Spring naar inhoud

Guest's Foto
Welkom,
Guest
Wenst u zich te registreren?


Foto
- - - - -

HijackThis


  • Log in om te reageren
7 reacties op dit onderwerp

#1 reddevel

reddevel

    Lid

  • Lid
  • PipPipPip
  • 261 berichten

Geplaatst 05 december 2011 - 08:43


Daar mijn pc de laatste tijd erg traag is geworden en zeker bij opstart heb ik HijackThis geïnstalleerd en hiermee een logje genomen, dit liep niet zoals het hoort. De versie van HijackThis is 2.0.4 en mijn besturingssysteem Vista Home Premium 64Bit. Na het installeren en het rechts klikken op het icoontje heb ik niet de keuze “als administrator uitvoeren”, als ik dan gewoon klik krijg ik deze waarschuwing te zien;

Geplaatste Afbeelding

door op oké te klikken maakt hij wel een logje of het dan volledig is daar twijfel ik aan maar hieronder toch het resultaat:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:29:26, on 5/12/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: SmartCopy.lnk = C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
O4 - Global Startup: SmartLauncher.lnk = C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmi...inAxControl.CAB
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.aka...vex-2.2.5.4.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Updateservice (gupdate1c9ef3e1032b233) (gupdate1c9ef3e1032b233) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\BurnAware Pro Retail by minimaL\nmsaccessu.exe
O23 - Service: O&O Defrag - Unknown owner - C:\Windows\system32\oodag.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12969 bytes
Groetjes ;)

Je bent nooit te oud om te leren :cool:

#2 Gerjannn

Gerjannn

    Lid

  • Lid
  • PipPipPip
  • 841 berichten

Geplaatst 05 december 2011 - 09:08

Beste reddevel,

Ik heb de experts ingelicht, en zij zullen je logje bekijken zodra ze online zijn :top:

#3 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40936 berichten

Geplaatst 05 december 2011 - 09:12

[FONT=&]Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop [/FONT]hasplms
[FONT=&]Druk op Enter.[/FONT]
[FONT=&]Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete [/FONT]hasplms
[FONT=&]Druk op Enter.[/FONT]

[FONT=&]Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:
[/FONT]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
[FONT=&]O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.aka....ex-2.2.5.4.cab[/FONT]

[FONT=&]Klik op 'Fix checked' om de items te verwijderen.[/FONT]

[FONT=&]Download ComboFix van één van deze locaties:

Link 1
Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op[/FONT]
[FONT=&]
1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.[/FONT]

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#4 reddevel

reddevel

    Lid

  • Lid
  • PipPipPip
  • 261 berichten

Geplaatst 05 december 2011 - 16:22

Bij het uitvoeren van de opdracht met HijackThis kreeg ik volgende een foutmelding en hierdoor kreeg hij de twee laatste regels niet verwijderd. Verder volgt hieronder het logbestand van Combofix;

ComboFix 11-12-05.01 - Johan 05/12/2011 15:59:59.1.8 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.6134.3771 [GMT 1:00]
Gestart vanuit: c:\users\Johan\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Johan\AppData\Roaming\.#
c:\users\Johan\AppData\Roaming\bits2
c:\users\Johan\AppData\Roaming\bits2\file.zip
c:\users\Johan\AppData\Roaming\bits2\libcurl-4.dll
c:\users\Johan\AppData\Roaming\bits2\mine.exe
c:\users\Johan\AppData\Roaming\bits2\OpenCL.dll
c:\users\Johan\AppData\Roaming\bits2\phatk110722.cl
c:\users\Johan\AppData\Roaming\bits2\poclbm110717.cl
c:\users\Johan\AppData\Roaming\bits2\pthreadGC2-w32.dll
c:\users\Johan\AppData\Roaming\bits2\unzip.exe
c:\users\Public\Documents\NTIMP3.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-11-05 to 2011-12-05 ))))))))))))))))))))))))))))))
.
.
2011-12-05 15:07 . 2011-12-05 15:07 -------- d-----w- c:\users\Johan\AppData\Local\temp
2011-12-05 15:07 . 2011-12-05 15:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-05 14:37 . 2011-12-05 14:37 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70C462C9-E41D-4C36-B81B-FFB51D1B7295}\offreg.dll
2011-12-05 07:26 . 2011-12-05 07:26 388096 ----a-r- c:\users\Johan\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-02 13:40 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70C462C9-E41D-4C36-B81B-FFB51D1B7295}\mpengine.dll
2011-12-01 16:46 . 2011-12-01 16:46 -------- d-----w- c:\users\Johan\AppData\Local\SpotLite
2011-12-01 16:46 . 2011-12-01 16:46 -------- d-----w- c:\program files (x86)\SpotLite
2011-11-26 23:07 . 2011-11-26 23:07 -------- d-----w- c:\programdata\ATI
2011-11-26 23:06 . 2011-11-26 23:06 -------- d-----w- c:\program files (x86)\AMD APP
2011-11-26 23:06 . 2011-11-26 23:06 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-11-26 23:03 . 2011-11-26 23:06 -------- d-----w- c:\program files\ATI Technologies
2011-11-26 23:01 . 2011-11-26 23:01 -------- d-----w- C:\ATI
2011-11-23 14:36 . 2011-11-23 14:38 -------- d-----w- c:\program files (x86)\SmillaEnlarger 0.9.0
2011-11-20 12:11 . 2011-11-04 11:37 224048 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-11-20 12:11 . 2011-11-04 11:37 130864 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-11-20 12:11 . 2011-11-20 12:11 -------- d-----w- c:\program files\Oracle
2011-11-09 07:38 . 2011-09-20 21:06 1426304 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 07:38 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-11-09 07:38 . 2011-10-17 11:41 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-11-09 07:38 . 2011-09-30 16:16 893440 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 07:38 . 2011-09-30 16:16 50688 ----a-w- c:\program files\Windows Mail\wabimp.dll
2011-11-09 07:38 . 2011-09-30 15:57 707584 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2010-06-29 14:30 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2009-06-11 13:15 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-01-15 18:55 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-03-01 21:48 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2009-06-11 13:16 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2009-06-11 13:16 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2009-06-11 13:16 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2009-06-11 13:16 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2009-06-11 13:16 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-04 11:37 . 2011-11-04 11:37 165680 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-11-04 11:37 . 2011-11-04 11:37 146736 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-11-04 11:36 . 2011-11-04 11:36 320816 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-11-01 17:36 . 2011-10-09 10:47 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-10-28 18:35 . 2011-09-03 19:42 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-10-26 03:05 . 2011-10-26 03:05 10496512 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-10-26 02:16 . 2011-10-26 02:16 24866816 ----a-w- c:\windows\system32\atio6axx.dll
2011-10-26 02:06 . 2011-10-26 02:06 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-10-26 02:05 . 2011-10-26 02:05 748544 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-10-26 02:04 . 2011-10-26 02:04 892416 ----a-w- c:\windows\system32\aticfx64.dll
2011-10-26 02:01 . 2011-10-26 02:01 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-10-26 02:01 . 2011-10-26 02:01 517120 ----a-w- c:\windows\system32\atieclxx.exe
2011-10-26 02:00 . 2011-10-26 02:00 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-10-26 01:59 . 2011-10-26 01:59 18757120 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-10-26 01:59 . 2009-06-06 11:33 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-10-26 01:59 . 2009-06-06 11:33 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-10-26 01:59 . 2011-10-26 01:59 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-10-26 01:59 . 2011-10-26 01:59 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-10-26 01:58 . 2011-10-26 01:58 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-10-26 01:58 . 2009-06-06 11:33 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-10-26 01:58 . 2011-10-26 01:58 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-10-26 01:55 . 2011-10-26 01:55 4292096 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-10-26 01:46 . 2011-10-26 01:46 5041664 ----a-w- c:\windows\system32\atidxx64.dll
2011-10-26 01:43 . 2011-10-26 01:43 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-10-26 01:43 . 2011-10-26 01:43 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-10-26 01:43 . 2009-06-06 11:33 4044288 ----a-w- c:\windows\system32\atiumd6a.dll
2011-10-26 01:38 . 2011-10-26 01:38 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-10-26 01:38 . 2011-10-26 01:38 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-10-26 01:38 . 2011-10-26 01:38 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-10-26 01:38 . 2011-10-26 01:38 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-10-26 01:38 . 2011-10-26 01:38 9978880 ----a-w- c:\windows\system32\aticaldd64.dll
2011-10-26 01:35 . 2009-06-06 11:33 4353536 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-10-26 01:34 . 2011-10-26 01:34 8449024 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-10-26 01:32 . 2009-06-06 11:33 4189184 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-10-26 01:29 . 2009-06-06 11:33 5510144 ----a-w- c:\windows\system32\atiumd64.dll
2011-10-26 01:29 . 2011-10-26 01:29 58880 ----a-w- c:\windows\system32\coinst.dll
2011-10-26 01:22 . 2011-10-26 01:22 486912 ----a-w- c:\windows\system32\atiadlxx.dll
2011-10-26 01:22 . 2011-10-26 01:22 339968 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-10-26 01:22 . 2011-10-26 01:22 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2011-10-26 01:22 . 2011-10-26 01:22 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-10-26 01:22 . 2011-10-26 01:22 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-10-26 01:22 . 2011-10-26 01:22 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-10-26 01:22 . 2011-10-26 01:22 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-10-26 01:21 . 2011-10-26 01:21 326656 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-10-26 01:21 . 2011-10-26 01:21 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-10-26 01:21 . 2011-10-26 01:21 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-10-26 01:21 . 2011-10-26 01:21 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-10-26 01:20 . 2011-10-26 01:20 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-10-26 01:20 . 2011-10-26 01:20 45056 ----a-w- c:\windows\system32\atitmp64.dll
2011-10-26 01:20 . 2011-10-26 01:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-10-26 01:16 . 2011-10-26 01:16 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-10-26 01:16 . 2011-10-26 01:16 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-10-26 01:15 . 2011-10-26 01:15 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-10-26 01:15 . 2011-10-26 01:15 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-10-25 20:21 . 2011-10-25 20:21 66560 ----a-w- c:\windows\system32\OpenVideo64.dll
2011-10-25 20:21 . 2011-10-25 20:21 56832 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-10-25 20:21 . 2011-10-25 20:21 66560 ----a-w- c:\windows\system32\OVDecoder64.dll
2011-10-25 20:21 . 2011-10-25 20:21 56832 ----a-w- c:\windows\SysWow64\OVDecoder.dll
2011-10-25 20:21 . 2011-10-25 20:21 16991744 ----a-w- c:\windows\system32\amdocl64.dll
2011-10-25 20:20 . 2011-10-25 20:20 13950464 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-10-25 20:19 . 2011-10-25 20:19 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-25 20:19 . 2011-10-25 20:19 44032 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-10-24 12:29 . 2011-10-24 12:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 12:29 . 2011-10-24 12:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-11 06:32 . 2011-10-11 06:32 658696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-10-03 03:06 . 2010-06-04 21:07 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 343168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SmartCopy.lnk - c:\program files (x86)\Northstar\SmartCopy\SmartCopy.exe [2009-6-6 319488]
SmartLauncher.lnk - c:\program files (x86)\Northstar\SmartLauncher\SmartLauncher.exe [2009-6-6 335872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0lsdelete
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate1c9ef3e1032b233;Google Updateservice (gupdate1c9ef3e1032b233);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-17 133104]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-10-28 2152152]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-06-18 1038088]
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-17 133104]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-10-01 24576]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-02-18 462632]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-12-10 1394504]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH6.sys [x]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
S3 gwfilt64;gwfilt64;c:\windows\system32\drivers\gwfilt64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*Deregistered* - Lavasoft Kernexplorer
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Inhoud van de 'Gedeelde Taken' map
.
2011-12-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-10-28 18:35]
.
2011-12-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-06 09:24]
.
2011-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-17 11:23]
.
2011-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-06-17 11:23]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2008-09-18 6495264]
"Acer Empowering Technology Monitor"="c:\program files\Acer\Empowering Technology\SysMonitor.exe" [2008-10-01 319488]
"EmpoweringTechnology"="c:\program files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-10-01 323584]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-09-04 3828992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=1&o=vp64&d=0609&m=aspire_m7720
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Doel van koppeling converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 193.109.184.72 193.109.184.75
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\mb9vzacm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlDbg10.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@SACL=
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
@SACL=
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@SACL=
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@SACL=
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@SACL=
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@SACL=
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@SACL=
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="08B37B26B3F18CE2290E402B37EAC61ACD4BE96C24E980B00E9BEF5D78D8CCF5DDF41079B3697CCC107517D80DFC590635DC7F5C6EAB215A3D145EE847CAE466F5BF9BB1AB90A241CF6984934641C39EF8B6A4FC196CD8FE42AD70E98D3DB3F6DB8E48EF53D84C79D9363F561149EFC4901539C269014B4CB93A57EEC6E7BCBDEE6534FAF977F816F22EF242B2EA7CC2C4BC18C4B780D550918C37A87D41383464C671BC0265DC97B2273E178042B94134F10C406FC407810D7B2A6BD48411B7423C84C162DF616586FAB33EE6AA2DD15002D514126D9E36C2E2BCB00233E68965D1E83D236823CAB0865B40E34912675FB9294532DE952D9C23FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D1407BA7FD869164D67945D575E7D6A3B98080E7B0FAFAA9F5DA0B04582BCE04FA1EFA3BAEF6DB12A4BF40C1B0576E1B733C4D2AC73451F99FEDBC2DFF6FB04F6CA9E730C2302EC05A3F587BE86A19C934D72B70C18B730B45B84AD067CEFE2E89BC0B52A8F96266BCB3735764A74827925DE7D7D743E4DBCB1815F939D92AABA754C23887587E959EBE1BA7269CD9D6DC702548712D89DE1913DB60AFAA2C06510BE67C0AB74F5B1FEA2B0048B4DAADB945B66D412C97A36E226070C492338C37517A5109A43BE39542926A070D99892C2EACDB42817F0B15E2F99E151DDDD168558F0D5BF196C19902B1DE2E81C0D42D8B7989A9889C33191CF2A776DD92F02728B5397AB64D9DDAB608B87DD00DF0435CBCA9BC1B167F15F81685C10E9DE90C1BA4A7E05D495FA71065B71C6389E518733D9F312DF05977CC379C43C9F54ABCF7646D804DD644401DC6A26B3B80908D47F33030C2B7B2B7397F3888A51A8264CD1AB9477B83EF34E298ACF46BB936AF6C734C9476C5B962106E323279B2BB236655549BE61CD27A1B203BB35BCE69F19A530F1EF436A2AB897C936D15D5FEA68CC8EAD4F97F25F16C88CDDC9FE60B1BC35EE43441122193E5C9A83E0B8F9C90CA69821B35E40821C3955C864850F8FB61AAA2F977C30F88DE53D733A1666321F96A9A109807FD8F5DA80B9749B398AB0F812C751EEF54852CC0D13DA9F4366754669D67F87A98F3E04A28B82CD5559257BC9C26E1789648F295C9054C5638F355E7508DC46EF39DD1446C2A66C1118674E66FC7BE733919A1B6DC1493ACBB95A91DEA27A4D35CB17696A03120D4E429AA4F5741C1671F61DC5F79D72F438D5B1902BB74678909EFB69001884889EBCB73474CB0A9BF49F164EA9BE1D3197B75F16D17BBF62CEF0737DEC6F56FC4CCB8B35D64A0EB8A47B5560A167A7ED8B97DA5BC0C7FDE96EE33C918C9AEF4AD49C38E683DA89EC195D022B737A086E6B926DA05A98AA35A2FA"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2011-12-05 16:10:15
ComboFix-quarantined-files.txt 2011-12-05 15:10
.
Pre-Run: 341.665.091.584 bytes beschikbaar
Post-Run: 341.531.840.512 bytes beschikbaar
.
- - End Of File - - 6A0A337E73A314914F5C3549E5F176CF
Groetjes ;)

Je bent nooit te oud om te leren :cool:

#5 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40936 berichten

Geplaatst 05 december 2011 - 17:54

Mooi zo.

Doe nog even dit :

Download MVPS Hosts.
Unzip het programma naar een door u bepaalde locatie.

Windows XP
Klik op mvps.bat en kies voor “uitvoeren” om mvps.bat op te starten (*).
Druk op toets om door te gaan.
Van het bestaande bestand HOSTS op de standaardlocatie C:\windows\system32\drivers\etc wordt een backup gemaakt met de naam HOSTS.MVP
Dan wordt het bestand vervangen door de actuele MVPS Hosts-versie.

(*) Windows Vista en Windows 7 gebruikers moeten rechtsklikken op mvps.bat en kiezen voor ”uitvoeren als administrator” om mvps.bat op te starten.

... en hang dan een nieuw logje van HijackThis in je volgende bericht. Hoe staat het nu met de snelheid ?

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#6 reddevel

reddevel

    Lid

  • Lid
  • PipPipPip
  • 261 berichten

Geplaatst 05 december 2011 - 18:46

als ik deze uitvoer krijg ik een blauw schermpje waarin gezegd word dat het uptodate is en zegt dan druk op een toets om verder te gaan, als ik dan op een toets druk verdwijnt het schermpje en gebeurd er niets meer.
Groetjes ;)

Je bent nooit te oud om te leren :cool:

#7 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40936 berichten

Geplaatst 05 december 2011 - 18:48

OK, dan zijn we daar ook al zeker van. En de snelheid nu ?

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#8 reddevel

reddevel

    Lid

  • Lid
  • PipPipPip
  • 261 berichten

Geplaatst 06 december 2011 - 08:33

niets aan snelheid gewonnen en ik heb Avast Home opnieuw moeten installeren omdat deze niet meer opstarte bij opstart van Vista.
Groetjes ;)

Je bent nooit te oud om te leren :cool:




0 gebruiker(s) lezen dit onderwerp

0 leden, 0 gasten, 0 anonieme gebruikers

Over ons

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!