geef even de temperaturen door aub.

[vtveen]

Temp 1: 30 C

Temp 2: -55 C

Temp3: 28C

HD1: 38C

HD0: 37C

Temp1: 28C

Temp2: 30C

Core0: 37C

Core1: 31C

 

Dat vakje heet 'Chatrs', maar ik zie nergens iets van een 'schijf'.

[vtveen]

IK ga nu twee weken op vakantie en kan dus voorlopig niet reageren

Alvast bedankt voor alle moeite.

 

Groet

Jaap

[juisterr]

Mocht ik niet reageren ben ik ook op vakantie, er zal vast wel iemand zijn die het topic overneemt