SSL-certificaat van Xolphin Powered by Cloud VPS - High Availability Cloud Servers Steun Nucia, doneer!
Resultaten 1 tot 13 van de 13
  1. #1
    Schermafbeelding van Bonna V
    Technische vaardigheid
    3. Medium
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    49

    computer is heel traag

    sinds enkele dagen is mijn computer heel traag geworden, in alles wat ik doe.
    ik heb eerder al enkele scans gedaan en mijn harde schijven gedefragmenteerd maar tot nu allemaal zonder succes.

    het trage werken van de computer is op alle gebruikersaccounts, zoals deze van mij als administrator, als deze van mijn vrouw, zonder rechten

    zouden jullie mij kunnen helpen?

    hier mijn log:


    Code:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:11:39, on 3/09/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    
    Running processes:
    C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Mega Manager] C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe /Tray
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing)
    O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing)
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Spybot-S&D 2 Firewall Service (SDFirewallService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe
    O23 - Service: Spybot-S&D 2 Monitoring Service (SDMonitorService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe
    O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    
    --
    End of file - 11956 bytes
    Bedankt Nucia

  2. #2
    Schermafbeelding van Juisterr
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Malwarebytes
    Firewall
    router
    Berichten
    12.720
    Blog Berichten
    8
    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing)
    O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing)
    O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU)
    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)

    Klik op 'Fix checked' om de items te verwijderen.


    Download ComboFix van één van deze locaties:

    Link 1
    Link 2

    * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.

    >>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.


    1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

    * (hier of hier staat een handleiding over hoe je deze kan uitschakelen

    2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
    3. Dubbelklik op "Combofix.exe" om de tool te starten.
    4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

    * Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

    5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

  3. #3
    Schermafbeelding van Bonna V
    Technische vaardigheid
    3. Medium
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    49
    Hoi Juisterr, allereerst bedankt om te willen helpen!

    geselecteerde items in HijackThis zijn verwijdert

    Combofix deed zijn werk, computer werd heropgestart en (na een tijdje) kreeg ik het logbestand:


    ComboFix 11-09-03.01 - Vercauteren-Aerts 03/09/2011 21:58:26.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4095.2720 [GMT 2:00]
    Gestart vanuit: c:\users\Vercauteren-Aerts\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Vercauteren-Aerts\Documents\41a.jpg
    c:\windows\pl
    c:\windows\pl\WLXPGSS.SCR.mui
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-08-03 to 2011-09-03 ))))))))))))))))))))))))))))))
    .
    .
    2011-09-03 09:55 . 2011-09-03 09:55 388096 ----a-r- c:\users\Vercauteren-Aerts\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-09-03 09:55 . 2011-09-03 09:55 -------- d-----w- c:\program files (x86)\Trend Micro
    2011-09-02 08:06 . 2011-09-02 08:06 -------- d-----w- c:\users\Stéphanie\AppData\Local\{38BDEAE1-C291-4CD8-BA11-24BF56FC9527}
    2011-09-02 08:05 . 2011-09-02 08:06 -------- d-----w- c:\users\Stéphanie\AppData\Local\{B2E6D13E-07CA-4785-87BF-D25DC1A1D73B}
    2011-09-01 07:04 . 2011-09-01 07:04 -------- d-----w- c:\users\Stéphanie\AppData\Local\{89348119-B136-4BD8-B6DF-98058A136561}
    2011-09-01 07:04 . 2011-09-01 07:04 -------- d-----w- c:\users\Stéphanie\AppData\Local\{5DD41F85-73CD-4019-949F-83DB37AA7546}
    2011-08-31 15:34 . 2011-08-31 15:34 -------- d-----w- c:\users\Stéphanie\AppData\Local\{0AF5BBD2-CFF2-4555-AA11-7A955A6CA512}
    2011-08-31 15:33 . 2011-08-31 15:34 -------- d-----w- c:\users\Stéphanie\AppData\Local\{D550A81F-A2CA-49FE-802F-4FF6469FB784}
    2011-08-31 11:18 . 2011-08-31 11:18 -------- d-----w- c:\users\Stéphanie\AppData\Local\uTorrent
    2011-08-31 11:18 . 2011-09-01 21:01 -------- d-----w- c:\users\Stéphanie\AppData\Roaming\uTorrent
    2011-08-31 07:17 . 2011-08-31 07:17 -------- d-----w- c:\users\Stéphanie\AppData\Local\{7E201BCB-76F5-4775-9F4F-01215AB0C0B7}
    2011-08-31 07:17 . 2011-08-31 07:17 -------- d-----w- c:\users\Stéphanie\AppData\Local\{3FF3C9F3-3BBC-4F34-9213-615426014383}
    2011-08-30 11:37 . 2011-08-30 11:37 -------- d-----w- c:\users\Stéphanie\AppData\Roaming\WinRAR
    2011-08-30 11:35 . 2011-08-30 11:35 -------- d-----w- c:\users\Stéphanie\AppData\Roaming\Megaupload
    2011-08-30 09:00 . 2011-08-30 09:00 -------- d-----w- c:\users\Stéphanie\AppData\Local\{543177B9-DAE8-4B72-BB61-983E51177297}
    2011-08-30 08:59 . 2011-08-30 09:00 -------- d-----w- c:\users\Stéphanie\AppData\Local\{2EEF918B-7BC0-4705-BC62-7BDE71F93ADC}
    2011-08-30 01:41 . 2011-08-30 01:41 -------- d-----w- c:\program files (x86)\uTorrent
    2011-08-30 01:40 . 2011-09-03 20:05 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Roaming\uTorrent
    2011-08-30 01:40 . 2011-08-30 01:40 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Local\uTorrent
    2011-08-30 01:10 . 2011-08-30 01:10 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Roaming\JAM Software
    2011-08-30 01:10 . 2011-08-30 01:10 -------- d-----w- c:\program files (x86)\JAM Software
    2011-08-30 00:59 . 2011-08-30 00:59 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Local\ElevatedDiagnostics
    2011-08-29 23:51 . 2011-08-29 23:55 -------- d-----w- c:\program files (x86)\SpywareGuard
    2011-08-29 23:49 . 2011-08-29 23:49 -------- d-----w- c:\program files (x86)\SpywareBlaster
    2011-08-28 22:14 . 2011-08-28 21:05 16432 ----a-w- c:\windows\system32\lsdelete.exe
    2011-08-28 21:02 . 2011-08-18 13:25 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2011-08-28 21:02 . 2011-08-28 21:02 -------- d-----w- c:\program files (x86)\Lavasoft
    2011-08-28 08:50 . 2011-08-28 08:50 -------- d-----w- c:\users\Stéphanie\AppData\Local\{BB031A93-E1EC-4538-BE19-4A942937086C}
    2011-08-28 08:50 . 2011-08-28 08:50 -------- d-----w- c:\users\Stéphanie\AppData\Local\{394CE5A3-7BEF-44C1-B3D2-4FCF22297182}
    2011-08-26 14:49 . 2011-08-26 14:49 -------- d-----w- c:\users\Stéphanie\AppData\Local\{EB97ECE4-97DA-4A43-BB03-3A56A94E989A}
    2011-08-26 14:48 . 2011-08-26 14:49 -------- d-----w- c:\users\Stéphanie\AppData\Local\{49B14129-A7BE-4EFE-BA9E-3E97EB412337}
    2011-08-25 08:40 . 2011-08-25 08:40 -------- d-----w- c:\users\Stéphanie\AppData\Local\{71BC12A3-FFFC-48F1-9B58-1BCE327948B7}
    2011-08-25 08:40 . 2011-08-25 08:40 -------- d-----w- c:\users\Stéphanie\AppData\Local\{46C7465B-7F11-4A75-8EE3-E10328FB1A5B}
    2011-08-24 21:46 . 2003-02-27 14:12 696320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
    2011-08-24 21:46 . 2002-12-05 12:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
    2011-08-24 21:46 . 2002-12-02 13:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
    2011-08-24 21:46 . 2002-12-02 11:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
    2011-08-24 21:46 . 2002-12-02 11:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
    2011-08-24 21:46 . 2011-08-24 21:46 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
    2011-08-24 21:46 . 2011-08-24 21:46 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
    2011-08-24 09:58 . 2011-07-09 05:26 2048 ----a-w- c:\windows\system32\tzres.dll
    2011-08-24 09:58 . 2011-07-09 04:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
    2011-08-18 18:52 . 2011-08-18 18:52 -------- d-----w- c:\users\Stéphanie\AppData\Local\{8AB15A6E-79DF-4B7C-9A42-8DE190D3C8F5}
    2011-08-18 18:52 . 2011-08-18 18:52 -------- d-----w- c:\users\Stéphanie\AppData\Local\{6AEDDD6D-1866-4CD9-AF38-98AF7C06A903}
    2011-08-18 16:40 . 2011-08-18 16:40 -------- d-----w- c:\users\Stéphanie\AppData\Local\{48A4DFC4-1968-4AD6-BAE4-DE213C397E36}
    2011-08-18 16:40 . 2011-08-18 16:40 -------- d-----w- c:\users\Stéphanie\AppData\Local\{A4F378C8-B19B-4904-9D79-9B8FFD40CC9A}
    2011-08-16 08:41 . 2011-08-16 08:41 -------- d-----w- c:\users\Stéphanie\AppData\Local\{85E7474B-A553-407B-B38D-7C6DFC807F4A}
    2011-08-16 08:41 . 2011-08-16 08:41 -------- d-----w- c:\users\Stéphanie\AppData\Local\{6E6E17F0-5602-4358-9B76-A556DEBC4D10}
    2011-08-15 17:27 . 2011-08-15 17:27 -------- d-----w- c:\users\Stéphanie\AppData\Local\{B5E07DE2-CDD0-41A3-937F-9827B9133A8E}
    2011-08-15 17:27 . 2011-08-15 17:27 -------- d-----w- c:\users\Stéphanie\AppData\Local\{6AE5A47C-952C-431F-82D6-9578C7858136}
    2011-08-13 08:12 . 2011-08-13 08:13 -------- d-----w- c:\users\Stéphanie\AppData\Local\{D95AED78-3D43-4DAE-84D5-33BEB5AD9482}
    2011-08-13 08:12 . 2011-08-13 08:12 -------- d-----w- c:\users\Stéphanie\AppData\Local\{94EA823A-10E4-4178-9DD5-E88891D1399A}
    2011-08-10 20:51 . 2011-08-10 20:51 -------- d-sh--w- c:\windows\system32\%APPDATA%
    2011-08-10 15:50 . 2011-08-10 15:50 -------- d-----w- c:\users\Stéphanie\AppData\Local\{ACE55C5E-9CC8-4C73-A90D-FC0DBFD1F970}
    2011-08-10 15:50 . 2011-08-10 15:50 -------- d-----w- c:\users\Stéphanie\AppData\Local\{ED389604-6912-4188-8DA9-F3BB1EDFDE44}
    2011-08-10 15:21 . 2011-06-23 05:43 5561216 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-08-10 15:21 . 2011-06-23 04:33 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
    2011-08-10 15:21 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
    2011-08-09 11:42 . 2011-08-30 11:29 -------- d-----w- c:\users\Stéphanie\AppData\Local\Windows Live
    2011-08-09 11:41 . 2011-08-09 11:42 -------- d-----w- c:\users\Stéphanie\AppData\Local\{47E821A0-37EF-4455-9B7D-1E8096D886B3}
    2011-08-07 12:58 . 2011-08-25 13:28 -------- d-----w- C:\Downloads
    2011-08-07 12:39 . 2011-08-07 12:39 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Local\ContainerEx
    2011-08-07 12:39 . 2011-08-07 12:39 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Local\Xenocode
    2011-08-05 20:57 . 2011-08-05 20:57 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Roaming\WinAVI
    2011-08-05 20:57 . 2011-08-05 20:57 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Local\WinAVI
    2011-08-05 20:57 . 2011-08-05 20:57 -------- d-----w- c:\program files (x86)\WinAVI
    2011-08-05 20:49 . 2011-08-05 20:49 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Roaming\Ashampoo
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-08-14 10:55 . 2011-07-05 20:37 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-07-16 04:26 . 2011-08-10 15:22 44032 ----a-w- c:\windows\apppatch\acwow64.dll
    2011-07-11 09:17 . 2011-07-11 09:17 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
    2011-07-11 09:17 . 2011-07-11 09:17 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
    2011-07-11 09:17 . 2011-07-11 09:17 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
    2011-07-11 09:17 . 2011-07-11 09:17 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
    2011-07-11 09:17 . 2011-07-11 09:17 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
    2011-07-11 09:17 . 2011-07-11 09:17 367104 ----a-w- c:\windows\SysWow64\html.iec
    2011-07-11 09:17 . 2011-07-11 09:17 161792 ----a-w- c:\windows\SysWow64\msls31.dll
    2011-07-11 09:17 . 2011-07-11 09:17 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
    2011-07-11 09:17 . 2011-07-11 09:17 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2011-07-11 09:17 . 2011-07-11 09:17 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2011-07-11 09:17 . 2011-07-11 09:17 85504 ----a-w- c:\windows\system32\iesetup.dll
    2011-07-11 09:17 . 2011-07-11 09:17 76800 ----a-w- c:\windows\system32\tdc.ocx
    2011-07-11 09:17 . 2011-07-11 09:17 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
    2011-07-11 09:17 . 2011-07-11 09:17 603648 ----a-w- c:\windows\system32\vbscript.dll
    2011-07-11 09:17 . 2011-07-11 09:17 49664 ----a-w- c:\windows\system32\imgutil.dll
    2011-07-11 09:17 . 2011-07-11 09:17 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2011-07-11 09:17 . 2011-07-11 09:17 448512 ----a-w- c:\windows\system32\html.iec
    2011-07-11 09:17 . 2011-07-11 09:17 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
    2011-07-11 09:17 . 2011-07-11 09:17 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
    2011-07-11 09:17 . 2011-07-11 09:17 30720 ----a-w- c:\windows\system32\licmgr10.dll
    2011-07-11 09:17 . 2011-07-11 09:17 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
    2011-07-11 09:17 . 2011-07-11 09:17 222208 ----a-w- c:\windows\system32\msls31.dll
    2011-07-11 09:17 . 2011-07-11 09:17 173056 ----a-w- c:\windows\system32\ieUnatt.exe
    2011-07-11 09:17 . 2011-07-11 09:17 165888 ----a-w- c:\windows\system32\iexpress.exe
    2011-07-11 09:17 . 2011-07-11 09:17 160256 ----a-w- c:\windows\system32\wextract.exe
    2011-07-11 09:17 . 2011-07-11 09:17 152064 ----a-w- c:\windows\SysWow64\wextract.exe
    2011-07-11 09:17 . 2011-07-11 09:17 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
    2011-07-11 09:17 . 2011-07-11 09:17 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-07-11 09:17 . 2011-07-11 09:17 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
    2011-07-11 09:17 . 2011-07-11 09:17 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
    2011-07-11 09:17 . 2011-07-11 09:17 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
    2011-07-11 09:17 . 2011-07-11 09:17 12288 ----a-w- c:\windows\system32\mshta.exe
    2011-07-11 09:17 . 2011-07-11 09:17 11776 ----a-w- c:\windows\SysWow64\mshta.exe
    2011-07-11 09:17 . 2011-07-11 09:17 114176 ----a-w- c:\windows\system32\admparse.dll
    2011-07-11 09:17 . 2011-07-11 09:17 111616 ----a-w- c:\windows\system32\iesysprep.dll
    2011-07-11 09:17 . 2011-07-11 09:17 101888 ----a-w- c:\windows\SysWow64\admparse.dll
    2011-07-06 17:52 . 2011-06-18 19:58 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-07-06 17:52 . 2011-06-18 19:58 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-07-04 11:43 . 2011-07-25 09:12 40112 ----a-w- c:\windows\avastSS.scr
    2011-07-04 11:43 . 2011-07-25 09:12 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
    2011-07-04 11:43 . 2011-07-25 09:13 253888 ----a-w- c:\windows\system32\aswBoot.exe
    2011-07-04 11:37 . 2011-07-25 09:41 129368 ----a-w- c:\windows\system32\drivers\aswFW.sys
    2011-07-04 11:36 . 2011-07-25 09:13 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-07-04 11:36 . 2011-07-25 09:13 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2011-07-04 11:36 . 2011-07-25 09:41 257368 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
    2011-07-04 11:35 . 2011-07-25 09:13 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-07-04 11:32 . 2011-07-25 09:13 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-07-04 11:32 . 2011-07-25 09:13 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-07-04 11:32 . 2011-07-25 09:13 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-07-04 11:12 . 2011-07-25 09:41 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
    2011-06-28 21:10 . 2011-06-18 21:14 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2011-06-11 03:07 . 2011-07-13 10:26 3137536 ----a-w- c:\windows\system32\win32k.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
    "Mega Manager"="c:\program files (x86)\Megaupload\Mega Manager\MegaManager.exe" [2010-11-03 2113024]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-12-09 336384]
    "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
    "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
    "SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2011-05-10 5607080]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
    "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
    .
    c:\users\Vercauteren-Aerts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe\0lsdelete
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-18 136176]
    R2 SDMonitorService;Spybot-S&D 2 Monitoring Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe [2011-05-10 3834456]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2011-05-10 3515656]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-18 136176]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [x]
    S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [x]
    S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
    S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
    S1 aswFW;avast! TDI Firewall driver; [x]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-12-09 354304]
    S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
    S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2011-07-04 121000]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-08-31 2151640]
    S2 SDFirewallService;Spybot-S&D 2 Firewall Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe [2011-05-10 3585696]
    S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2011-05-10 3769048]
    S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2011-05-11 167040]
    S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-08-28 17152]
    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [x]
    S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
    .
    .
    --- Andere Services/Drivers In Geheugen ---
    .
    *NewlyCreated* - LAVASOFT_KERNEXPLORER
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-09-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-08-18 21:04]
    .
    2011-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-18 18:46]
    .
    2011-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-18 18:46]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00 avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-07-04 11:43 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-13 11774568]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Bijkomende Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Download Link Using Mega Manager... - c:\program files (x86)\Megaupload\Mega Manager\mm_file.htm
    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\Vercauteren-Aerts\AppData\Roaming\Mozilla\Firefox\Profiles\aihdi746.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=ddrnw
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    AddRemove-FileZilla Client - c:\program files (x86)\FileZilla FTP Client\uninstall.exe
    .
    .
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Andere Aktieve Processen ------------------------
    .
    c:\program files\AVAST Software\Avast\AvastSvc.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-09-03 22:25:15 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-09-03 20:25
    .
    Pre-Run: 799.861.047.296 bytes beschikbaar
    Post-Run: 815.014.350.848 bytes beschikbaar
    .
    - - End Of File - - 7074937497DAE6DB70DB23810149D358[/CODE]

    is het beter om het logbestand tussen de code-tags te plaatsen of hebt u het liever voluit?
    Laatst gewijzigd door Juisterr; 04-09-11 om 12:28.
    Bedankt Nucia

  4. #4
    Schermafbeelding van Juisterr
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Malwarebytes
    Firewall
    router
    Berichten
    12.720
    Blog Berichten
    8
    Wil je Spybot - Search & Destroy en Teatimer even helemaal willen verwijderen aub en dan combofix nogmaals starten en de uitslag ervan plaatsen.

  5. #5
    Schermafbeelding van Bonna V
    Technische vaardigheid
    3. Medium
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    49
    SSD volledig gedeïnstalleerd, enkel 1 bestandje kon niet worden verwijdert: 'SDCoffPH.dll'. Is mij teatimer dan ook onmiddellijk gedeïnstalleerd?

    nog even doorgeven dat ik vanaf morgenvroeg tot vrijdagavond niet meer thuis ben en niet meer op deze computer kan werken. Vanaf dat ik terug hier ben, volg ik zeker en vast uw 'commando's' op!

    hier mijn logje:


    ComboFix 11-09-03.01 - Vercauteren-Aerts 04/09/2011 17:54:15.2.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.4095.2898 [GMT 2:00]
    Gestart vanuit: c:\users\Vercauteren-Aerts\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-08-04 to 2011-09-04 ))))))))))))))))))))))))))))))
    .
    .
    2011-09-04 15:59 . 2011-09-04 15:59 -------- d-----w- c:\users\Stéphanie\AppData\Local\temp
    2011-09-04 15:59 . 2011-09-04 15:59 -------- d-----w- c:\users\Gast\AppData\Local\temp
    2011-09-04 15:59 . 2011-09-04 15:59 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-09-03 09:55 . 2011-09-03 09:55 388096 ----a-r- c:\users\Vercauteren-Aerts\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-09-03 09:55 . 2011-09-03 09:55 -------- d-----w- c:\program files (x86)\Trend Micro
    2011-09-02 08:06 . 2011-09-02 08:06 -------- d-----w- c:\users\Stéphanie\AppData\Local\{38BDEAE1-C291-4CD8-BA11-24BF56FC9527}
    2011-09-02 08:05 . 2011-09-02 08:06 -------- d-----w- c:\users\Stéphanie\AppData\Local\{B2E6D13E-07CA-4785-87BF-D25DC1A1D73B}
    2011-09-01 07:04 . 2011-09-01 07:04 -------- d-----w- c:\users\Stéphanie\AppData\Local\{89348119-B136-4BD8-B6DF-98058A136561}
    2011-09-01 07:04 . 2011-09-01 07:04 -------- d-----w- c:\users\Stéphanie\AppData\Local\{5DD41F85-73CD-4019-949F-83DB37AA7546}
    2011-08-31 15:34 . 2011-08-31 15:34 -------- d-----w- c:\users\Stéphanie\AppData\Local\{0AF5BBD2-CFF2-4555-AA11-7A955A6CA512}
    2011-08-31 15:33 . 2011-08-31 15:34 -------- d-----w- c:\users\Stéphanie\AppData\Local\{D550A81F-A2CA-49FE-802F-4FF6469FB784}
    2011-08-31 11:18 . 2011-08-31 11:18 -------- d-----w- c:\users\Stéphanie\AppData\Local\uTorrent
    2011-08-31 11:18 . 2011-09-01 21:01 -------- d-----w- c:\users\Stéphanie\AppData\Roaming\uTorrent
    2011-08-31 07:17 . 2011-08-31 07:17 -------- d-----w- c:\users\Stéphanie\AppData\Local\{7E201BCB-76F5-4775-9F4F-01215AB0C0B7}
    2011-08-31 07:17 . 2011-08-31 07:17 -------- d-----w- c:\users\Stéphanie\AppData\Local\{3FF3C9F3-3BBC-4F34-9213-615426014383}
    2011-08-30 11:37 . 2011-08-30 11:37 -------- d-----w- c:\users\Stéphanie\AppData\Roaming\WinRAR
    2011-08-30 11:35 . 2011-08-30 11:35 -------- d-----w- c:\users\Stéphanie\AppData\Roaming\Megaupload
    2011-08-30 09:00 . 2011-08-30 09:00 -------- d-----w- c:\users\Stéphanie\AppData\Local\{543177B9-DAE8-4B72-BB61-983E51177297}
    2011-08-30 08:59 . 2011-08-30 09:00 -------- d-----w- c:\users\Stéphanie\AppData\Local\{2EEF918B-7BC0-4705-BC62-7BDE71F93ADC}
    2011-08-30 01:41 . 2011-08-30 01:41 -------- d-----w- c:\program files (x86)\uTorrent
    2011-08-30 01:40 . 2011-09-03 22:42 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Roaming\uTorrent
    2011-08-30 01:40 . 2011-08-30 01:40 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Local\uTorrent
    2011-08-30 01:10 . 2011-08-30 01:10 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Roaming\JAM Software
    2011-08-30 01:10 . 2011-08-30 01:10 -------- d-----w- c:\program files (x86)\JAM Software
    2011-08-30 00:59 . 2011-08-30 00:59 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Local\ElevatedDiagnostics
    2011-08-29 23:51 . 2011-08-29 23:55 -------- d-----w- c:\program files (x86)\SpywareGuard
    2011-08-29 23:49 . 2011-08-29 23:49 -------- d-----w- c:\program files (x86)\SpywareBlaster
    2011-08-28 22:14 . 2011-08-28 21:05 16432 ----a-w- c:\windows\system32\lsdelete.exe
    2011-08-28 21:02 . 2011-08-18 13:25 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2011-08-28 21:02 . 2011-08-28 21:02 -------- d-----w- c:\program files (x86)\Lavasoft
    2011-08-28 08:50 . 2011-08-28 08:50 -------- d-----w- c:\users\Stéphanie\AppData\Local\{BB031A93-E1EC-4538-BE19-4A942937086C}
    2011-08-28 08:50 . 2011-08-28 08:50 -------- d-----w- c:\users\Stéphanie\AppData\Local\{394CE5A3-7BEF-44C1-B3D2-4FCF22297182}
    2011-08-26 14:49 . 2011-08-26 14:49 -------- d-----w- c:\users\Stéphanie\AppData\Local\{EB97ECE4-97DA-4A43-BB03-3A56A94E989A}
    2011-08-26 14:48 . 2011-08-26 14:49 -------- d-----w- c:\users\Stéphanie\AppData\Local\{49B14129-A7BE-4EFE-BA9E-3E97EB412337}
    2011-08-25 08:40 . 2011-08-25 08:40 -------- d-----w- c:\users\Stéphanie\AppData\Local\{71BC12A3-FFFC-48F1-9B58-1BCE327948B7}
    2011-08-25 08:40 . 2011-08-25 08:40 -------- d-----w- c:\users\Stéphanie\AppData\Local\{46C7465B-7F11-4A75-8EE3-E10328FB1A5B}
    2011-08-24 21:46 . 2003-02-27 14:12 696320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
    2011-08-24 21:46 . 2002-12-05 12:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
    2011-08-24 21:46 . 2002-12-02 13:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
    2011-08-24 21:46 . 2002-12-02 11:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
    2011-08-24 21:46 . 2002-12-02 11:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
    2011-08-24 21:46 . 2011-08-24 21:46 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
    2011-08-24 21:46 . 2011-08-24 21:46 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
    2011-08-24 09:58 . 2011-07-09 05:26 2048 ----a-w- c:\windows\system32\tzres.dll
    2011-08-24 09:58 . 2011-07-09 04:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
    2011-08-18 18:52 . 2011-08-18 18:52 -------- d-----w- c:\users\Stéphanie\AppData\Local\{8AB15A6E-79DF-4B7C-9A42-8DE190D3C8F5}
    2011-08-18 18:52 . 2011-08-18 18:52 -------- d-----w- c:\users\Stéphanie\AppData\Local\{6AEDDD6D-1866-4CD9-AF38-98AF7C06A903}
    2011-08-18 16:40 . 2011-08-18 16:40 -------- d-----w- c:\users\Stéphanie\AppData\Local\{48A4DFC4-1968-4AD6-BAE4-DE213C397E36}
    2011-08-18 16:40 . 2011-08-18 16:40 -------- d-----w- c:\users\Stéphanie\AppData\Local\{A4F378C8-B19B-4904-9D79-9B8FFD40CC9A}
    2011-08-16 08:41 . 2011-08-16 08:41 -------- d-----w- c:\users\Stéphanie\AppData\Local\{85E7474B-A553-407B-B38D-7C6DFC807F4A}
    2011-08-16 08:41 . 2011-08-16 08:41 -------- d-----w- c:\users\Stéphanie\AppData\Local\{6E6E17F0-5602-4358-9B76-A556DEBC4D10}
    2011-08-15 17:27 . 2011-08-15 17:27 -------- d-----w- c:\users\Stéphanie\AppData\Local\{B5E07DE2-CDD0-41A3-937F-9827B9133A8E}
    2011-08-15 17:27 . 2011-08-15 17:27 -------- d-----w- c:\users\Stéphanie\AppData\Local\{6AE5A47C-952C-431F-82D6-9578C7858136}
    2011-08-13 08:12 . 2011-08-13 08:13 -------- d-----w- c:\users\Stéphanie\AppData\Local\{D95AED78-3D43-4DAE-84D5-33BEB5AD9482}
    2011-08-13 08:12 . 2011-08-13 08:12 -------- d-----w- c:\users\Stéphanie\AppData\Local\{94EA823A-10E4-4178-9DD5-E88891D1399A}
    2011-08-10 20:51 . 2011-08-10 20:51 -------- d-sh--w- c:\windows\system32\%APPDATA%
    2011-08-10 15:50 . 2011-08-10 15:50 -------- d-----w- c:\users\Stéphanie\AppData\Local\{ACE55C5E-9CC8-4C73-A90D-FC0DBFD1F970}
    2011-08-10 15:50 . 2011-08-10 15:50 -------- d-----w- c:\users\Stéphanie\AppData\Local\{ED389604-6912-4188-8DA9-F3BB1EDFDE44}
    2011-08-10 15:21 . 2011-06-23 05:43 5561216 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-08-10 15:21 . 2011-06-23 04:33 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
    2011-08-10 15:21 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
    2011-08-09 11:42 . 2011-08-30 11:29 -------- d-----w- c:\users\Stéphanie\AppData\Local\Windows Live
    2011-08-09 11:41 . 2011-08-09 11:42 -------- d-----w- c:\users\Stéphanie\AppData\Local\{47E821A0-37EF-4455-9B7D-1E8096D886B3}
    2011-08-07 12:58 . 2011-08-25 13:28 -------- d-----w- C:\Downloads
    2011-08-07 12:39 . 2011-08-07 12:39 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Local\ContainerEx
    2011-08-07 12:39 . 2011-08-07 12:39 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Local\Xenocode
    2011-08-05 20:57 . 2011-08-05 20:57 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Roaming\WinAVI
    2011-08-05 20:57 . 2011-08-05 20:57 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Local\WinAVI
    2011-08-05 20:57 . 2011-08-05 20:57 -------- d-----w- c:\program files (x86)\WinAVI
    2011-08-05 20:49 . 2011-08-05 20:49 -------- d-----w- c:\users\Vercauteren-Aerts\AppData\Roaming\Ashampoo
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-08-14 10:55 . 2011-07-05 20:37 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-07-16 04:26 . 2011-08-10 15:22 44032 ----a-w- c:\windows\apppatch\acwow64.dll
    2011-07-11 09:17 . 2011-07-11 09:17 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
    2011-07-11 09:17 . 2011-07-11 09:17 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
    2011-07-11 09:17 . 2011-07-11 09:17 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
    2011-07-11 09:17 . 2011-07-11 09:17 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
    2011-07-11 09:17 . 2011-07-11 09:17 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
    2011-07-11 09:17 . 2011-07-11 09:17 367104 ----a-w- c:\windows\SysWow64\html.iec
    2011-07-11 09:17 . 2011-07-11 09:17 161792 ----a-w- c:\windows\SysWow64\msls31.dll
    2011-07-11 09:17 . 2011-07-11 09:17 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
    2011-07-11 09:17 . 2011-07-11 09:17 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2011-07-11 09:17 . 2011-07-11 09:17 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2011-07-11 09:17 . 2011-07-11 09:17 85504 ----a-w- c:\windows\system32\iesetup.dll
    2011-07-11 09:17 . 2011-07-11 09:17 76800 ----a-w- c:\windows\system32\tdc.ocx
    2011-07-11 09:17 . 2011-07-11 09:17 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
    2011-07-11 09:17 . 2011-07-11 09:17 603648 ----a-w- c:\windows\system32\vbscript.dll
    2011-07-11 09:17 . 2011-07-11 09:17 49664 ----a-w- c:\windows\system32\imgutil.dll
    2011-07-11 09:17 . 2011-07-11 09:17 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2011-07-11 09:17 . 2011-07-11 09:17 448512 ----a-w- c:\windows\system32\html.iec
    2011-07-11 09:17 . 2011-07-11 09:17 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
    2011-07-11 09:17 . 2011-07-11 09:17 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
    2011-07-11 09:17 . 2011-07-11 09:17 30720 ----a-w- c:\windows\system32\licmgr10.dll
    2011-07-11 09:17 . 2011-07-11 09:17 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
    2011-07-11 09:17 . 2011-07-11 09:17 222208 ----a-w- c:\windows\system32\msls31.dll
    2011-07-11 09:17 . 2011-07-11 09:17 173056 ----a-w- c:\windows\system32\ieUnatt.exe
    2011-07-11 09:17 . 2011-07-11 09:17 165888 ----a-w- c:\windows\system32\iexpress.exe
    2011-07-11 09:17 . 2011-07-11 09:17 160256 ----a-w- c:\windows\system32\wextract.exe
    2011-07-11 09:17 . 2011-07-11 09:17 152064 ----a-w- c:\windows\SysWow64\wextract.exe
    2011-07-11 09:17 . 2011-07-11 09:17 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
    2011-07-11 09:17 . 2011-07-11 09:17 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-07-11 09:17 . 2011-07-11 09:17 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
    2011-07-11 09:17 . 2011-07-11 09:17 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
    2011-07-11 09:17 . 2011-07-11 09:17 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
    2011-07-11 09:17 . 2011-07-11 09:17 12288 ----a-w- c:\windows\system32\mshta.exe
    2011-07-11 09:17 . 2011-07-11 09:17 11776 ----a-w- c:\windows\SysWow64\mshta.exe
    2011-07-11 09:17 . 2011-07-11 09:17 114176 ----a-w- c:\windows\system32\admparse.dll
    2011-07-11 09:17 . 2011-07-11 09:17 111616 ----a-w- c:\windows\system32\iesysprep.dll
    2011-07-11 09:17 . 2011-07-11 09:17 101888 ----a-w- c:\windows\SysWow64\admparse.dll
    2011-07-06 17:52 . 2011-06-18 19:58 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-07-06 17:52 . 2011-06-18 19:58 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-07-04 11:43 . 2011-07-25 09:12 40112 ----a-w- c:\windows\avastSS.scr
    2011-07-04 11:43 . 2011-07-25 09:12 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
    2011-07-04 11:43 . 2011-07-25 09:13 253888 ----a-w- c:\windows\system32\aswBoot.exe
    2011-07-04 11:37 . 2011-07-25 09:41 129368 ----a-w- c:\windows\system32\drivers\aswFW.sys
    2011-07-04 11:36 . 2011-07-25 09:13 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-07-04 11:36 . 2011-07-25 09:13 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2011-07-04 11:36 . 2011-07-25 09:41 257368 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
    2011-07-04 11:35 . 2011-07-25 09:13 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-07-04 11:32 . 2011-07-25 09:13 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-07-04 11:32 . 2011-07-25 09:13 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-07-04 11:32 . 2011-07-25 09:13 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-07-04 11:12 . 2011-07-25 09:41 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
    2011-06-28 21:10 . 2011-06-18 21:14 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2011-06-11 03:07 . 2011-07-13 10:26 3137536 ----a-w- c:\windows\system32\win32k.sys
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-09-03_20.08.57 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2011-06-21 21:09 . 2011-09-04 16:01 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    - 2011-06-21 21:09 . 2011-09-03 20:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2009-07-14 04:54 . 2011-09-04 16:01 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-07-14 04:54 . 2011-09-03 20:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-07-14 04:54 . 2011-09-04 16:01 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2011-09-03 20:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-07-14 04:54 . 2011-09-04 16:01 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.d at
    - 2009-07-14 04:54 . 2011-09-03 20:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.d at
    - 2009-07-14 05:10 . 2011-09-03 20:10 55802 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 05:10 . 2011-09-04 16:03 55802 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    + 2011-06-18 18:52 . 2011-09-04 16:03 10528 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3902010895-3865875327-1742431247-1001_UserData.bin
    - 2011-06-26 01:26 . 2011-09-03 20:06 3166 c:\windows\system32\wdi\ERCQueuedResolutions.dat
    + 2011-06-26 01:26 . 2011-09-04 15:59 3166 c:\windows\system32\wdi\ERCQueuedResolutions.dat
    - 2011-09-03 20:07 . 2011-09-03 20:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2011-09-04 16:01 . 2011-09-04 16:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2011-09-03 20:07 . 2011-09-03 20:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2011-09-04 16:01 . 2011-09-04 16:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2009-07-14 05:01 . 2011-09-03 20:06 407648 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2009-07-14 05:01 . 2011-09-04 15:59 407648 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    - 2011-03-11 22:13 . 2011-09-03 20:06 1926784 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
    + 2011-03-11 22:13 . 2011-09-04 15:59 1926784 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
    + 2011-06-18 23:28 . 2011-09-04 15:59 2375352 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3902010895-3865875327-1742431247-1001-12288.dat
    - 2011-06-18 23:28 . 2011-09-03 20:06 2375352 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3902010895-3865875327-1742431247-1001-12288.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
    "Mega Manager"="c:\program files (x86)\Megaupload\Mega Manager\MegaManager.exe" [2010-11-03 2113024]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-12-09 336384]
    "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
    "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
    "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
    .
    c:\users\Vercauteren-Aerts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe\0lsdelete
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-18 136176]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-18 136176]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [x]
    S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [x]
    S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
    S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
    S1 aswFW;avast! TDI Firewall driver; [x]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-12-09 354304]
    S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
    S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2011-07-04 121000]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-08-31 2151640]
    S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-08-28 17152]
    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [x]
    S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
    .
    .
    --- Andere Services/Drivers In Geheugen ---
    .
    *NewlyCreated* - LAVASOFT_KERNEXPLORER
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-09-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-08-18 21:04]
    .
    2011-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-18 18:46]
    .
    2011-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-18 18:46]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00 avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-07-04 11:43 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-13 11774568]
    .
    ------- Bijkomende Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Download Link Using Mega Manager... - c:\program files (x86)\Megaupload\Mega Manager\mm_file.htm
    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\Vercauteren-Aerts\AppData\Roaming\Mozilla\Firefox\Profiles\aihdi746.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=ddrnw
    .
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="ChromeHTML"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Andere Aktieve Processen ------------------------
    .
    c:\program files\AVAST Software\Avast\AvastSvc.exe
    c:\program files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-09-04 18:19:17 - machine werd herstart
    ComboFix-quarantined-files.txt 2011-09-04 16:19
    ComboFix2.txt 2011-09-03 20:25
    .
    Pre-Run: 826.494.308.352 bytes beschikbaar
    Post-Run: 826.194.665.472 bytes beschikbaar
    .
    - - End Of File - - 3FA67CEF187F4EE2550D0CD2D7293519
    Bedankt Nucia

  6. #6
    Schermafbeelding van Juisterr
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Malwarebytes
    Firewall
    router
    Berichten
    12.720
    Blog Berichten
    8
    Lavasoft Ad-Watch is er ook nog zie ik.

    Wil je een controle logje plaatsen van HijackThis en vertellen hoe het nu staat met de problemen ?

  7. #7
    Schermafbeelding van Bonna V
    Technische vaardigheid
    3. Medium
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    49
    Citaat Oorspronkelijk geplaatst door Juisterr Bekijk Berichten
    Lavasoft Ad-Watch is er ook nog zie ik.
    is dit verder een probleem?

    Citaat Oorspronkelijk geplaatst door Juisterr Bekijk Berichten
    Wil je een controle logje plaatsen van HijackThis en vertellen hoe het nu staat met de problemen ?
    nadat ik enkele uren op de computer te hebben gewerkt, heb ik het gevoel dat het weer veel sneller gaat ... zou het kunnen dat die Spybot Search&Destroy daarmee te maken heeft? Ik dacht dat al eens ergens te hebben gelezen.
    Enkel bij het maken van een rar-bestand gaat alles iets trager, maar dat is volgens mij normaal. Als ik verder nog 'onregelmatigheden' zie post ik deze nog.

    EDIT: als ik in chrome een tekst selecteer, rechtermuisknop gebruikt verschijnt de tekst: "facemoods doorzoeken op -geselecteerde tekst-"
    volgens mij niet echt normaal?

    log-file HijackThis:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 18:59:02, on 4/09/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Mega Manager] C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe /Tray
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10077 bytes
    Laatst gewijzigd door Bonna V; 04-09-11 om 18:08.
    Bedankt Nucia

  8. #8
    Schermafbeelding van Juisterr
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Malwarebytes
    Firewall
    router
    Berichten
    12.720
    Blog Berichten
    8
    facemoods doorzoeken op -geselecteerde tekst Geen idee om eerlijk te zijn, ik zie wel dat de logjes schoon zijn.

  9. #9
    Schermafbeelding van Bonna V
    Technische vaardigheid
    3. Medium
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    49
    ik heb al even zitten zoeken op het net, facemoods op zich is geen schadelijke software, enkel maar heel irritant ... ik kan het ook nergens vinden op mijn pc (niet in programma files, niet te vinden in ccleaner ...) ik laat het maar voor wat het is.

    Ik zou u heel erg willen bedanken voor de geboden hulp! Wat was nu het precieze probleem? had ik nu een virus of malware?

    mag ik spybot terug installeren? combofix deïnstalleren?


    nogmaals: BEDANKT !!! reputatie werd toegekend
    Laatst gewijzigd door Bonna V; 04-09-11 om 19:57.
    Bedankt Nucia

  10. #10
    Schermafbeelding van Juisterr
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Malwarebytes
    Firewall
    router
    Berichten
    12.720
    Blog Berichten
    8
    Verwijder ComboFix, kopiëer het onderstaande commando met (Ctrl + C):
    Combofix /Uninstall (let op!!! de spatie voor /Uninstall)

    Klik Start -> Uitvoeren, en plak (Ctrl + V) het commando, toets vervolgens Ctrl + Shift + Enter.
    Dit verwijdert zowel ComboFix, als je oude systeemherstelpunten (met eventuele restanten van malware), en maakt een nieuw systeemherstelpunt aan.


    Ccleaner
    Download CCleaner Slim
    Installeer CCleaner en start CCleaner op.
    • Klik in de linkse kolom op Cleaner.
    • Klik achtereenvolgens op Analyseren en Opschonen.
    • Klik vervolgens in de linkse kolom op Register en klik op Scan naar problemen.
    • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK.
    • Dan krijg je de vraag om een back-up te maken, klik op JA. en kies dan Herstel alle geselecteerde fouten.
    • Sluit hierna CCleaner af.

    Om herbesmetting te vermijden, kan je deze tips eens nalezen:
    Hoe voorkom ik een nieuwe infectie?

  11. #11
    Schermafbeelding van Bonna V
    Technische vaardigheid
    3. Medium
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    49
    Combofix is verwijdert zoals aangegeven
    Ccleaner is uitgevoerd zoals aangegeven

    in de instellingen van chrome kon instellen dat ik google als zoekmachine wilde gebruiken, heb dus geen last meer van die facemoods.

    Wat was nu het precieze probleem? had ik nu een virus of malware?

    mag ik spybot terug installeren?


    nogmaals: BEDANKT !!! reputatie werd toegekend
    Laatst gewijzigd door Bonna V; 04-09-11 om 20:56.
    Bedankt Nucia

  12. #12
    Schermafbeelding van Juisterr
    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Malwarebytes
    Firewall
    router
    Berichten
    12.720
    Blog Berichten
    8
    Combofix heeft dit verwijderd.
    c:\users\Vercauteren-Aerts\Documents\41a.jpg
    c:\windows\pl
    c:\windows\pl\WLXPGSS.SCR.mui

    En met HijackThis nou ja dat had ik al aangegeven.
    En facemoods is de belangrijkste http://www.systemlookup.com/Startup/...dssrv_exe.html

  13. #13
    Schermafbeelding van Bonna V
    Technische vaardigheid
    3. Medium
    Besturingssysteem
    Windows 7 Home Premium 64
    Antivirus
    Avast
    Firewall
    Windows Firewall
    Berichten
    49
    ok bedankt
    Bedankt Nucia

Forum Rechten

  • Je mag geen nieuwe onderwerpen plaatsen
  • Je mag geen reacties plaatsen
  • Je mag geen bijlagen toevoegen
  • Je mag jouw berichten niet wijzigen