Weergegeven resultaten: 1 t/m 11 van 11
  1. #1
    Approved 9-lifer iLu_RoX's schermafbeelding
    Lid sinds
    8/12/08
    Locatie
    Roeselare
    Berichten
    396
    iTrader
    6 (100%)

    Thumbs up Extreem traag opstarten + admin priv ook

    Dus als mijn pc opstart gaat dit extreem traag . Ook als ik iets wil installen gaat dit enorm traag eer het venster van windows oppopt om te bevestigen van toestaan enzo .


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 17:55:09, on 7/03/2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18999)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Logitech\G35\G35.exe
    C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
    F2 - REGystem.ini: UserInit=userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\s wg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" -launchedbylogin
    O4 - HKLM\..\Run: [Zboard] "C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
    O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.ex e" -launchedbylogin
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Free YouTube Download - C:\Users\Davy\AppData\Roaming\DVDVideoSoftIEHelper s\youtubedownload.htm
    O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Davy\AppData\Roaming\DVDVideoSoftIEHelper s\youtubetomp3.htm
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E117 12C84EA7E12B.dll/cmsidewiki.html
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 11086 bytes

  2. #2
    Approved 9-lifer iLu_RoX's schermafbeelding
    Lid sinds
    8/12/08
    Locatie
    Roeselare
    Berichten
    396
    iTrader
    6 (100%)
    wat ik er nog wilde bij vermelden maar mijn Windows Media player crasht altijd . Kan die plots niet meer gebruiken . Als ik bij updates zoek heb ik de laatste versie

  3. #3
    Member Juisterr's schermafbeelding
    Lid sinds
    10/11/06
    Locatie
    Oegstgeest
    Berichten
    2.529
    iTrader
    0
    Klik met de rechtermuis op het programma Hijackthis en kies voor "Uitvoeren als Administrator"
    Kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.



    Download ComboFix van één van deze locaties:

    Link 1
    Link 2

    * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.

    >>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.

    1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

    * (hier of hier staat een handleiding over hoe je deze kan uitschakelen

    2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
    3. Dubbelklik op "Combofix.exe" om de tool te starten.
    4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

    * Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

    5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

    Start hijackthis opnieuw en maak een nieuw HijackThis logje, let wel op want
    je moet HijackThis als Administrator uitvoeren en dan de nieuwe log posten.
    Indien je het niet als administrator uitvoert, wordt de oude log niet overschreven.

  4. #4
    Approved 9-lifer iLu_RoX's schermafbeelding
    Lid sinds
    8/12/08
    Locatie
    Roeselare
    Berichten
    396
    iTrader
    6 (100%)
    Ja dat is nu ook iets .
    Als ik rechtermuisknop duw op hijack this krijg ik niks van uitvoeren als admin . Ik krijg alleen openen

    Link

  5. #5
    Approved 9-lifer iLu_RoX's schermafbeelding
    Lid sinds
    8/12/08
    Locatie
    Roeselare
    Berichten
    396
    iTrader
    6 (100%)
    ComboFix 11-03-07.02 - Davy 07/03/2011 21:08:53.1.2 - x64
    Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.32.1033.18.6142.2064 [GMT 1:00]
    Gestart vanuit: c:\users\Davy\Downloads\ComboFix.exe
    AV: Lavasoft Ad-Watch Live! Antivirus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Davy\AppData\Roaming\PriceGong
    c:\users\Davy\AppData\Roaming\PriceGong\Data\1.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\a.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\b.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\c.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\d.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\e.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\f.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\g.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\h.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\i.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\J.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\k.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\l.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\m.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\mru.x ml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\n.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\o.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\p.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\q.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\r.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\s.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\t.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\u.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\v.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\w.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\x.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\y.xml
    c:\users\Davy\AppData\Roaming\PriceGong\Data\z.xml
    c:\windows\system32\AutoRun.inf
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-02-07 to 2011-03-07 ))))))))))))))))))))))))))))))
    .
    .
    2011-03-07 20:05 . 2011-03-07 20:06 -------- d-----w- C:\32788R22FWJFW
    2011-03-07 18:42 . 2011-03-07 18:42 -------- d-----w- c:\program files\iPod
    2011-03-07 18:42 . 2011-03-07 18:43 -------- d-----w- c:\program files\iTunes
    2011-03-07 18:42 . 2011-03-07 18:43 -------- d-----w- c:\program files (x86)\iTunes
    2011-03-07 18:39 . 2011-03-07 18:39 -------- d-----w- c:\windows\LastGood
    2011-03-07 18:38 . 2011-03-07 18:38 -------- d-----w- c:\program files\Bonjour
    2011-03-07 18:38 . 2011-03-07 18:38 -------- d-----w- c:\program files (x86)\Bonjour
    2011-03-07 16:41 . 2011-03-07 16:41 388096 ----a-r- c:\users\Davy\AppData\Roaming\Microsoft\Installer\ {45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-03-07 16:41 . 2011-03-07 16:41 -------- d-----w- c:\program files (x86)\Trend Micro
    2011-03-04 15:59 . 2011-03-04 15:59 -------- d-----w- c:\users\Davy\AppData\Roaming\PacificPoker
    2011-03-04 15:58 . 2011-03-04 15:59 -------- d-----w- c:\program files (x86)\PacificPoker
    2011-03-02 14:33 . 2003-06-25 09:17 374272 ----a-w- c:\windows\SysWow64\Dav3_32.dll
    2011-03-02 14:33 . 2003-06-24 11:35 143360 ----a-w- c:\windows\SysWow64\Leon3_32.dll
    2011-02-28 22:38 . 2011-02-28 22:38 -------- d-----w- c:\users\Davy\AppData\Roaming\Aulux Barcode Label Maker
    2011-02-28 22:38 . 2011-02-28 22:38 -------- d-----w- c:\program files (x86)\Barcode Label Maker Professional Edition
    2011-02-28 22:25 . 2011-02-28 22:25 -------- d-----w- c:\programdata\Hewlett-Packard
    2011-02-28 22:25 . 2007-03-28 12:57 224768 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzpp5ha.dl l
    2011-02-28 22:23 . 2007-03-28 13:02 131072 ----a-w- c:\windows\system32\hpz3l5ha.dll
    2011-02-28 22:23 . 2007-03-28 13:01 233472 ----a-w- c:\windows\SysWow64\hpzc35ha.dll
    2011-02-28 22:23 . 2006-11-30 10:14 671816 ----a-w- c:\windows\SysWow64\hpcdmc32.dll
    2011-02-28 22:18 . 2007-03-31 05:18 355416 ----a-w- c:\windows\system32\hpzids40.dll
    2011-02-28 22:18 . 2007-03-17 20:39 861184 ----a-w- c:\windows\system32\hpowiax4.dll
    2011-02-28 22:18 . 2007-03-17 20:39 497664 ----a-w- c:\windows\system32\hpovst11.dll
    2011-02-28 22:18 . 2007-03-17 20:39 1389056 ----a-w- c:\windows\system32\hpotiop4.dll
    2011-02-28 22:18 . 2007-03-08 19:20 540672 ----a-w- c:\windows\system32\hppldcoi.dll
    2011-02-28 22:12 . 2010-03-28 20:44 4493312 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Barcode Maker 5\Barcode5.exe
    2011-02-28 22:09 . 2011-02-28 22:09 -------- d-----w- c:\users\Davy\AppData\Local\{E8B7AD47-B223-4B6D-A195-337C6905B930}
    2011-02-28 19:19 . 2011-02-28 19:19 -------- d-----w- c:\program files\Logitech
    2011-02-28 18:28 . 2011-02-28 18:28 -------- d-----w- c:\windows\SysWow64\RTCOM
    2011-02-28 18:24 . 2011-01-20 13:47 1943616 ----a-w- c:\windows\system32\FMAPO64.dll
    2011-02-28 18:22 . 2005-11-13 22:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Int el32\DotNetInstaller.exe
    2011-02-28 17:42 . 2011-02-28 17:42 -------- d-----w- c:\program files (x86)\Realtek
    2011-02-28 17:36 . 2011-02-28 17:36 -------- d-----w- c:\program files (x86)\Driver-Soft
    2011-02-28 17:34 . 2011-01-13 16:29 2270208 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Driver Genius Professional Edition\DriverGenius.exe
    2011-02-28 16:18 . 2011-02-28 16:18 -------- d-----w- c:\users\Davy\.thumbnails
    2011-02-28 15:44 . 2011-02-28 16:34 -------- d-----w- c:\users\Davy\.gimp-2.6
    2011-02-28 15:44 . 2011-02-28 15:44 -------- d-----w- c:\program files (x86)\GIMP-2.0
    2011-02-28 12:37 . 2011-03-02 14:33 -------- d-----w- c:\users\Davy\AppData\Roaming\APLI
    2011-02-28 12:34 . 2011-03-02 14:33 -------- d-----w- c:\program files (x86)\Apli
    2011-02-28 12:33 . 2011-02-28 12:33 -------- d-----w- c:\programdata\WEBREG
    2011-02-28 12:27 . 2011-02-28 12:27 -------- d-----w- c:\program files (x86)\Hewlett-Packard
    2011-02-28 12:27 . 2011-02-28 12:27 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
    2011-02-28 12:22 . 2011-02-28 12:31 -------- d-----w- c:\program files (x86)\HP
    2011-02-28 12:14 . 2011-02-28 12:33 -------- d-----w- c:\programdata\HP
    2011-02-26 08:44 . 2011-02-28 22:10 -------- d-----w- c:\program files (x86)\Barcode Maker 5
    2011-02-26 00:12 . 2011-02-28 22:49 -------- d-----w- c:\program files (x86)\BarcodeOverprinter
    2011-02-25 19:30 . 2011-02-25 19:30 -------- d-----w- c:\users\Davy\AppData\Roaming\Leadertech
    2011-02-25 19:19 . 2011-02-25 19:19 -------- d-----w- c:\program files (x86)\Logitech
    2011-02-25 19:18 . 2011-02-25 19:18 -------- d-----w- c:\programdata\LogiShrd
    2011-02-25 08:54 . 2011-02-25 08:54 -------- d-----w- c:\program files (x86)\EA
    2011-02-25 08:53 . 2011-02-25 08:53 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
    2011-02-23 19:35 . 2011-02-23 19:44 -------- d-----w- c:\users\Davy\AppData\Local\SecondLife
    2011-02-23 19:35 . 2011-02-23 19:36 -------- d-----w- c:\users\Davy\AppData\Roaming\SecondLife
    2011-02-23 19:35 . 2011-02-23 19:36 -------- d-----w- c:\program files (x86)\SecondLifeViewer2
    2011-02-23 15:51 . 2011-02-19 16:05 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2011-02-16 17:58 . 2010-12-03 09:05 15880 ----a-w- c:\windows\system32\lsdelete.exe
    2011-02-16 17:11 . 2011-02-16 17:11 -------- d-----w- c:\users\Davy\AppData\Roaming\Adobe Mini Bridge CS5
    2011-02-16 17:11 . 2011-02-16 17:11 -------- d-----w- c:\users\Davy\AppData\Roaming\StageManager.BD09281 8F67280F4B42B04877600987F0111B594.1
    2011-02-16 15:50 . 2010-12-03 09:05 69152 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2011-02-16 15:49 . 2011-02-16 15:49 -------- dc-h--w- c:\programdata\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
    2011-02-16 15:49 . 2011-02-16 15:50 -------- d-----w- c:\programdata\Lavasoft
    2011-02-16 15:49 . 2011-02-16 15:49 -------- d-----w- c:\program files (x86)\Lavasoft
    2011-02-16 15:13 . 2011-02-16 15:13 -------- d-----w- c:\windows\system32\appmgmt
    2011-02-16 06:18 . 2011-02-16 06:18 -------- d-----w- c:\program files (x86)\Common Files\Java
    2011-02-15 21:31 . 2011-02-15 21:51 -------- d-----w- c:\program files (x86)\FoxTabVideoConverter
    2011-02-13 17:14 . 2011-02-13 17:14 -------- d-----w- c:\program files (x86)\CamStudio
    2011-02-13 12:29 . 2011-02-20 11:40 -------- d-----w- c:\users\Davy\SC2 Builds
    2011-02-13 00:34 . 2011-02-13 00:54 -------- d-----w- c:\users\Davy\Calibre Bibliotheek
    2011-02-13 00:34 . 2011-02-13 00:37 -------- d-----w- c:\users\Davy\AppData\Roaming\calibre
    2011-02-13 00:33 . 2011-02-13 00:34 -------- d-----w- c:\program files (x86)\Calibre2
    2011-02-11 18:27 . 2011-02-11 18:27 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
    2011-02-11 18:26 . 2011-02-11 18:26 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
    2011-02-11 18:26 . 2011-02-11 18:26 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
    2011-02-11 18:24 . 2011-02-11 18:24 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
    2011-02-11 18:23 . 2011-02-11 18:23 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
    2011-02-11 18:22 . 2011-02-11 18:22 -------- d-----r- C:\MSOCache
    2011-02-09 20:31 . 2011-02-09 20:31 -------- d-----w- c:\users\Davy\Originele files website
    2011-02-09 20:01 . 2011-02-09 20:01 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
    2011-02-09 19:54 . 2011-02-09 19:54 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
    2011-02-08 18:35 . 2011-02-08 21:34 -------- d-----w- c:\users\Davy\AppData\Roaming\FileZilla
    2011-02-08 18:35 . 2011-02-08 18:35 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
    2011-02-07 20:56 . 2011-02-07 20:56 -------- d-----w- c:\program files (x86)\TeamViewer
    2011-02-07 20:53 . 2011-03-03 21:56 -------- d-----w- c:\users\Davy\AppData\Roaming\TeamViewer
    2011-02-07 20:51 . 2011-02-07 20:54 -------- d-----w- c:\users\Davy\AppData\Roaming\TeamViewer Manager
    2011-02-07 20:50 . 2011-02-07 20:55 -------- d-----w- c:\program files (x86)\TeamViewer Manager 5
    2011-02-07 16:39 . 2011-02-07 16:39 -------- d-----w- c:\users\Davy\AppData\Local\assembly
    2011-02-07 15:14 . 2011-02-07 15:14 -------- d-----w- c:\users\Davy\AppData\Local\LogMeInIgnition
    2011-02-07 15:14 . 2011-02-07 15:14 -------- d-----w- c:\program files (x86)\LogMeIn Ignition
    2011-02-07 10:28 . 2011-02-07 10:28 -------- d-----w- c:\users\Davy\AppData\Roaming\ImTOO
    2011-02-07 10:22 . 2011-02-07 10:22 -------- d-----w- c:\programdata\ImTOO
    2011-02-07 10:22 . 2011-02-07 10:22 -------- d-----w- c:\program files (x86)\ImTOO
    2011-02-06 00:32 . 2011-02-28 17:03 -------- d-----w- c:\users\Davy\.evolutionchamber
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
    .
    2011-02-28 22:49 . 2010-11-21 16:36 724992 ----a-w- c:\windows\iun6002.exe
    2011-02-28 18:25 . 2011-01-21 21:33 525792 ----a-w- c:\windows\DIFxAPI.dll
    2011-02-02 20:40 . 2010-11-15 21:18 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2011-01-24 12:29 . 2011-01-21 21:32 1284712 ----a-w- c:\windows\RtlExUpd.dll
    2011-01-22 22:14 . 2011-01-22 22:14 53248 ----a-r- c:\users\Davy\AppData\Roaming\Microsoft\Installer\ {6BA13EFC-E8D0-4D37-AF04-42796CF0E8F5}\ARPPRODUCTICON.exe
    2011-01-19 17:26 . 2011-01-19 17:26 41984 ----a-w- c:\windows\system32\~WebUpdateHelper.exe
    2010-12-28 16:08 . 2011-01-19 21:37 466944 ----a-w- c:\windows\system32\odbc32.dll
    2010-12-28 15:55 . 2011-01-19 21:37 413696 ----a-w- c:\windows\SysWow64\odbc32.dll
    2010-12-14 17:51 . 2010-12-14 17:51 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
    2010-12-14 17:51 . 2010-12-14 17:51 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
    2010-12-14 16:15 . 2011-01-19 21:37 1251840 ----a-w- c:\windows\system32\sdclt.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2010-11-13 39408]
    "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1555968]
    "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-01-03 15028104]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
    "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" [2008-08-14 611712]
    "Zboard"="c:\program files (x86)\Ideazon\ZEngine\Zboard.exe" [2009-06-04 57344]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-03 98304]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.ex e" [2010-02-22 406992]
    "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
    "Logitech G35"="c:\program files (x86)\Logitech\G35\G35.exe" [2010-10-05 1811800]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-01 421160]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-13 136176]
    R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-03-01 1405384]
    R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-01-09 4925184]
    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-12-14 51712]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0. 30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
    S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdi de64.sys [2007-10-12 10632]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-12-03 69152]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-30 834544]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 203776]
    S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atik mdag.sys [2010-10-27 8012288]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atik mpag.sys [2010-10-27 287232]
    S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-04-27 57856]
    S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH6.sys [2010-08-16 114704]
    S3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.s ys [2010-09-29 62168]
    S3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.s ys [2010-09-29 377176]
    S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys [2006-09-18 55640]
    S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-21 38456]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-13 15:32]
    .
    2011-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-13 15:32]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [X]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe" [2010-03-06 500208]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Bijkomende Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.be/
    mStart Page = hxxp://home.sweetim.com
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Free YouTube Download - c:\users\Davy\AppData\Roaming\DVDVideoSoftIEHelper s\youtubedownload.htm
    IE: Free YouTube to Mp3 Converter - c:\users\Davy\AppData\Roaming\DVDVideoSoftIEHelper s\youtubetomp3.htm
    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E117 12C84EA7E12B.dll/cmsidewiki.html
    IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    FF - ProfilePath - c:\users\Davy\AppData\Roaming\Mozilla\Firefox\Prof iles\k4275di3.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
    FF - prefs.js: browser.search.selectedEngine - SweetIM Search
    FF - prefs.js: browser.startup.homepage - hxxp://s4.travian.com/dorf1.php|YouTube - Broadcast Yourself.
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
    FF - Ext: Firefox Sync: {340c2bbc-ce74-4362-90b5-7c26312808ef} - %profile%\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Wow6432Node-HKLM-Run-TaskTray - (no file)
    WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
    WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
    .
    .
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macrome d\\Flash\\FlashUtil10l_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUt il10l_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10 l.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10 l.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10 l.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10 l.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Ty peLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Ty peLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
    @="Shockwave Flash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Ty peLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
    @Denied: (A 2) (Everyone)
    @=""
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Ty peLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
    @="FlashBroker"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00 ,49,00,53,00,54,00,52,00,59,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00 ,5c,00,53,00,4f,00,46,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    Voltooingstijd: 2011-03-07 21:19:20
    ComboFix-quarantined-files.txt 2011-03-07 20:19
    .
    Pre-Run: 249.370.779.648 bytes beschikbaar
    Post-Run: 251.061.317.632 bytes free
    .
    - - End Of File - - 2387B8E3BEEF108E8D23F8572B384AEB

  6. #6
    Approved 9-lifer iLu_RoX's schermafbeelding
    Lid sinds
    8/12/08
    Locatie
    Roeselare
    Berichten
    396
    iTrader
    6 (100%)
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 21:31:28, on 7/03/2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18999)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Logitech\G35\G35.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\s wg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" -launchedbylogin
    O4 - HKLM\..\Run: [Zboard] "C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
    O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.ex e" -launchedbylogin
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Free YouTube Download - C:\Users\Davy\AppData\Roaming\DVDVideoSoftIEHelper s\youtubedownload.htm
    O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Davy\AppData\Roaming\DVDVideoSoftIEHelper s\youtubetomp3.htm
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E117 12C84EA7E12B.dll/cmsidewiki.html
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10819 bytes


    Deze log is niet in admin zie post boven

  7. #7
    Member Juisterr's schermafbeelding
    Lid sinds
    10/11/06
    Locatie
    Oegstgeest
    Berichten
    2.529
    iTrader
    0
    Open Kladblok, kopieer en plak het volgende (vetgedrukte, blauwe tekst) in een leeg venster:

    Firefox::
    FF - ProfilePath - c:\users\Davy\AppData\Roaming\Mozilla\Firefox\Prof iles\k4275di3.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
    FF - prefs.js: browser.search.selectedEngine - SweetIM Search
    FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com



    Sla dit op op je Bureaublad als CFScript.txt.

    Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :

    http://crew.nucia.eu/smeenk/CFScript.gif
    Dit zal ComboFix doen herstarten.

    Na het herstarten van je computer, (indien het vraagt om te herstarten), kopieer en plak de inhoud van Combofix.txt in je volgende antwoord.

  8. #8
    Approved 9-lifer iLu_RoX's schermafbeelding
    Lid sinds
    8/12/08
    Locatie
    Roeselare
    Berichten
    396
    iTrader
    6 (100%)
    ComboFix 11-03-08.09 - Davy 09/03/2011 19:02:39.2.2 - x64
    Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.32.1033.18.6142.3760 [GMT 1:00]
    Gestart vanuit: c:\users\Davy\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Davy\Desktop\CFScript.txt
    AV: Lavasoft Ad-Watch Live! Antivirus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-02-09 to 2011-03-09 ))))))))))))))))))))))))))))))
    .
    .
    2011-03-09 18:08 . 2011-03-09 18:08 -------- d-----w- c:\users\Guest\AppData\Local\temp
    2011-03-09 18:08 . 2011-03-09 18:08 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-03-08 18:02 . 2011-03-08 18:02 -------- d-----w- c:\users\Davy\AppData\Roaming\Dyyno
    2011-03-08 18:02 . 2011-03-08 18:02 -------- d-----w- c:\program files (x86)\Dyyno
    2011-03-08 15:44 . 2011-03-08 15:44 -------- d-----w- c:\programdata\Electronic Arts
    2011-03-08 15:44 . 2011-03-08 15:44 -------- d-----w- c:\programdata\EA Core
    2011-03-08 15:06 . 2011-03-08 15:06 388096 ----a-r- c:\users\Davy\AppData\Roaming\Microsoft\Installer\ {45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-03-08 15:06 . 2011-03-08 15:06 -------- d-----w- c:\program files (x86)\Trend Micro
    2011-03-07 18:42 . 2011-03-07 18:42 -------- d-----w- c:\program files\iPod
    2011-03-07 18:42 . 2011-03-07 18:43 -------- d-----w- c:\program files\iTunes
    2011-03-07 18:42 . 2011-03-07 18:43 -------- d-----w- c:\program files (x86)\iTunes
    2011-03-07 18:38 . 2011-03-07 18:38 -------- d-----w- c:\program files\Bonjour
    2011-03-07 18:38 . 2011-03-07 18:38 -------- d-----w- c:\program files (x86)\Bonjour
    2011-03-04 15:59 . 2011-03-04 15:59 -------- d-----w- c:\users\Davy\AppData\Roaming\PacificPoker
    2011-03-04 15:58 . 2011-03-04 15:59 -------- d-----w- c:\program files (x86)\PacificPoker
    2011-03-02 14:33 . 2003-06-25 09:17 374272 ----a-w- c:\windows\SysWow64\Dav3_32.dll
    2011-03-02 14:33 . 2003-06-24 11:35 143360 ----a-w- c:\windows\SysWow64\Leon3_32.dll
    2011-02-28 22:38 . 2011-02-28 22:38 -------- d-----w- c:\users\Davy\AppData\Roaming\Aulux Barcode Label Maker
    2011-02-28 22:38 . 2011-02-28 22:38 -------- d-----w- c:\program files (x86)\Barcode Label Maker Professional Edition
    2011-02-28 22:25 . 2011-02-28 22:25 -------- d-----w- c:\programdata\Hewlett-Packard
    2011-02-28 22:25 . 2007-03-28 12:57 224768 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzpp5ha.dl l
    2011-02-28 22:23 . 2007-03-28 13:02 131072 ----a-w- c:\windows\system32\hpz3l5ha.dll
    2011-02-28 22:23 . 2007-03-28 13:01 233472 ----a-w- c:\windows\SysWow64\hpzc35ha.dll
    2011-02-28 22:23 . 2006-11-30 10:14 671816 ----a-w- c:\windows\SysWow64\hpcdmc32.dll
    2011-02-28 22:18 . 2007-03-31 05:18 355416 ----a-w- c:\windows\system32\hpzids40.dll
    2011-02-28 22:18 . 2007-03-17 20:39 861184 ----a-w- c:\windows\system32\hpowiax4.dll
    2011-02-28 22:18 . 2007-03-17 20:39 497664 ----a-w- c:\windows\system32\hpovst11.dll
    2011-02-28 22:18 . 2007-03-17 20:39 1389056 ----a-w- c:\windows\system32\hpotiop4.dll
    2011-02-28 22:18 . 2007-03-08 19:20 540672 ----a-w- c:\windows\system32\hppldcoi.dll
    2011-02-28 22:12 . 2010-03-28 20:44 4493312 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Barcode Maker 5\Barcode5.exe
    2011-02-28 22:09 . 2011-02-28 22:09 -------- d-----w- c:\users\Davy\AppData\Local\{E8B7AD47-B223-4B6D-A195-337C6905B930}
    2011-02-28 19:19 . 2011-02-28 19:19 -------- d-----w- c:\program files\Logitech
    2011-02-28 18:28 . 2011-02-28 18:28 -------- d-----w- c:\windows\SysWow64\RTCOM
    2011-02-28 18:24 . 2011-01-20 13:47 1943616 ----a-w- c:\windows\system32\FMAPO64.dll
    2011-02-28 18:22 . 2005-11-13 22:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Int el32\DotNetInstaller.exe
    2011-02-28 17:42 . 2011-02-28 17:42 -------- d-----w- c:\program files (x86)\Realtek
    2011-02-28 17:36 . 2011-02-28 17:36 -------- d-----w- c:\program files (x86)\Driver-Soft
    2011-02-28 17:34 . 2011-01-13 16:29 2270208 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Driver Genius Professional Edition\DriverGenius.exe
    2011-02-28 16:18 . 2011-02-28 16:18 -------- d-----w- c:\users\Davy\.thumbnails
    2011-02-28 15:44 . 2011-02-28 16:34 -------- d-----w- c:\users\Davy\.gimp-2.6
    2011-02-28 15:44 . 2011-02-28 15:44 -------- d-----w- c:\program files (x86)\GIMP-2.0
    2011-02-28 12:37 . 2011-03-02 14:33 -------- d-----w- c:\users\Davy\AppData\Roaming\APLI
    2011-02-28 12:34 . 2011-03-02 14:33 -------- d-----w- c:\program files (x86)\Apli
    2011-02-28 12:33 . 2011-02-28 12:33 -------- d-----w- c:\programdata\WEBREG
    2011-02-28 12:27 . 2011-02-28 12:27 -------- d-----w- c:\program files (x86)\Hewlett-Packard
    2011-02-28 12:27 . 2011-02-28 12:27 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
    2011-02-28 12:22 . 2011-02-28 12:31 -------- d-----w- c:\program files (x86)\HP
    2011-02-28 12:14 . 2011-02-28 12:33 -------- d-----w- c:\programdata\HP
    2011-02-26 08:44 . 2011-02-28 22:10 -------- d-----w- c:\program files (x86)\Barcode Maker 5
    2011-02-26 00:12 . 2011-02-28 22:49 -------- d-----w- c:\program files (x86)\BarcodeOverprinter
    2011-02-25 19:30 . 2011-02-25 19:30 -------- d-----w- c:\users\Davy\AppData\Roaming\Leadertech
    2011-02-25 19:19 . 2011-02-25 19:19 -------- d-----w- c:\program files (x86)\Logitech
    2011-02-25 19:18 . 2011-02-25 19:18 -------- d-----w- c:\programdata\LogiShrd
    2011-02-25 08:54 . 2011-02-25 08:54 -------- d-----w- c:\program files (x86)\EA
    2011-02-25 08:53 . 2011-02-25 08:53 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
    2011-02-23 19:35 . 2011-02-23 19:44 -------- d-----w- c:\users\Davy\AppData\Local\SecondLife
    2011-02-23 19:35 . 2011-02-23 19:36 -------- d-----w- c:\users\Davy\AppData\Roaming\SecondLife
    2011-02-23 19:35 . 2011-02-23 19:36 -------- d-----w- c:\program files (x86)\SecondLifeViewer2
    2011-02-23 15:51 . 2011-02-19 16:05 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2011-02-16 17:58 . 2010-12-03 09:05 15880 ----a-w- c:\windows\system32\lsdelete.exe
    2011-02-16 17:11 . 2011-02-16 17:11 -------- d-----w- c:\users\Davy\AppData\Roaming\Adobe Mini Bridge CS5
    2011-02-16 17:11 . 2011-02-16 17:11 -------- d-----w- c:\users\Davy\AppData\Roaming\StageManager.BD09281 8F67280F4B42B04877600987F0111B594.1
    2011-02-16 15:50 . 2010-12-03 09:05 69152 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2011-02-16 15:49 . 2011-02-16 15:49 -------- dc-h--w- c:\programdata\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
    2011-02-16 15:49 . 2011-02-16 15:50 -------- d-----w- c:\programdata\Lavasoft
    2011-02-16 15:49 . 2011-02-16 15:49 -------- d-----w- c:\program files (x86)\Lavasoft
    2011-02-16 15:13 . 2011-02-16 15:13 -------- d-----w- c:\windows\system32\appmgmt
    2011-02-16 06:18 . 2011-02-16 06:18 -------- d-----w- c:\program files (x86)\Common Files\Java
    2011-02-15 21:31 . 2011-02-15 21:51 -------- d-----w- c:\program files (x86)\FoxTabVideoConverter
    2011-02-13 17:14 . 2011-02-13 17:14 -------- d-----w- c:\program files (x86)\CamStudio
    2011-02-13 12:29 . 2011-02-20 11:40 -------- d-----w- c:\users\Davy\SC2 Builds
    2011-02-13 00:34 . 2011-02-13 00:54 -------- d-----w- c:\users\Davy\Calibre Bibliotheek
    2011-02-13 00:34 . 2011-02-13 00:37 -------- d-----w- c:\users\Davy\AppData\Roaming\calibre
    2011-02-13 00:33 . 2011-02-13 00:34 -------- d-----w- c:\program files (x86)\Calibre2
    2011-02-11 18:27 . 2011-02-11 18:27 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
    2011-02-11 18:26 . 2011-02-11 18:26 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
    2011-02-11 18:26 . 2011-02-11 18:26 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
    2011-02-11 18:24 . 2011-02-11 18:24 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
    2011-02-11 18:23 . 2011-02-11 18:23 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
    2011-02-11 18:22 . 2011-02-11 18:22 -------- d-----r- C:\MSOCache
    2011-02-09 20:31 . 2011-02-09 20:31 -------- d-----w- c:\users\Davy\Originele files website
    2011-02-09 20:01 . 2011-02-09 20:01 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
    2011-02-09 19:54 . 2011-02-09 19:54 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
    2011-02-08 18:35 . 2011-02-08 21:34 -------- d-----w- c:\users\Davy\AppData\Roaming\FileZilla
    2011-02-08 18:35 . 2011-02-08 18:35 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
    2011-02-07 20:56 . 2011-02-07 20:56 -------- d-----w- c:\program files (x86)\TeamViewer
    2011-02-07 20:53 . 2011-03-03 21:56 -------- d-----w- c:\users\Davy\AppData\Roaming\TeamViewer
    2011-02-07 20:51 . 2011-02-07 20:54 -------- d-----w- c:\users\Davy\AppData\Roaming\TeamViewer Manager
    2011-02-07 20:50 . 2011-02-07 20:55 -------- d-----w- c:\program files (x86)\TeamViewer Manager 5
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
    .
    2011-02-28 22:49 . 2010-11-21 16:36 724992 ----a-w- c:\windows\iun6002.exe
    2011-02-28 18:25 . 2011-01-21 21:33 525792 ----a-w- c:\windows\DIFxAPI.dll
    2011-02-02 20:40 . 2010-11-15 21:18 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2011-01-24 12:29 . 2011-01-21 21:32 1284712 ----a-w- c:\windows\RtlExUpd.dll
    2011-01-22 22:14 . 2011-01-22 22:14 53248 ----a-r- c:\users\Davy\AppData\Roaming\Microsoft\Installer\ {6BA13EFC-E8D0-4D37-AF04-42796CF0E8F5}\ARPPRODUCTICON.exe
    2011-01-19 17:26 . 2011-01-19 17:26 41984 ----a-w- c:\windows\system32\~WebUpdateHelper.exe
    2010-12-28 16:08 . 2011-01-19 21:37 466944 ----a-w- c:\windows\system32\odbc32.dll
    2010-12-28 15:55 . 2011-01-19 21:37 413696 ----a-w- c:\windows\SysWow64\odbc32.dll
    2010-12-14 17:51 . 2010-12-14 17:51 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
    2010-12-14 17:51 . 2010-12-14 17:51 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
    2010-12-14 16:15 . 2011-01-19 21:37 1251840 ----a-w- c:\windows\system32\sdclt.exe
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-03-07_20.17.27 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-01-21 03:19 . 2011-03-07 15:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
    + 2008-01-21 03:19 . 2011-03-09 15:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
    + 2008-01-21 03:19 . 2011-03-09 15:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-01-21 03:19 . 2011-03-07 15:25 32768 c:\windows\SysWOW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-01-21 03:19 . 2011-03-07 15:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
    + 2008-01-21 03:19 . 2011-03-09 15:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
    + 2008-01-21 02:09 . 2011-03-09 10:52 51358 c:\windows\system32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
    + 2006-11-02 15:44 . 2011-03-09 10:52 93188 c:\windows\system32\WDI\BootPerformanceDiagnostics _SystemData.bin
    + 2010-11-13 14:49 . 2011-03-09 10:52 12554 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3123923492-58721091-4175952637-1000_UserData.bin
    - 2010-11-13 14:46 . 2011-03-01 08:30 16384 c:\windows\system32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
    + 2010-11-13 14:46 . 2011-03-09 10:53 16384 c:\windows\system32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat
    - 2010-11-13 14:46 . 2011-03-01 08:30 32768 c:\windows\system32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2010-11-13 14:46 . 2011-03-09 10:53 32768 c:\windows\system32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2010-11-13 14:46 . 2011-03-01 08:30 16384 c:\windows\system32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
    + 2010-11-13 14:46 . 2011-03-09 10:53 16384 c:\windows\system32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at
    - 2010-11-14 12:38 . 2011-03-07 15:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
    + 2010-11-14 12:38 . 2011-03-09 08:55 16384 c:\windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
    - 2010-11-14 12:38 . 2011-03-07 15:25 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
    + 2010-11-14 12:38 . 2011-03-09 08:55 16384 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
    + 2011-03-09 10:43 . 2011-03-09 10:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
    - 2011-03-07 15:25 . 2011-03-07 15:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
    + 2011-03-09 10:43 . 2011-03-09 10:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
    - 2011-03-07 15:25 . 2011-03-07 15:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
    + 2011-03-08 15:39 . 2011-03-08 15:39 473088 c:\windows\Installer\{1BF4CB15-6055-452A-8487-021AE2D91208}\Crysis2Launcher.exe
    + 2011-03-08 15:39 . 2011-03-08 15:39 1584128 c:\windows\Installer\26e552.msi
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2010-11-13 39408]
    "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1555968]
    "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-01-03 15028104]
    "Dyyno Launcher"="c:\program files (x86)\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" [2011-02-24 2151776]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
    "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" [2008-08-14 611712]
    "Zboard"="c:\program files (x86)\Ideazon\ZEngine\Zboard.exe" [2009-06-04 57344]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-03 98304]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.ex e" [2010-02-22 406992]
    "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
    "Logitech G35"="c:\program files (x86)\Logitech\G35\G35.exe" [2010-10-05 1811800]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-01 421160]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-13 136176]
    R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-03-01 1405384]
    R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-01-09 4925184]
    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-12-14 51712]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0. 30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
    S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdi de64.sys [2007-10-12 10632]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-12-03 69152]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-30 834544]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 203776]
    S2 Dyyno Launcher;Dyyno Service;c:\program files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-02-24 415072]
    S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atik mdag.sys [2010-10-27 8012288]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atik mpag.sys [2010-10-27 287232]
    S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-04-27 57856]
    S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH6.sys [2010-08-16 114704]
    S3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.s ys [2010-09-29 62168]
    S3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.s ys [2010-09-29 377176]
    S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys [2006-09-18 55640]
    S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-21 38456]
    .
    .
    --- Andere Services/Drivers In Geheugen ---
    .
    *Deregistered* - Lavasoft Kernexplorer
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-13 15:32]
    .
    2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-13 15:32]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe" [2010-03-06 500208]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]
    .
    ------- Bijkomende Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.be/
    mStart Page = hxxp://home.sweetim.com
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Free YouTube Download - c:\users\Davy\AppData\Roaming\DVDVideoSoftIEHelper s\youtubedownload.htm
    IE: Free YouTube to Mp3 Converter - c:\users\Davy\AppData\Roaming\DVDVideoSoftIEHelper s\youtubetomp3.htm
    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E117 12C84EA7E12B.dll/cmsidewiki.html
    IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    FF - ProfilePath - c:\users\Davy\AppData\Roaming\Mozilla\Firefox\Prof iles\k4275di3.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
    FF - prefs.js: browser.search.selectedEngine - SweetIM Search
    FF - prefs.js: browser.startup.homepage - hxxp://s4.travian.com/dorf1.php|YouTube - Broadcast Yourself.
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
    FF - Ext: Firefox Sync: {340c2bbc-ce74-4362-90b5-7c26312808ef} - %profile%\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
    WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
    .
    .
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macrome d\\Flash\\FlashUtil10l_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUt il10l_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10 l.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10 l.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10 l.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10 l.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Ty peLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Ty peLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
    @="Shockwave Flash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Ty peLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
    @Denied: (A 2) (Everyone)
    @=""
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Ty peLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
    @="FlashBroker"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00 ,49,00,53,00,54,00,52,00,59,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00 ,5c,00,53,00,4f,00,46,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    Voltooingstijd: 2011-03-09 19:10:42
    ComboFix-quarantined-files.txt 2011-03-09 18:10
    ComboFix2.txt 2011-03-07 20:19
    .
    Pre-Run: 242.929.160.192 bytes beschikbaar
    Post-Run: 242.917.441.536 bytes beschikbaar
    .
    - - End Of File - - 9B1EBA0351809DAC5375642130262F25

  9. #9
    Approved 9-lifer iLu_RoX's schermafbeelding
    Lid sinds
    8/12/08
    Locatie
    Roeselare
    Berichten
    396
    iTrader
    6 (100%)
    En heb al gevonden wrm hij extreem slow opstart . maar hoe te fixen is een raadsel . Heb een USB HUB aangesloten en daar zoekt hij naar USB Storage devices maar daar zit alleen mijn G35 headset in ..

    Moest hier echter nog rommel bij zitten gooi ik die er met plezier af

  10. #10
    Member Juisterr's schermafbeelding
    Lid sinds
    10/11/06
    Locatie
    Oegstgeest
    Berichten
    2.529
    iTrader
    0
    Ga naar Start - Uitvoeren
    en Geef hier het volgende in: Combofix /Uninstall
    Druk daarna op OK.
    Als het goed is krijg je dan een melding dat Combofix verwijderd werd.

    Voorbeeld:

    http://home.kpn.nl/stefsmeenk/CFUninstall.PNG

    Uitvoeren kan ook gestart worden door de toetsencombinatie http://home.kpn.nl/stefsmeenk/W+R.jpg


    conduit zou ik wegdoen !

  11. #11
    Approved 9-lifer iLu_RoX's schermafbeelding
    Lid sinds
    8/12/08
    Locatie
    Roeselare
    Berichten
    396
    iTrader
    6 (100%)
    Ok done and thx

Discussie informatie

Users Browsing this Thread

Op dit moment bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •