+ Reageren op discussie
Resultaten: 1 t/m 8 van 8

HijackThis

Dit is een discussie over HijackThis in het forum Archief Bestrijding malware & virussen , en maakt deel van de Bestrijding malware & virussen categorie; Daar mijn pc de laatste tijd erg traag is geworden en zeker bij opstart heb ik HijackThis geïnstalleerd en hiermee ...

  1. #1
    Lid
    Geregistreerd
    13 januari 2008
    Locatie
    Limburg
    Berichten
    252

    Standaard HijackThis

    Daar mijn pc de laatste tijd erg traag is geworden en zeker bij opstart heb ik HijackThis geïnstalleerd en hiermee een logje genomen, dit liep niet zoals het hoort. De versie van HijackThis is 2.0.4 en mijn besturingssysteem Vista Home Premium 64Bit. Na het installeren en het rechts klikken op het icoontje heb ik niet de keuze “als administrator uitvoeren”, als ik dan gewoon klik krijg ik deze waarschuwing te zien;



    door op oké te klikken maakt hij wel een logje of het dan volledig is daar twijfel ik aan maar hieronder toch het resultaat:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:29:26, on 5/12/2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
    C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
    O1 - Hosts: ::1 localhost
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
    O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
    O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - Global Startup: SmartCopy.lnk = C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
    O4 - Global Startup: SmartLauncher.lnk = C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/...nAxControl.CAB
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.2.5.4.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
    O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    O23 - Service: Google Updateservice (gupdate1c9ef3e1032b233) (gupdate1c9ef3e1032b233) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\BurnAware Pro Retail by minimaL\nmsaccessu.exe
    O23 - Service: O&O Defrag - Unknown owner - C:\Windows\system32\oodag.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 12969 bytes

  2. #2
    Lid Gerjannn's schermafbeelding
    Geregistreerd
    7 november 2011
    Locatie
    Barneveld (NL)
    Leeftijd
    21
    Berichten
    841

    Standaard

    Beste reddevel,

    Ik heb de experts ingelicht, en zij zullen je logje bekijken zodra ze online zijn

  3. #3
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.227

    Standaard

    Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop hasplms
    Druk op Enter.
    Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete hasplms
    Druk op Enter.

    Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.2.5.4.cab

    Klik op 'Fix checked' om de items te verwijderen.

    Download ComboFix van één van deze locaties:

    Link 1
    Link 2

    * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op


    1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
    Klik hier

    2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
    3. Dubbelklik op "Combofix.exe" om de tool te starten.
    4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

    Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

    5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.



  4. #4
    Lid
    Geregistreerd
    13 januari 2008
    Locatie
    Limburg
    Berichten
    252

    Standaard

    Bij het uitvoeren van de opdracht met HijackThis kreeg ik volgende een foutmelding en hierdoor kreeg hij de twee laatste regels niet verwijderd. Verder volgt hieronder het logbestand van Combofix;

    ComboFix 11-12-05.01 - Johan 05/12/2011 15:59:59.1.8 - x64
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.6134.3771 [GMT 1:00]
    Gestart vanuit: c:\users\Johan\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Johan\AppData\Roaming\.#
    c:\users\Johan\AppData\Roaming\bits2
    c:\users\Johan\AppData\Roaming\bits2\file.zip
    c:\users\Johan\AppData\Roaming\bits2\libcurl-4.dll
    c:\users\Johan\AppData\Roaming\bits2\mine.exe
    c:\users\Johan\AppData\Roaming\bits2\OpenCL.dll
    c:\users\Johan\AppData\Roaming\bits2\phatk110722.cl
    c:\users\Johan\AppData\Roaming\bits2\poclbm110717.cl
    c:\users\Johan\AppData\Roaming\bits2\pthreadGC2-w32.dll
    c:\users\Johan\AppData\Roaming\bits2\unzip.exe
    c:\users\Public\Documents\NTIMP3.dll
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-11-05 to 2011-12-05 ))))))))))))))))))))))))))))))
    .
    .
    2011-12-05 15:07 . 2011-12-05 15:07 -------- d-----w- c:\users\Johan\AppData\Local\temp
    2011-12-05 15:07 . 2011-12-05 15:07 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-12-05 14:37 . 2011-12-05 14:37 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70C462C9-E41D-4C36-B81B-FFB51D1B7295}\offreg.dll
    2011-12-05 07:26 . 2011-12-05 07:26 388096 ----a-r- c:\users\Johan\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-12-02 13:40 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70C462C9-E41D-4C36-B81B-FFB51D1B7295}\mpengine.dll
    2011-12-01 16:46 . 2011-12-01 16:46 -------- d-----w- c:\users\Johan\AppData\Local\SpotLite
    2011-12-01 16:46 . 2011-12-01 16:46 -------- d-----w- c:\program files (x86)\SpotLite
    2011-11-26 23:07 . 2011-11-26 23:07 -------- d-----w- c:\programdata\ATI
    2011-11-26 23:06 . 2011-11-26 23:06 -------- d-----w- c:\program files (x86)\AMD APP
    2011-11-26 23:06 . 2011-11-26 23:06 -------- d-----w- c:\program files (x86)\ATI Technologies
    2011-11-26 23:03 . 2011-11-26 23:06 -------- d-----w- c:\program files\ATI Technologies
    2011-11-26 23:01 . 2011-11-26 23:01 -------- d-----w- C:\ATI
    2011-11-23 14:36 . 2011-11-23 14:38 -------- d-----w- c:\program files (x86)\SmillaEnlarger 0.9.0
    2011-11-20 12:11 . 2011-11-04 11:37 224048 ----a-w- c:\windows\system32\drivers\VBorv.sys
    2011-11-20 12:11 . 2011-11-04 11:37 130864 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
    2011-11-20 12:11 . 2011-11-20 12:11 -------- d-----w- c:\program files\Oracle
    2011-11-09 07:38 . 2011-09-20 21:06 1426304 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-11-09 07:38 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
    2011-11-09 07:38 . 2011-10-17 11:41 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
    2011-11-09 07:38 . 2011-09-30 16:16 893440 ----a-w- c:\program files\Common Files\System\wab32.dll
    2011-11-09 07:38 . 2011-09-30 16:16 50688 ----a-w- c:\program files\Windows Mail\wabimp.dll
    2011-11-09 07:38 . 2011-09-30 15:57 707584 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-11-28 18:01 . 2010-06-29 14:30 41184 ----a-w- c:\windows\avastSS.scr
    2011-11-28 18:01 . 2009-06-11 13:15 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
    2011-11-28 18:01 . 2011-01-15 18:55 256960 ----a-w- c:\windows\system32\aswBoot.exe
    2011-11-28 17:54 . 2011-03-01 21:48 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-11-28 17:53 . 2009-06-11 13:16 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2011-11-28 17:52 . 2009-06-11 13:16 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-11-28 17:52 . 2009-06-11 13:16 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-11-28 17:52 . 2009-06-11 13:16 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-11-28 17:51 . 2009-06-11 13:16 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-11-04 11:37 . 2011-11-04 11:37 165680 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
    2011-11-04 11:37 . 2011-11-04 11:37 146736 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
    2011-11-04 11:36 . 2011-11-04 11:36 320816 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
    2011-11-01 17:36 . 2011-10-09 10:47 16432 ----a-w- c:\windows\system32\lsdelete.exe
    2011-10-28 18:35 . 2011-09-03 19:42 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2011-10-26 03:05 . 2011-10-26 03:05 10496512 ----a-w- c:\windows\system32\drivers\atikmdag.sys
    2011-10-26 02:16 . 2011-10-26 02:16 24866816 ----a-w- c:\windows\system32\atio6axx.dll
    2011-10-26 02:06 . 2011-10-26 02:06 159744 ----a-w- c:\windows\system32\atiapfxx.exe
    2011-10-26 02:05 . 2011-10-26 02:05 748544 ----a-w- c:\windows\SysWow64\aticfx32.dll
    2011-10-26 02:04 . 2011-10-26 02:04 892416 ----a-w- c:\windows\system32\aticfx64.dll
    2011-10-26 02:01 . 2011-10-26 02:01 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
    2011-10-26 02:01 . 2011-10-26 02:01 517120 ----a-w- c:\windows\system32\atieclxx.exe
    2011-10-26 02:00 . 2011-10-26 02:00 204288 ----a-w- c:\windows\system32\atiesrxx.exe
    2011-10-26 01:59 . 2011-10-26 01:59 18757120 ----a-w- c:\windows\SysWow64\atioglxx.dll
    2011-10-26 01:59 . 2009-06-06 11:33 120320 ----a-w- c:\windows\system32\atitmm64.dll
    2011-10-26 01:59 . 2009-06-06 11:33 423424 ----a-w- c:\windows\system32\atipdl64.dll
    2011-10-26 01:59 . 2011-10-26 01:59 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
    2011-10-26 01:59 . 2011-10-26 01:59 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
    2011-10-26 01:58 . 2011-10-26 01:58 21504 ----a-w- c:\windows\system32\atimuixx.dll
    2011-10-26 01:58 . 2009-06-06 11:33 59392 ----a-w- c:\windows\system32\atiedu64.dll
    2011-10-26 01:58 . 2011-10-26 01:58 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
    2011-10-26 01:55 . 2011-10-26 01:55 4292096 ----a-w- c:\windows\SysWow64\atidxx32.dll
    2011-10-26 01:46 . 2011-10-26 01:46 5041664 ----a-w- c:\windows\system32\atidxx64.dll
    2011-10-26 01:43 . 2011-10-26 01:43 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
    2011-10-26 01:43 . 2011-10-26 01:43 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
    2011-10-26 01:43 . 2009-06-06 11:33 4044288 ----a-w- c:\windows\system32\atiumd6a.dll
    2011-10-26 01:38 . 2011-10-26 01:38 51200 ----a-w- c:\windows\system32\aticalrt64.dll
    2011-10-26 01:38 . 2011-10-26 01:38 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
    2011-10-26 01:38 . 2011-10-26 01:38 44544 ----a-w- c:\windows\system32\aticalcl64.dll
    2011-10-26 01:38 . 2011-10-26 01:38 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
    2011-10-26 01:38 . 2011-10-26 01:38 9978880 ----a-w- c:\windows\system32\aticaldd64.dll
    2011-10-26 01:35 . 2009-06-06 11:33 4353536 ----a-w- c:\windows\SysWow64\atiumdag.dll
    2011-10-26 01:34 . 2011-10-26 01:34 8449024 ----a-w- c:\windows\SysWow64\aticaldd.dll
    2011-10-26 01:32 . 2009-06-06 11:33 4189184 ----a-w- c:\windows\SysWow64\atiumdva.dll
    2011-10-26 01:29 . 2009-06-06 11:33 5510144 ----a-w- c:\windows\system32\atiumd64.dll
    2011-10-26 01:29 . 2011-10-26 01:29 58880 ----a-w- c:\windows\system32\coinst.dll
    2011-10-26 01:22 . 2011-10-26 01:22 486912 ----a-w- c:\windows\system32\atiadlxx.dll
    2011-10-26 01:22 . 2011-10-26 01:22 339968 ----a-w- c:\windows\SysWow64\atiadlxy.dll
    2011-10-26 01:22 . 2011-10-26 01:22 17408 ----a-w- c:\windows\system32\atig6pxx.dll
    2011-10-26 01:22 . 2011-10-26 01:22 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
    2011-10-26 01:22 . 2011-10-26 01:22 14336 ----a-w- c:\windows\system32\atiglpxx.dll
    2011-10-26 01:22 . 2011-10-26 01:22 39936 ----a-w- c:\windows\system32\atig6txx.dll
    2011-10-26 01:22 . 2011-10-26 01:22 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
    2011-10-26 01:21 . 2011-10-26 01:21 326656 ----a-w- c:\windows\system32\drivers\atikmpag.sys
    2011-10-26 01:21 . 2011-10-26 01:21 40960 ----a-w- c:\windows\system32\atiuxp64.dll
    2011-10-26 01:21 . 2011-10-26 01:21 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
    2011-10-26 01:21 . 2011-10-26 01:21 38912 ----a-w- c:\windows\system32\atiu9p64.dll
    2011-10-26 01:20 . 2011-10-26 01:20 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
    2011-10-26 01:20 . 2011-10-26 01:20 45056 ----a-w- c:\windows\system32\atitmp64.dll
    2011-10-26 01:20 . 2011-10-26 01:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
    2011-10-26 01:16 . 2011-10-26 01:16 54784 ----a-w- c:\windows\system32\atimpc64.dll
    2011-10-26 01:16 . 2011-10-26 01:16 54784 ----a-w- c:\windows\system32\amdpcom64.dll
    2011-10-26 01:15 . 2011-10-26 01:15 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
    2011-10-26 01:15 . 2011-10-26 01:15 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
    2011-10-25 20:21 . 2011-10-25 20:21 66560 ----a-w- c:\windows\system32\OpenVideo64.dll
    2011-10-25 20:21 . 2011-10-25 20:21 56832 ----a-w- c:\windows\SysWow64\OpenVideo.dll
    2011-10-25 20:21 . 2011-10-25 20:21 66560 ----a-w- c:\windows\system32\OVDecoder64.dll
    2011-10-25 20:21 . 2011-10-25 20:21 56832 ----a-w- c:\windows\SysWow64\OVDecoder.dll
    2011-10-25 20:21 . 2011-10-25 20:21 16991744 ----a-w- c:\windows\system32\amdocl64.dll
    2011-10-25 20:20 . 2011-10-25 20:20 13950464 ----a-w- c:\windows\SysWow64\amdocl.dll
    2011-10-25 20:19 . 2011-10-25 20:19 51200 ----a-w- c:\windows\system32\OpenCL.dll
    2011-10-25 20:19 . 2011-10-25 20:19 44032 ----a-w- c:\windows\SysWow64\OpenCL.dll
    2011-10-24 12:29 . 2011-10-24 12:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2011-10-24 12:29 . 2011-10-24 12:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
    2011-10-11 06:32 . 2011-10-11 06:32 658696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2011-10-03 03:06 . 2010-06-04 21:07 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 343168]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    SmartCopy.lnk - c:\program files (x86)\Northstar\SmartCopy\SmartCopy.exe [2009-6-6 319488]
    SmartLauncher.lnk - c:\program files (x86)\Northstar\SmartLauncher\SmartLauncher.exe [2009-6-6 335872]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0lsdelete
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate1c9ef3e1032b233;Google Updateservice (gupdate1c9ef3e1032b233);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-17 133104]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-10-28 2152152]
    R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-06-18 1038088]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-17 133104]
    R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [x]
    R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [x]
    R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
    R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 VBorv;VirtualBox Service;c:\windows\system32\DRIVERS\VBorv.sys [x]
    S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]
    S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
    S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
    S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-10-01 24576]
    S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
    S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-02-18 462632]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-12-10 1394504]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH6.sys [x]
    S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
    S3 gwfilt64;gwfilt64;c:\windows\system32\drivers\gwfilt64.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
    S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
    S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
    .
    .
    --- Andere Services/Drivers In Geheugen ---
    .
    *Deregistered* - Lavasoft Kernexplorer
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    getPlusHelper REG_MULTI_SZ getPlusHelper
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-12-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-10-28 18:35]
    .
    2011-12-05 c:\windows\Tasks\Google Software Updater.job
    - c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-06 09:24]
    .
    2011-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-17 11:23]
    .
    2011-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-17 11:23]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00 avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="RAVCpl64.exe" [2008-09-18 6495264]
    "Acer Empowering Technology Monitor"="c:\program files\Acer\Empowering Technology\SysMonitor.exe" [2008-10-01 319488]
    "EmpoweringTechnology"="c:\program files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-10-01 323584]
    "OODefragTray"="c:\windows\system32\oodtray.exe" [2008-09-04 3828992]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x1
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    ------- Bijkomende Scan -------
    .
    uStart Page = hxxp://www.google.be/
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=1&o=vp64&d=0609&m=aspire_m7720
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: Converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: Doel van koppeling converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    TCP: DhcpNameServer = 193.109.184.72 193.109.184.75
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
    CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
    FF - ProfilePath - c:\users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\mb9vzacm.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
    FF - user.js: network.http.max-connections-per-server - 8
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
    .
    .
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
    @Denied: (A 2) (Everyone)
    @SACL=
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
    @SACL=
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
    @SACL=
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
    @SACL=
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
    @Denied: (A 2) (Everyone)
    @SACL=
    @="IFlashBroker"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
    @SACL=
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
    @SACL=
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker2"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @SACL=
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
    @SACL=
    @="Shockwave Flash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
    @Denied: (A 2) (Everyone)
    @SACL=
    @=""
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
    @SACL=
    @="FlashBroker"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
    "OODEFRAG11.00.00.01WORKSTATION"="08B37B26B3F18CE2290E402B37EAC61ACD4BE96C24E980B00E9BEF5D78D8CCF5DD F41079B3697CCC107517D80DFC590635DC7F5C6EAB215A3D145EE847CAE466F5BF9BB1AB90A241CF6984934641C39EF8B6A4 FC196CD8FE42AD70E98D3DB3F6DB8E48EF53D84C79D9363F561149EFC4901539C269014B4CB93A57EEC6E7BCBDEE6534FAF9 77F816F22EF242B2EA7CC2C4BC18C4B780D550918C37A87D41383464C671BC0265DC97B2273E178042B94134F10C406FC407 810D7B2A6BD48411B7423C84C162DF616586FAB33EE6AA2DD15002D514126D9E36C2E2BCB00233E68965D1E83D236823CAB0 865B40E34912675FB9294532DE952D9C23FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFE BC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D1407BA7FD869164D67945D575E7D6A3B98080E7B0F AFAA9F5DA0B04582BCE04FA1EFA3BAEF6DB12A4BF40C1B0576E1B733C4D2AC73451F99FEDBC2DFF6FB04F6CA9E730C2302EC 05A3F587BE86A19C934D72B70C18B730B45B84AD067CEFE2E89BC0B52A8F96266BCB3735764A74827925DE7D7D743E4DBCB1 815F939D92AABA754C23887587E959EBE1BA7269CD9D6DC702548712D89DE1913DB60AFAA2C06510BE67C0AB74F5B1FEA2B0 048B4DAADB945B66D412C97A36E226070C492338C37517A5109A43BE39542926A070D99892C2EACDB42817F0B15E2F99E151 DDDD168558F0D5BF196C19902B1DE2E81C0D42D8B7989A9889C33191CF2A776DD92F02728B5397AB64D9DDAB608B87DD00DF 0435CBCA9BC1B167F15F81685C10E9DE90C1BA4A7E05D495FA71065B71C6389E518733D9F312DF05977CC379C43C9F54ABCF 7646D804DD644401DC6A26B3B80908D47F33030C2B7B2B7397F3888A51A8264CD1AB9477B83EF34E298ACF46BB936AF6C734 C9476C5B962106E323279B2BB236655549BE61CD27A1B203BB35BCE69F19A530F1EF436A2AB897C936D15D5FEA68CC8EAD4F 97F25F16C88CDDC9FE60B1BC35EE43441122193E5C9A83E0B8F9C90CA69821B35E40821C3955C864850F8FB61AAA2F977C30 F88DE53D733A1666321F96A9A109807FD8F5DA80B9749B398AB0F812C751EEF54852CC0D13DA9F4366754669D67F87A98F3E 04A28B82CD5559257BC9C26E1789648F295C9054C5638F355E7508DC46EF39DD1446C2A66C1118674E66FC7BE733919A1B6D C1493ACBB95A91DEA27A4D35CB17696A03120D4E429AA4F5741C1671F61DC5F79D72F438D5B1902BB74678909EFB69001884 889EBCB73474CB0A9BF49F164EA9BE1D3197B75F16D17BBF62CEF0737DEC6F56FC4CCB8B35D64A0EB8A47B5560A167A7ED8B 97DA5BC0C7FDE96EE33C918C9AEF4AD49C38E683DA89EC195D022B737A086E6B926DA05A98AA35A2FA"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Voltooingstijd: 2011-12-05 16:10:15
    ComboFix-quarantined-files.txt 2011-12-05 15:10
    .
    Pre-Run: 341.665.091.584 bytes beschikbaar
    Post-Run: 341.531.840.512 bytes beschikbaar
    .
    - - End Of File - - 6A0A337E73A314914F5C3549E5F176CF

  5. #5
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.227

    Standaard

    Mooi zo.

    Doe nog even dit :

    Download MVPS Hosts.
    Unzip het programma naar een door u bepaalde locatie.

    Windows XP
    Klik op mvps.bat en kies voor “uitvoeren” om mvps.bat op te starten (*).
    Druk op toets om door te gaan.
    Van het bestaande bestand HOSTS op de standaardlocatie C:\windows\system32\drivers\etc wordt een backup gemaakt met de naam HOSTS.MVP
    Dan wordt het bestand vervangen door de actuele MVPS Hosts-versie.

    (*) Windows Vista en Windows 7 gebruikers moeten rechtsklikken op mvps.bat en kiezen voor ”uitvoeren als administrator” om mvps.bat op te starten.

    ... en hang dan een nieuw logje van HijackThis in je volgende bericht. Hoe staat het nu met de snelheid ?



  6. #6
    Lid
    Geregistreerd
    13 januari 2008
    Locatie
    Limburg
    Berichten
    252

    Standaard

    als ik deze uitvoer krijg ik een blauw schermpje waarin gezegd word dat het uptodate is en zegt dan druk op een toets om verder te gaan, als ik dan op een toets druk verdwijnt het schermpje en gebeurd er niets meer.

  7. #7
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.227

    Standaard

    OK, dan zijn we daar ook al zeker van. En de snelheid nu ?



  8. #8
    Lid
    Geregistreerd
    13 januari 2008
    Locatie
    Limburg
    Berichten
    252

    Standaard

    niets aan snelheid gewonnen en ik heb Avast Home opnieuw moeten installeren omdat deze niet meer opstarte bij opstart van Vista.

+ Reageren op discussie

Soortgelijke discussies

  1. Hijackthis log van pc
    door Bodrick in forum Archief Bestrijding malware & virussen
    Reacties: 2
    Laatste bericht: 28 september 2011, 19:57
  2. [OPGELOST] hijackthis
    door misteragga in forum Archief Bestrijding malware & virussen
    Reacties: 15
    Laatste bericht: 25 juni 2011, 19:11
  3. [OPGELOST] hijackthis
    door nico jolene in forum Archief Bestrijding malware & virussen
    Reacties: 49
    Laatste bericht: 23 juni 2011, 09:53
  4. Hijackthis
    door Toaboy in forum Archief Windows
    Reacties: 1
    Laatste bericht: 2 oktober 2010, 00:07
  5. [OPGELOST] Hijackthis
    door Toaboy in forum Archief Bestrijding malware & virussen
    Reacties: 10
    Laatste bericht: 9 september 2010, 05:40

Labels voor deze discussie

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •