Discussie gesloten
Pagina 2 van 2 EersteEerste 12
Resultaten: 11 t/m 20 van 20
Overzicht bedankjes5Bedankjes

Computer Opschonen

Dit is een discussie over Computer Opschonen in het forum Archief Bestrijding malware & virussen , en maakt deel van de Bestrijding malware & virussen categorie; Start Hijackthis op. Selecteer “ Scan” . Selecteer alleen de items die hieronder zijn genoemd: O2 - BHO: (no name) ...

  1. #11
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.558

    Standaard

    Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    Klik op 'Fix checked' om de items te verwijderen.

    Open een kladblokbestand.

    Kopieer en plak daarin de onderstaande vetgedrukte tekst.


    File::
    c:\windows\TEMP\logishrd\LVPrcInj01.dll

    c:\windows\TEMP\logishrd\LVPrcInj02.dll

    Folder::
    c:\users\Sofian\{27fe692a-0c19-49b6-99bc-d318f835219f}
    c:\users\Sofian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

    Registry::
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\X6va001]
    "ImagePath"=-
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\X6va003]
    "ImagePath"=-


    Sla dit bestand op je bureaublad op als CFScript.

    Sleep CFScript.txt in ComboFix.exe
    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

    Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.



  2. #12
    Lid
    Geregistreerd
    28 maart 2008
    Berichten
    157

    Standaard

    Dit is het logje van Combofix:

    ComboFix 11-11-28.02 - Sofian 28/11/2011 17:33:37.2.8 - x64
    Microsoft® Windows Vista™ Home Premium 6.0.6002.3.1252.32.1043.18.4086.2028 [GMT 1:00]
    Gestart vanuit: c:\users\Sofian\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Sofian\Desktop\CFscript.txt
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    FILE ::
    "c:\windows\TEMP\logishrd\LVPrcInj01.dll"
    "c:\windows\TEMP\logishrd\LVPrcInj02.dll"
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Sofian\{27fe692a-0c19-49b6-99bc-d318f835219f}
    c:\users\Sofian\{27fe692a-0c19-49b6-99bc-d318f835219f}\nvoglv64.dll
    c:\users\Sofian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    c:\users\Sofian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1\Local Store\#ApplicationUpdater\state.xml
    c:\users\Sofian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1\Local Store\#SharedObjects\s_br.sol
    c:\users\Sofian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1\Local Store\appDB.db
    c:\users\Sofian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1\Local Store\HelpCfg\nl_NL\Bridge_4.0.helpcfg
    c:\users\Sofian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1\Local Store\HelpCfg\nl_NL\ExtensionManager_3.0.helpcfg
    c:\users\Sofian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1\Local Store\HelpCfg\nl_NL\Photoshop_12.0.helpcfg
    c:\windows\system32\drivers\tcpip.copy
    c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden
    c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . konden niet verwijderd worden
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-10-28 to 2011-11-28 ))))))))))))))))))))))))))))))
    .
    .
    2011-11-28 16:51 . 2011-11-28 16:51 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E3A25955-3444-475D-9D61-676D02198E5D}\offreg.dll
    2011-11-28 16:49 . 2011-11-28 16:49 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-11-28 15:44 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E3A25955-3444-475D-9D61-676D02198E5D}\mpengine.dll
    2011-11-27 19:35 . 2011-11-27 19:36 -------- d-----w- c:\users\Sofian\AppData\Local\Facebook
    2011-11-26 16:33 . 2011-11-26 16:33 -------- d-----w- c:\program files (x86)\Common Files\Java
    2011-11-26 16:30 . 2010-10-27 01:43 110592 ----a-w- c:\windows\system32\rtvcvfw32.dll
    2011-11-24 17:06 . 2011-11-24 17:06 -------- d-----w- c:\users\Sofian\AppData\Roaming\IObit
    2011-11-24 17:06 . 2011-08-19 15:33 28504 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
    2011-11-24 17:06 . 2010-11-26 17:02 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
    2011-11-24 17:06 . 2011-11-24 17:06 -------- d-----w- c:\program files (x86)\IObit
    2011-11-24 17:03 . 2011-11-28 16:54 -------- d-----w- c:\users\Sofian\AppData\Local\temp
    2011-11-24 15:12 . 2011-11-24 15:12 388096 ----a-r- c:\users\Sofian\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-11-23 18:33 . 2011-11-23 18:41 525792 ----a-w- c:\windows\DIFxAPI.dll
    2011-11-23 18:33 . 2011-11-23 18:33 319488 ----a-w- c:\windows\HideWin.exe
    2011-11-23 18:33 . 2008-07-29 14:42 528384 ----a-w- c:\windows\RtlExUpd.dll
    2011-11-23 18:33 . 2005-11-13 22:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
    2011-11-23 17:50 . 2011-11-26 16:45 -------- d-----w- c:\users\UpdatusUser
    2011-11-23 17:49 . 2011-10-15 08:53 5067584 ----a-w- c:\windows\system32\nvsvc64.dll
    2011-11-23 17:49 . 2011-10-15 08:53 1640768 ----a-w- c:\windows\system32\nvvsvc.exe
    2011-11-23 17:49 . 2011-10-15 08:53 137536 ----a-w- c:\windows\system32\nvshext.dll
    2011-11-23 17:49 . 2011-10-15 08:53 837952 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
    2011-11-23 17:49 . 2011-10-15 08:53 3074368 ----a-w- c:\windows\system32\nvsvcr.dll
    2011-11-23 17:49 . 2011-10-15 08:53 222528 ----a-w- c:\windows\system32\nvmctray.dll
    2011-11-23 17:49 . 2011-10-15 08:53 10406208 ----a-w- c:\windows\system32\nvcpl.dll
    2011-11-23 17:49 . 2011-11-23 17:49 -------- d-----w- c:\programdata\NVIDIA Corporation
    2011-11-20 21:13 . 2011-11-20 21:13 -------- d-----w- c:\program files\Defraggler
    2011-11-19 15:24 . 2011-11-28 15:54 -------- d-----w- c:\program files (x86)\Steam
    2011-11-19 13:49 . 2011-11-19 13:49 -------- d-----w- c:\program files (x86)\uTorrent
    2011-11-19 13:49 . 2011-11-26 18:21 -------- d-----w- c:\users\Sofian\AppData\Roaming\uTorrent
    2011-11-19 13:49 . 2011-11-19 13:49 -------- d-----w- c:\users\Sofian\AppData\Local\uTorrent
    2011-11-19 13:04 . 2011-05-10 12:59 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-11-19 13:04 . 2011-05-10 13:04 287576 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2011-11-19 13:04 . 2011-05-10 13:02 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-11-19 13:04 . 2011-05-10 12:59 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-11-19 13:04 . 2011-05-10 13:04 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-11-19 13:04 . 2011-05-10 12:59 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-11-19 13:03 . 2011-05-10 13:10 40112 ----a-w- c:\windows\avastSS.scr
    2011-11-19 13:03 . 2011-05-10 13:10 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
    2011-11-18 21:51 . 2011-11-23 18:50 -------- d-----w- c:\program files (x86)\THQ
    2011-11-13 11:39 . 2011-11-13 11:39 -------- d-----w- c:\windows\system32\Macromed
    2011-11-10 22:11 . 2011-11-12 14:53 -------- d-----w- c:\program files (x86)\Modern Warfare 3
    2011-11-09 14:41 . 2011-10-10 15:42 2580552 ----a-r- c:\windows\SysWow64\pbsvc.exe
    2011-11-09 14:40 . 2011-09-20 21:06 1423744 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-11-09 14:40 . 2011-09-20 14:04 40448 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
    2011-11-09 14:40 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
    2011-11-09 14:40 . 2011-10-17 11:41 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
    2011-11-09 14:40 . 2011-09-30 16:16 893440 ----a-w- c:\program files\Common Files\System\wab32.dll
    2011-11-09 14:40 . 2011-09-30 16:16 50688 ----a-w- c:\program files\Windows Mail\wabimp.dll
    2011-11-09 14:40 . 2011-09-30 15:57 707584 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
    2011-11-05 19:45 . 2011-09-16 14:12 3623592 ----a-w- c:\program files (x86)\Common Files\ApnToolbarInstaller.exe
    2011-11-05 19:45 . 2011-09-16 14:12 143240 ----a-w- c:\program files (x86)\Common Files\ApnStub.exe
    2011-10-29 21:14 . 2011-10-29 21:14 -------- d-----w- c:\users\Sofian\AppData\Roaming\NVIDIA
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-11-24 16:05 . 2010-03-27 19:00 82816 ----a-w- c:\users\Sofian\AppData\Roaming\pcouffin.sys
    2011-11-20 11:38 . 2011-05-14 09:12 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-11-15 19:30 . 2010-01-08 17:51 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
    2011-11-15 19:30 . 2010-01-08 17:51 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
    2011-11-09 15:12 . 2010-03-19 23:35 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
    2011-11-09 15:12 . 2010-03-19 23:35 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
    2011-11-09 15:12 . 2010-03-19 23:35 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
    2011-10-24 18:36 . 2010-08-29 14:30 627600 ----a-w- c:\windows\system32\deployJava1.dll
    2011-10-14 23:54 . 2011-10-14 23:54 321856 ----a-w- c:\windows\SysWow64\nvStreaming.exe
    2011-10-11 16:37 . 2011-10-11 16:37 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F1269B5B-DB6F-4E1B-AAC1-E9A71CD6FD5B}\gapaengine.dll
    2011-10-07 04:16 . 2010-12-10 15:57 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2011-10-03 04:06 . 2010-11-04 20:47 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2011-09-15 01:16 . 2011-10-22 13:15 853104 ----a-w- c:\program files (x86)\toolbar.exe
    2011-09-06 13:56 . 2011-10-26 12:10 2764288 ----a-w- c:\windows\system32\win32k.sys
    2011-09-01 05:24 . 2011-10-26 12:12 2309120 ----a-w- c:\windows\system32\jscript9.dll
    2011-09-01 05:17 . 2011-10-26 12:12 1389056 ----a-w- c:\windows\system32\wininet.dll
    2011-09-01 05:12 . 2011-10-26 12:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-09-01 02:35 . 2011-10-26 12:12 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll
    2011-09-01 02:28 . 2011-10-26 12:12 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
    2011-09-01 02:22 . 2011-10-26 12:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2010-01-26 08:11 . 2011-04-29 19:12 444283 ----a-w- c:\program files (x86)\Common Files\WinPcapNmap.exe
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-11-24_16.53.30 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-01-21 03:20 . 2011-11-24 16:41 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-01-21 03:20 . 2011-11-28 16:53 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2008-01-21 03:20 . 2011-11-24 16:41 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-01-21 03:20 . 2011-11-28 16:53 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-01-21 03:20 . 2011-11-24 16:41 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.d at
    + 2008-01-21 03:20 . 2011-11-28 16:53 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.d at
    + 2010-01-07 17:13 . 2011-11-28 16:54 17548 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3717724510-2676694266-3323821191-1000_UserData.bin
    - 2010-01-07 17:10 . 2011-11-20 21:13 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2010-01-07 17:10 . 2011-11-24 17:06 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2010-01-07 17:10 . 2011-11-20 21:13 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-01-07 17:10 . 2011-11-24 17:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2010-01-07 17:10 . 2011-11-20 21:13 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.d at
    + 2010-01-07 17:10 . 2011-11-24 17:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.d at
    + 2011-11-26 18:28 . 2011-11-26 18:28 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX .Diagnostics.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX .Diagnostics.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft. DirectX.AudioVideoPlayback.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft. DirectX.AudioVideoPlayback.dll
    - 2010-01-10 20:28 . 2011-11-16 22:13 8410 c:\windows\system32\WDI\ERCQueuedResolutions.dat
    + 2010-01-10 20:28 . 2011-11-26 01:39 8410 c:\windows\system32\WDI\ERCQueuedResolutions.dat
    - 2011-11-24 16:38 . 2011-11-24 16:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2011-11-28 16:51 . 2011-11-28 16:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2011-11-24 16:38 . 2011-11-24 16:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2011-11-28 16:51 . 2011-11-28 16:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2011-11-24 16:38 . 2009-10-06 23:46 131608 c:\windows\Temp\logishrd\LVPrcInj02.dll
    + 2011-11-28 16:52 . 2009-10-06 23:46 131608 c:\windows\Temp\logishrd\LVPrcInj02.dll
    + 2011-11-28 16:51 . 2009-10-06 23:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll
    - 2011-11-24 16:38 . 2009-10-06 23:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll
    - 2011-03-16 15:06 . 2011-02-02 20:40 157472 c:\windows\SysWOW64\javaws.exe
    + 2011-11-26 16:33 . 2011-10-03 04:06 157472 c:\windows\SysWOW64\javaws.exe
    + 2011-11-26 16:33 . 2011-10-03 04:06 145184 c:\windows\SysWOW64\javaw.exe
    - 2011-03-16 15:06 . 2011-02-02 20:40 145184 c:\windows\SysWOW64\javaw.exe
    - 2011-03-16 15:06 . 2011-02-02 20:40 145184 c:\windows\SysWOW64\java.exe
    + 2011-11-26 16:33 . 2011-10-03 04:06 145184 c:\windows\SysWOW64\java.exe
    - 2010-01-09 08:50 . 2011-11-24 16:41 245760 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2010-01-09 08:50 . 2011-11-28 15:35 245760 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2010-01-07 21:17 . 2011-11-27 18:22 437424 c:\windows\system32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
    + 2008-01-21 02:23 . 2011-11-28 16:54 106000 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2006-11-02 15:45 . 2011-11-28 16:54 126746 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2008-01-21 08:09 . 2011-11-27 16:52 682006 c:\windows\system32\perfh013.dat
    - 2008-01-21 08:09 . 2011-11-21 21:44 682006 c:\windows\system32\perfh013.dat
    + 2006-11-02 12:46 . 2011-11-27 16:52 600802 c:\windows\system32\perfh009.dat
    - 2006-11-02 12:46 . 2011-11-21 21:44 600802 c:\windows\system32\perfh009.dat
    + 2008-01-21 08:09 . 2011-11-27 16:52 132026 c:\windows\system32\perfc013.dat
    - 2008-01-21 08:09 . 2011-11-21 21:44 132026 c:\windows\system32\perfc013.dat
    - 2006-11-02 12:46 . 2011-11-21 21:44 105716 c:\windows\system32\perfc009.dat
    + 2006-11-02 12:46 . 2011-11-27 16:52 105716 c:\windows\system32\perfc009.dat
    + 2010-04-09 22:49 . 2011-11-28 16:50 473016 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    - 2010-04-09 22:49 . 2011-11-24 16:37 473016 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2011-11-26 16:33 . 2011-11-26 16:33 203776 c:\windows\Installer\2fa767.msi
    + 2011-11-27 19:36 . 2011-11-27 19:36 115200 c:\windows\Installer\17f1d8b.msi
    + 2008-06-04 09:15 . 2008-06-04 09:15 388640 c:\windows\Help\nvcpl\nvExpBar.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX .DirectSound.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX .DirectSound.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX. DirectPlay.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX. DirectPlay.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX .DirectInput.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX .DirectInput.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX. DirectDraw.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX. DirectDraw.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Di rect3D.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Di rect3D.dll
    + 2011-04-29 23:40 . 2011-11-27 02:14 4279356 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3717724510-2676694266-3323821191-1000-4096.dat
    - 2011-04-29 23:40 . 2011-11-24 16:37 4279356 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3717724510-2676694266-3323821191-1000-4096.dat
    + 2008-06-04 09:15 . 2008-06-04 09:15 1071648 c:\windows\Help\nvcpl\nvcplUIR.dll
    + 2008-06-04 09:15 . 2008-06-04 09:15 2088992 c:\windows\Help\nvcpl\nvCplUI.exe
    + 2011-11-26 18:28 . 2011-11-26 18:28 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    + 2011-11-26 18:28 . 2011-11-26 18:28 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    - 2011-11-11 15:50 . 2011-11-11 15:50 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.D irect3DX.dll
    + 2010-04-19 19:50 . 2011-11-28 16:50 20140756 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3717724510-2676694266-3323821191-1000-8192.dat
    .
    -- Snapshot teruggezet naar huidige datum --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
    "RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-11-19 107000]
    "Facebook Update"="c:\users\Sofian\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-11-27 137536]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
    .
    c:\users\Sofian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
    .
    c:\users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-1-8 1207312]
    .
    c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 dleaCATSCustConnectService;dleaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\dleas erv.exe [2010-05-21 45224]
    R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
    R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
    R3 CHORUS2;chorus2usb.sys USB Driver;c:\windows\system32\Drivers\chorus2usb.sys [x]
    R3 DESVUSB;Dell service driver;c:\windows\system32\DRIVERS\desrvusb.sys [x]
    R3 dump_wmimmc;dump_wmimmc;c:\program files\Gpotato\Flyff\GameGuard\dump_wmimmc.sys [x]
    R3 LVcKap64;Logitech AEC Driver;c:\windows\system32\DRIVERS\LVcKap64.sys [x]
    R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [x]
    R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [x]
    R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
    R3 TFsEisk;TFsEisk;c:\windows\System32\Drivers\TFsEisk.sys [2009-12-14 16392]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
    R3 X6va001;X6va001; [x]
    R3 X6va003;X6va003; [x]
    S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
    S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSr64.exe [x]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
    S2 deMntrService;Dell AIO Center Service;c:\program files\Dell\MFP_DELL\deMntrService.exe [2007-06-28 164864]
    S2 dlea_device;dlea_device;c:\windows\system32\dleacoms.exe [2009-12-09 1047552]
    S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
    S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-09-17 656624]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]
    S2 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2010-11-22 718072]
    S2 ViewRightDVRService.exe;ViewRightDVRService;c:\program files (x86)\Nokia Siemens Network\Home Media Center\ViewRightDVRService.exe [2010-12-21 299008]
    S2 WinFLdrv;WinFLdrv;SysWOW64\WinFLdrv.sys [x]
    S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
    S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
    S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
    S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
    S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
    S3 LVUVC64;Logitech QuickCam E3500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
    S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
    S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
    S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
    S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-11-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3717724510-2676694266-3323821191-1000Core.job
    - c:\users\Sofian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-27 19:35]
    .
    2011-11-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3717724510-2676694266-3323821191-1000UA.job
    - c:\users\Sofian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-27 19:35]
    .
    2011-11-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717724510-2676694266-3323821191-1000Core.job
    - c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-07 17:42]
    .
    2011-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3717724510-2676694266-3323821191-1000UA.job
    - c:\users\Sofian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-07 17:42]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00 avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-05-10 13:10 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2009-01-19 4119552]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
    "DeStatusMon"="c:\program files\Dell\MFP_DELL\deDvcStatus.exe" [2007-06-28 394240]
    "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-27 855608]
    "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
    "dleamon.exe"="c:\program files (x86)\Dell V310-V510 Series\dleamon.exe" [2010-08-09 770728]
    "EzPrint"="c:\program files (x86)\Dell V310-V510 Series\ezprint.exe" [2010-08-09 139944]
    "RtHDVCpl"="RAVCpl64.exe" [2008-09-09 6477344]
    "Skytel"="Skytel.exe" [BU]
    .
    ------- Bijkomende Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://google.be/
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Formulieren Invullen - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    IE: Formulieren opslaan - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    IE: Menu aanpassen - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    IE: RoboForm Werkbalk - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
    IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{C1FFD547-E227-41D3-9642-93E561503114}: NameServer = 8.8.8.8,8.8.4.4
    DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} - hxxp://www.fiaa.eu/OPLauncher.cab
    CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
    FF - ProfilePath - c:\users\Sofian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.SCheet\
    FF - prefs.js: browser.search.defaulturl - hxxp://gb.iamwired.net/websearch.php?src=tops&search=
    FF - prefs.js: browser.search.selectedEngine - Wikipedia (nl)
    FF - prefs.js: browser.startup.homepage - Google
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=nl&q=
    FF - prefs.js: network.proxy.gopher -
    FF - prefs.js: network.proxy.gopher_port - 0
    FF - prefs.js: network.proxy.type - 0
    FF - user.js: network.proxy.type - 0
    FF - user.js: network.proxy.http -
    FF - user.js: network.proxy.http_port - 0
    FF - user.js: network.proxy.ssl -
    FF - user.js: network.proxy.ssl_port - 0
    FF - user.js: network.proxy.ftp -
    FF - user.js: network.proxy.ftp_port - 0
    FF - user.js: network.proxy.gopher -
    FF - user.js: network.proxy.gopher_port - 0
    FF - user.js: network.proxy.socks_version - 5
    FF - user.js: network.proxy.socks -
    FF - user.js: network.proxy.socks_port - 0
    FF - user.js: nglayout.initialpaint.delay - 100
    FF - user.js: content.notify.ontimer - true
    FF - user.js: content.notify.interval - 100000
    FF - user.js: content.notify.backoffcount - 5
    FF - user.js: network.http.pipelining - true
    FF - user.js: network.http.proxy.pipelining - true
    FF - user.js: network.http.pipelining.maxrequests - 8
    FF - user.js: network.http.max-connections - 32
    FF - user.js: network.http.max-connections-per-server - 8
    FF - user.js: network.http.max-persistent-connections-per-proxy - 4
    FF - user.js: network.http.max-persistent-connections-per-server - 2
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
    .
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
    .
    [HKEY_USERS\S-1-5-21-3717724510-2676694266-3323821191-1000\Software\SecuROM\License information*]
    "datasecu"=hex:d9,87,36,63,e5,d8,7d,29,e4,37,88,9b,f1,84,f1,09,92,47,4a,90,9f,
    aa,69,c0,45,39,a5,a7,76,3a,b5,d6,83,34,03,da,3d,05,31,13,2f,2e,b7,30,8f,8e,\
    "rkeysecu"=hex:6f,94,66,5c,a4,00,42,ac,4b,8b,5f,57,87,5c,9f,c5
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
    @="Shockwave Flash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
    @Denied: (A 2) (Everyone)
    @=""
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
    @="FlashBroker"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ------------------------ Andere Aktieve Processen ------------------------
    .
    c:\program files\AVAST Software\Avast\AvastSvc.exe
    c:\program files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
    c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
    c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    c:\windows\SysWOW64\PnkBstrA.exe
    c:\windows\SysWOW64\PnkBstrB.exe
    c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-11-28 18:12:53 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-11-28 17:12
    ComboFix2.txt 2011-11-24 17:03
    .
    Pre-Run: 275.785.596.928 bytes beschikbaar
    Post-Run: 275.768.270.848 bytes beschikbaar
    .
    - - End Of File - - 02149C5961DD7D1B611291B4BC3154FB



    En dit van HJT:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 18:44:44, on 28/11/2011
    Platform: Windows Vista SP3 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
    C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
    C:\Program Files (x86)\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\PROGRA~2\MICROS~2\Office12\OUTLOOK.EXE
    C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    O2 - BHO: Dell Werkbalk - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Dell Werkbalk - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Sofian\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
    O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Formulieren Invullen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
    O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Formulier Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Formulieren Invullen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Formulieren opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Werkbalk - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
    O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofil...SystemLite.CAB
    O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} (Perparer Class) - http://www.fiaa.eu/OPLauncher.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C1FFD547-E227-41D3-9642-93E561503114}: NameServer = 8.8.8.8,8.8.4.4
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Unknown owner - C:\Windows\system32\AERTSr64.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
    O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
    O23 - Service: Dell AIO Center Service (deMntrService) - Dell - C:\Program Files\Dell\MFP_DELL\deMntrService.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: dleaCATSCustConnectService - Unknown owner - C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
    O23 - Service: dlea_device - - C:\Windows\system32\dleacoms.exe
    O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: ViewRightDVRService (ViewRightDVRService.exe) - Verimatrix Inc. - C:\Program Files (x86)\Nokia Siemens Network\Home Media Center\ViewRightDVRService.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 13503 bytes

  3. #13
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.558

    Standaard

    Kan je eens bekijken of deze twee items :

    c:\windows\TEMP\logishrd\LVPrcInj01.dll
    c:\windows\TEMP\logishrd\LVPrcInj02.dll

    zich nog op je PC bevinden ?



  4. #14
    Lid
    Geregistreerd
    28 maart 2008
    Berichten
    157

    Standaard

    Citaat Oorspronkelijk geplaatst door kape Bekijk bericht
    Kan je eens bekijken of deze twee items :

    c:\windows\TEMP\logishrd\LVPrcInj01.dll
    c:\windows\TEMP\logishrd\LVPrcInj02.dll

    zich nog op je PC bevinden ?
    Ja, deze 2 bestanden bevinden zich nog steeds op mijn computer.

  5. #15
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.558

    Standaard

    Citaat Oorspronkelijk geplaatst door sofianmaster Bekijk bericht
    Ja, deze 2 bestanden bevinden zich nog steeds op mijn computer.
    Probeer deze eens manueel te verwijderen ?



  6. #16
    Lid
    Geregistreerd
    28 maart 2008
    Berichten
    157

    Standaard

    Citaat Oorspronkelijk geplaatst door kape Bekijk bericht
    Probeer deze eens manueel te verwijderen ?
    Gaat jammer genoeg niet, ze zijn in gebruik?

  7. #17
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.558

    Standaard

    Probeer ze dan eens aan te pakken met Unlocker.



  8. #18
    Lid
    Geregistreerd
    28 maart 2008
    Berichten
    157

    Standaard

    Citaat Oorspronkelijk geplaatst door kape Bekijk bericht
    Probeer ze dan eens aan te pakken met Unlocker.
    Het is gelukt, ze zijn succesvol verwijderd.

  9. #19
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.558

    Standaard

    Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall
    Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

    Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

    Download CCleaner.
    Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

    Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

    Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

    Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Configuratiescherm -> Systeem en Onderhoud -> Systeem -> tabblad "Systeembeveiliging" -> vinkje weghalen bij de schijf waarvan je de herstelpunten wil verwijderen -> klikken op "toepassen". Dan krijg je de schermmelding “Weet u zeker dat u systeemherstel wil uitschakelen”. Klik hier op “Systeemherstel uitschakelen”. Dan zijn alle herstelpunten verwijderd op de aangeduide schijf.

    Zet daarna opnieuw een vinkje bij de harde schijf. Maak meteen ook een nieuw herstelpunt, zodat je niet hoeft te wachten op een automatisch herstelpunt van het systeem.

    Als dit allemaal probleemloos verlopen is en je hebt verder geen problemen of vragen meer, mag je hieronder op "markeer als opgelost" tokkelen !
    sofianmaster gaf dit bericht een bedankje.



  10. #20
    Lid
    Geregistreerd
    28 maart 2008
    Berichten
    157

    Standaard

    Citaat Oorspronkelijk geplaatst door kape Bekijk bericht
    Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall
    Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

    Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

    Download CCleaner.
    Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

    Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

    Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

    Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Configuratiescherm -> Systeem en Onderhoud -> Systeem -> tabblad "Systeembeveiliging" -> vinkje weghalen bij de schijf waarvan je de herstelpunten wil verwijderen -> klikken op "toepassen". Dan krijg je de schermmelding “Weet u zeker dat u systeemherstel wil uitschakelen”. Klik hier op “Systeemherstel uitschakelen”. Dan zijn alle herstelpunten verwijderd op de aangeduide schijf.

    Zet daarna opnieuw een vinkje bij de harde schijf. Maak meteen ook een nieuw herstelpunt, zodat je niet hoeft te wachten op een automatisch herstelpunt van het systeem.

    Als dit allemaal probleemloos verlopen is en je hebt verder geen problemen of vragen meer, mag je hieronder op "markeer als opgelost" tokkelen !
    Dankzij jouw is mijn computer veel sneller geworden en dankzij die systeemhertellen te verwijderen heb ik nu 100GIG vrij.
    Dakjewel Kape

Discussie gesloten
Pagina 2 van 2 EersteEerste 12

Soortgelijke discussies

  1. Computer opschonen
    door Zjubie in forum Archief Windows
    Reacties: 10
    Laatste bericht: 5 september 2011, 11:19
  2. [OPGELOST] Log na opschonen pc
    door homevis in forum Archief Bestrijding malware & virussen
    Reacties: 4
    Laatste bericht: 10 maart 2011, 09:30
  3. [OPGELOST] Vista computer opschonen
    door maxjuhh3 in forum Archief Windows
    Reacties: 12
    Laatste bericht: 22 februari 2010, 09:27
  4. opschonen van pc.
    door ion in forum Archief Bestrijding malware & virussen
    Reacties: 1
    Laatste bericht: 29 december 2009, 12:41
  5. Opschonen
    door windowsmark in forum Archief Windows
    Reacties: 5
    Laatste bericht: 12 november 2008, 13:35

Labels voor deze discussie

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •