Scanresultaten van Farbar Recovery Scan Tool (FRST) (x86) Versie:29-08-2015 Gestart door SYSTEM op MiniXP (30-08-2015 01:10:38) Gestart vanaf F:\ Platform: Microsoft Windows XP (X86) Taal: English (United States) Internet Explorer Versie 8 Boot Modus: Recovery Standaard: ControlSet001 [b]AANDACHT!:=====> Als het systeem kan opstarten, , moet FRST worden uitgevoerd in normaal of Veilige Modus om een compleet log te maken.[/b] Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-03-24] (Intel Corporation) HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-03-24] (Intel Corporation) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2004-10-14] (Analog Devices, Inc.) HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguix.exe [1139624 2015-08-20] (AVG Technologies CZ, s.r.o.) HKU\Administrator\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\Default User\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\home\...\Run: [DellSystemDetect] => C:\Documents and Settings\home\Local Settings\Apps\2.0\RGG7T2BT.XED\CXZY3YD8.8AY\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe HKU\NetworkService\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart ==================== Services (gefilterd) ======================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.) S2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [869288 2015-08-20] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.) ===================== Drivers (gefilterd) ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.) S1 AVGIDSDriverl; C:\Windows\System32\DRIVERS\avgidsdriverlx.sys [211424 2015-04-27] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [191968 2015-05-07] (AVG Technologies CZ, s.r.o.) S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [29664 2015-05-14] (AVG Technologies CZ, s.r.o.) S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [206816 2015-04-15] (AVG Technologies CZ, s.r.o.) S0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.) S0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [166880 2015-05-07] (AVG Technologies CZ, s.r.o.) S0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.) S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [213984 2015-05-04] (AVG Technologies CZ, s.r.o.) S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [51120 2004-12-15] (HP) S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2004-12-15] (HP) S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21744 2004-12-15] (HP) S4 IntelIde; geen ImagePath S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X] S3 USBAAPL; System32\Drivers\usbaapl.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Gemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2015-08-30 00:52 - 2015-08-30 00:52 - 00000000 ____D C:\FRST 2015-08-24 18:10 - 2015-08-24 18:11 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avg 2015-08-24 18:09 - 2015-08-24 18:10 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\AvgSetupLog ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2015-08-24 18:27 - 2014-07-01 20:19 - 00000159 _____ C:\Windows\wiadebug.log 2015-08-24 18:27 - 2014-07-01 20:19 - 00000049 _____ C:\Windows\wiaservc.log 2015-08-24 18:27 - 2012-07-21 23:22 - 00000178 ___SH C:\Documents and Settings\home\ntuser.ini 2015-08-24 18:27 - 2012-07-21 23:22 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Temp 2015-08-24 18:27 - 2012-07-21 23:03 - 01789806 _____ C:\Windows\WindowsUpdate.log 2015-08-24 18:27 - 2008-04-14 11:00 - 00002206 _____ C:\Windows\System32\wpa.dbl 2015-08-24 18:12 - 2012-07-21 23:20 - 00032568 _____ C:\Windows\SchedLgU.Txt 2015-08-24 18:11 - 2014-08-01 00:00 - 00000000 ____D C:\Program Files\AVG 2015-08-24 18:09 - 2015-06-10 01:01 - 00000000 ____D C:\Documents and Settings\home\Local Settings\Application Data\Avg 2015-08-24 18:07 - 2014-07-31 23:45 - 00533176 _____ C:\Windows\KB2481109.log 2015-08-13 22:18 - 2014-07-01 19:15 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk 2015-08-12 18:08 - 2014-01-13 00:13 - 00000000 ____D C:\Windows\System32\MRT 2015-08-12 18:02 - 2012-07-21 23:14 - 129304528 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe Sommige bestanden in TEMP: ==================== C:\Documents and Settings\home\Local Settings\Temp\A.exe C:\Documents and Settings\home\Local Settings\Temp\SpOrder.dll C:\Documents and Settings\NetworkService\Local Settings\Temp\mpam-3b633351.exe ==================== Known DLLs (gefilterd) ========================= ==================== Bamital & volsnap ================= (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\explorer.exe => MD5 is legitim C:\Windows\System32\winlogon.exe => MD5 is legitim C:\Windows\System32\svchost.exe => MD5 is legitim C:\Windows\System32\services.exe => MD5 is legitim C:\Windows\System32\User32.dll => MD5 is legitim C:\Windows\System32\userinit.exe => MD5 is legitim C:\Windows\System32\rpcss.dll [2008-04-14 11:00] - [2009-02-09 12:10] - 0413184 ____A (Microsoft Corporation) C2C8A70C8A27A73AB06BD02265FBFEAD C:\Windows\System32\dnsapi.dll => MD5 is legitim C:\Windows\System32\Drivers\volsnap.sys => MD5 is legitim ==================== Herstelpunten (XP) ===================== RP: -> 2015-08-12 18:02 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP856 RP: -> 2015-08-12 17:31 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP855 RP: -> 2015-08-02 01:56 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP854 RP: -> 2015-07-31 17:25 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP853 RP: -> 2015-07-28 23:32 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP852 RP: -> 2015-07-26 23:23 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP851 RP: -> 2015-07-22 18:13 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP850 RP: -> 2015-07-20 22:49 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP849 RP: -> 2015-07-16 23:00 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP848 RP: -> 2015-07-13 23:43 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP847 RP: -> 2015-07-10 21:18 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP846 RP: -> 2015-07-09 20:03 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP845 RP: -> 2015-07-06 18:56 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP844 RP: -> 2015-06-29 20:05 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP843 RP: -> 2015-06-29 20:04 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP842 RP: -> 2015-06-29 19:17 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP839 RP: -> 2015-06-17 21:58 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP837 RP: -> 2015-06-12 23:04 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP836 RP: -> 2015-06-11 02:38 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP835 RP: -> 2015-06-10 02:04 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP834 RP: -> 2015-06-08 04:05 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP833 RP: -> 2015-06-07 02:49 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP832 RP: -> 2015-06-05 18:45 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP831 RP: -> 2015-06-04 18:36 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP830 RP: -> 2015-06-03 18:24 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP829 RP: -> 2015-06-02 18:02 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP828 RP: -> 2015-06-01 16:48 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP827 RP: -> 2015-05-27 23:21 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP826 RP: -> 2015-05-26 02:17 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP825 RP: -> 2015-05-23 00:54 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP824 RP: -> 2015-05-20 18:34 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP823 RP: -> 2015-05-18 21:13 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP822 RP: -> 2015-05-16 21:23 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP821 RP: -> 2015-05-15 19:56 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP820 RP: -> 2015-05-12 23:00 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP819 RP: -> 2015-05-12 18:21 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP818 RP: -> 2015-05-11 17:31 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP817 RP: -> 2015-05-09 21:27 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP816 RP: -> 2015-05-08 17:46 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP815 RP: -> 2015-05-06 04:38 - 028672 _restore{C5BFBA71-CF59-47A7-871C-EBA20F17B74F}\RP814 ==================== Geheugen info =========================== Percentage geheugen in gebruik: 10% Totaal fysiek RAM-geheugen: 3178.36 MB Beschikbaar fysiek RAM-geheugen: 2838.45 MB Totaal Virtueel geheugen: 2944.28 MB Beschikbaar Virtual geheugen: 1971.32 MB ==================== Schijven ================================ Drive b: (RamDrive) (Fixed) (Total:0.86 GB) (Free:0.85 GB) NTFS Drive c: () (Fixed) (Total:148.96 GB) (Free:135.23 GB) NTFS ==>[schijf met boot componenten (Windows XP)] Drive d: (HBCD 15.2) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS Drive f: (UUI) (Fixed) (Total:7.46 GB) (Free:6.7 GB) NTFS Drive x: (Mini Xp) (Fixed) (Total:0.23 GB) (Free:0.23 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: D0F4738C) Partition 1: (Not Active) - (Size=47 MB) - (Type=DE) Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 7.5 GB) (Disk ID: 00073653) Partition 1: (Active) - (Size=7.5 GB) - (Type=07 NTFS) ==================== Eind van FRST.txt ============================