Ga naar inhoud

Internet trager dan normaal


Aanbevolen berichten

Bij deze een HJT-logje. Graag even controle op evt oorzaken voor het trager laden van internetpagina's dan ik gewend ben. Ook heb ik de laatste tijd het probleem dat als de screensaver (DreamAquarium) actief is, en ik wil weer naar mijn Bureaublad, de pc bij het switchen (bij een muisbeweging dus) vast lijkt te lopen. Ik krig dan een zwart scherm en het kan minuten duren voordat het Bureaublad in beeld komt. Voorheen had ik dit niet en schakelde hij binnen een seconde om..

Gister nog een full scan gedaan met MBAM en niets gevonden.

(kan evt vanavond laat pas weer reageren)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:05:27, on 11-1-2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16700)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\FTD Watchdog\FtdMonitor.exe

C:\Program Files (x86)\Alwil Software\AvastUI.exe

C:\Program Files (x86)\GrabIt\GrabIt.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Blackle - Energy Saving Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - (no file)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: (no name) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - (no file)

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [avast5] "C:\Program Files (x86)\Alwil Software\avastUI.exe" /nogui

O4 - HKCU\..\Run: [FTD Watchdog Monitor] "C:\Program Files (x86)\FTD Watchdog\FtdMonitor.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files (x86)\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files (x86)\Alwil Software\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files (x86)\Alwil Software\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files (x86)\Alwil Software\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - Unknown owner - C:\Program Files (x86)\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 7030 bytes

Link naar reactie
Delen op andere sites

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - (no file)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O3 - Toolbar: (no name) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

Link naar reactie
Delen op andere sites

Hier de gevraagde logjes. Ik zie in het HJT-log dat de 1e twee R0-regels die je aangaf áán te moeten vinken er gewoon nog staan?? Ik heb ze 100%zeker aangevinkt voordat ik het progje liet fixen.. Nog es doen die twee?

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 0:32:03, on 12-1-2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16700)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\FTD Watchdog\FtdMonitor.exe

C:\Program Files (x86)\Alwil Software\AvastUI.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Blackle - Energy Saving Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [avast5] "C:\Program Files (x86)\Alwil Software\avastUI.exe" /nogui

O4 - HKCU\..\Run: [FTD Watchdog Monitor] "C:\Program Files (x86)\FTD Watchdog\FtdMonitor.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files (x86)\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files (x86)\Alwil Software\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files (x86)\Alwil Software\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files (x86)\Alwil Software\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - Unknown owner - C:\Program Files (x86)\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 6647 bytes

---------------------------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.50.1.1100

Malwarebytes

Databaseversie: 5505

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

12-1-2011 0:29:08

mbam-log-2011-01-12 (00-29-08).txt

Scantype: Snelle scan

Objecten gescand: 155908

Verstreken tijd: 2 minuut/minuten, 29 seconde(n)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 0

Registerwaarden geïnfecteerd: 0

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

aangepast door Biskwietje
Link naar reactie
Delen op andere sites

Die twee lijntjes zijn "schoonheidsfoutjes" en hebben geen negatieve invloed op de werking van de PC. Indien die terugkeren in je nieuwe log, mag je deze gewoon laten staan.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

Een vraagje tussendoor; Ik heb MBAM en SUPERAntiSpyware op mijn pc staan. Instructies voor Combofix gaf aan alle Virus en Spyware-progjes even uit te zetten tijdens de scan. Alles uitgezet en opgemerkt dat SAS Realtime bescherming niet aan stond. Moet ik die inschakelen of dekt de Windows Firewall die realtime bescherming al?

Logje Combofix;

ComboFix 11-01-11.03 - Mike 12-01-2011 23:40:46.1.3 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.4095.3053 [GMT 1:00]

Gestart vanuit: c:\users\Mike\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}

SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-12-12 to 2011-01-12 ))))))))))))))))))))))))))))))

.

2011-01-12 22:44 . 2011-01-12 22:44 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-01-12 10:27 . 2011-01-12 10:27 -------- d-----w- c:\users\Mike\AppData\Local\{C975C9A7-CA11-40F8-8FAC-8C15EE2EA5D2}

2011-01-11 10:41 . 2011-01-11 10:41 -------- d-----w- c:\users\Mike\AppData\Local\{663C8AE9-B5CE-4619-88B2-671F68B127BB}

2011-01-07 16:03 . 2011-01-07 16:03 -------- d-----w- c:\users\Mike\AppData\Local\{C1C719A4-CDDD-4383-87FA-E41099447562}

2011-01-06 12:56 . 2011-01-06 12:56 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2011-01-06 12:56 . 2011-01-06 12:57 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite

2011-01-01 03:20 . 2011-01-01 03:20 -------- d-----w- c:\users\Mike\AppData\Local\{C3E1C615-9D13-4DA2-8366-AD84A970FD7B}

2010-12-31 11:07 . 2010-12-31 11:07 -------- d-----w- c:\users\Mike\AppData\Local\QuickPar

2010-12-28 04:22 . 2010-12-28 04:22 -------- d-----w- c:\users\Mike\AppData\Local\AMD

2010-12-28 04:22 . 2010-12-28 04:22 -------- d-----w- c:\programdata\ATI

2010-12-28 04:22 . 2010-12-28 04:22 -------- d-----w- c:\programdata\AMD

2010-12-28 04:19 . 2010-02-18 08:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys

2010-12-22 17:31 . 2010-12-22 17:35 -------- d-----w- c:\program files (x86)\TCP Optimizer

2010-12-18 12:23 . 2010-09-07 15:47 20048 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2010-12-18 12:23 . 2010-09-07 15:52 121936 ----a-w- c:\windows\system32\drivers\aswSP.sys

2010-12-18 12:23 . 2010-09-07 15:47 28752 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2010-12-18 12:23 . 2010-09-07 15:52 51280 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2010-12-18 12:23 . 2010-09-07 15:47 61008 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2010-12-18 12:22 . 2011-01-01 11:46 -------- d-----w- c:\program files (x86)\Alwil Software

2010-12-18 12:20 . 2010-12-18 12:20 -------- d-----w- c:\program files (x86)\Java

2010-12-18 12:17 . 2010-12-21 12:32 -------- d-----w- c:\program files (x86)\Defraggler

2010-12-17 04:27 . 2010-12-17 04:27 -------- d-----w- c:\users\Mike\AppData\Local\{22E433A2-84A6-4CAE-B040-7B34E4C7580E}

2010-12-17 04:17 . 2010-12-17 04:17 -------- d-----w- c:\users\Mike\AppData\Roaming\SUPERAntiSpyware.com

2010-12-17 04:17 . 2010-12-17 04:17 -------- d-----w- c:\programdata\!SASCORE

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-12-31 20:06 . 2010-12-04 15:24 38848 ----a-w- c:\windows\avastSS.scr

2010-12-31 20:06 . 2010-12-04 15:24 188216 ----a-w- c:\windows\SysWow64\aswBoot.exe

2010-12-20 17:09 . 2010-06-16 13:06 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2010-12-20 17:08 . 2010-06-16 13:06 24152 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-12-18 12:20 . 2010-06-16 13:36 521448 ----a-w- c:\windows\system32\deployJava1.dll

2010-12-05 13:17 . 2010-12-05 13:17 3527680 ----a-w- c:\windows\SysWow64\M2LU_Server.exe

2010-12-05 13:17 . 2010-12-05 13:17 1120768 ----a-w- c:\windows\SysWow64\M2ElevatedCalls.dll

2010-11-28 10:50 . 2010-11-28 10:50 86016 ----a-w- c:\windows\SysWow64\frapsvid.dll

2010-11-28 10:50 . 2010-11-28 10:50 84992 ----a-w- c:\windows\system32\frapsv64.dll

2010-11-26 04:20 . 2010-11-26 04:20 8120320 ----a-w- c:\windows\system32\drivers\atikmdag.sys

2010-11-26 03:19 . 2010-11-26 03:19 21610496 ----a-w- c:\windows\system32\atio6axx.dll

2010-11-26 03:02 . 2010-11-26 03:02 16702976 ----a-w- c:\windows\SysWow64\atioglxx.dll

2010-11-26 02:58 . 2010-11-26 02:58 143360 ----a-w- c:\windows\system32\atiapfxx.exe

2010-11-26 02:58 . 2010-11-26 02:58 550400 ----a-w- c:\windows\SysWow64\aticfx32.dll

2010-11-26 02:57 . 2010-11-26 02:57 648704 ----a-w- c:\windows\system32\aticfx64.dll

2010-11-26 02:54 . 2010-11-26 02:54 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll

2010-11-26 02:54 . 2010-11-26 02:54 478720 ----a-w- c:\windows\system32\atieclxx.exe

2010-11-26 02:54 . 2010-11-26 02:54 203776 ----a-w- c:\windows\system32\atiesrxx.exe

2010-11-26 02:53 . 2010-11-26 02:53 120320 ----a-w- c:\windows\system32\atitmm64.dll

2010-11-26 02:52 . 2010-11-26 02:52 423424 ----a-w- c:\windows\system32\atipdl64.dll

2010-11-26 02:52 . 2010-11-26 02:52 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll

2010-11-26 02:52 . 2010-11-26 02:52 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll

2010-11-26 02:52 . 2010-11-26 02:52 16384 ----a-w- c:\windows\system32\atimuixx.dll

2010-11-26 02:52 . 2010-11-26 02:52 59392 ----a-w- c:\windows\system32\atiedu64.dll

2010-11-26 02:52 . 2010-11-26 02:52 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll

2010-11-26 02:49 . 2010-11-26 02:49 4066816 ----a-w- c:\windows\SysWow64\atidxx32.dll

2010-11-26 02:40 . 2010-11-26 02:40 4794368 ----a-w- c:\windows\system32\atidxx64.dll

2010-11-26 02:30 . 2010-11-26 02:30 51200 ----a-w- c:\windows\system32\aticalrt64.dll

2010-11-26 02:30 . 2010-11-26 02:30 4122624 ----a-w- c:\windows\SysWow64\atiumdag.dll

2010-11-26 02:30 . 2010-11-26 02:30 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll

2010-11-26 02:30 . 2010-11-26 02:30 44544 ----a-w- c:\windows\system32\aticalcl64.dll

2010-11-26 02:30 . 2010-11-26 02:30 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll

2010-11-26 02:29 . 2010-11-26 02:29 6815232 ----a-w- c:\windows\system32\aticaldd64.dll

2010-11-26 02:29 . 2010-11-26 02:29 3217408 ----a-w- c:\windows\system32\atiumd6a.dll

2010-11-26 02:28 . 2010-11-26 02:28 5441024 ----a-w- c:\windows\SysWow64\aticaldd.dll

2010-11-26 02:24 . 2010-11-26 02:24 58880 ----a-w- c:\windows\system32\coinst.dll

2010-11-26 02:24 . 2010-11-26 02:24 5258240 ----a-w- c:\windows\system32\atiumd64.dll

2010-11-26 02:22 . 2010-11-26 02:22 3460096 ----a-w- c:\windows\SysWow64\atiumdva.dll

2010-11-26 02:17 . 2010-11-26 02:17 351232 ----a-w- c:\windows\system32\atiadlxx.dll

2010-11-26 02:17 . 2010-11-26 02:17 249856 ----a-w- c:\windows\SysWow64\atiadlxy.dll

2010-11-26 02:17 . 2010-11-26 02:17 14848 ----a-w- c:\windows\system32\atig6pxx.dll

2010-11-26 02:17 . 2010-11-26 02:17 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll

2010-11-26 02:17 . 2010-11-26 02:17 12800 ----a-w- c:\windows\system32\atiglpxx.dll

2010-11-26 02:17 . 2010-11-26 02:17 31744 ----a-w- c:\windows\system32\atig6txx.dll

2010-11-26 02:16 . 2010-11-26 02:16 27136 ----a-w- c:\windows\SysWow64\atigktxx.dll

2010-11-26 02:16 . 2010-11-26 02:16 289792 ----a-w- c:\windows\system32\drivers\atikmpag.sys

2010-11-26 02:16 . 2010-11-26 02:16 39936 ----a-w- c:\windows\system32\atiuxp64.dll

2010-11-26 02:15 . 2010-11-26 02:15 30720 ----a-w- c:\windows\SysWow64\atiuxpag.dll

2010-11-26 02:15 . 2010-11-26 02:15 37888 ----a-w- c:\windows\system32\atiu9p64.dll

2010-11-26 02:15 . 2010-11-26 02:15 28672 ----a-w- c:\windows\SysWow64\atiu9pag.dll

2010-11-26 02:15 . 2010-11-26 02:15 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2010-11-26 02:09 . 2010-11-26 02:09 53760 ----a-w- c:\windows\system32\atimpc64.dll

2010-11-26 02:09 . 2010-11-26 02:09 53760 ----a-w- c:\windows\system32\amdpcom64.dll

2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll

2010-11-26 02:09 . 2010-11-26 02:09 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll

2010-11-17 12:04 . 2010-11-17 12:04 115216 ----a-w- c:\windows\system32\drivers\AtihdW76.sys

2010-11-15 11:27 . 2010-06-18 21:03 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2010-11-10 01:54 . 2010-11-10 01:54 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll

2010-10-18 07:41 . 2010-10-20 21:38 8006480 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1DE2174A-0664-4740-8CDF-99B7716547AE}\mpengine.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"FTD Watchdog Monitor"="c:\program files (x86)\FTD Watchdog\FtdMonitor.exe" [2009-03-14 176640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]

"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 cpuz130;cpuz130;c:\users\Mike\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]

R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files (x86)\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-17 1255736]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-18 834544]

S1 aswSP;aswSP; [x]

S1 SASDIFSV;SASDIFSV;c:\program files (x86)\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]

S1 SAS***IL;SAS***IL;c:\program files (x86)\SUPERAntiSpyware\SAS***IL64.SYS [2010-02-17 12360]

S2 !SASCORE;SAS Core Service;c:\program files (x86)\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-26 203776]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-11-25 354304]

S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]

S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-11-26 8120320]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-11-26 289792]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]

S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-06 254528]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]

--- Andere Services/Drivers In Geheugen ---

*Deregistered* - Avgtdia

.

--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 97792 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 97792 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 97792 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 97792 ----a-w- c:\users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-02-13 7074336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.blackle.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\nmqz1bvg.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.blackle.com/

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: AnyColor: anycolor.pavlos256@gmail.com - %profile%\extensions\anycolor.pavlos256@gmail.com

FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}

FF - Ext: FireGestures: firegestures@xuldev.org - %profile%\extensions\firegestures@xuldev.org

FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

FF - Ext: Flickr Gallery Plus!: flickrgalleryplus@robertnyman.com - %profile%\extensions\flickrgalleryplus@robertnyman.com

FF - Ext: MouseZoom: {28FAD68E-4001-48d5-B994-68069F7CFB1D} - %profile%\extensions\{28FAD68E-4001-48d5-B994-68069F7CFB1D}

FF - Ext: New Tab Homepage: {66E978CD-981F-47DF-AC42-E3CF417C1467} - %profile%\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}

FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}

FF - Ext: Remove New Tab Button: remove-new-tab-button@forerunnerdesigns.com - %profile%\extensions\remove-new-tab-button@forerunnerdesigns.com

FF - Ext: Screengrab: {02450954-cdd9-410f-b1da-db804e18c671} - %profile%\extensions\{02450954-cdd9-410f-b1da-db804e18c671}

FF - Ext: SmoothWheel (mozdev.org): {5F590AA2-1221-4113-A6F4-A4BB62414FAC} - %profile%\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}

FF - Ext: SmoothWheel (AMO): {5F590AA2-1221-4113-A6F4-A4BB62414FAC} - %profile%\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}

FF - Ext: WebMail Notifier: {37fa1426-b82d-11db-8314-0800200c9a66} - %profile%\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}

FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}

FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

FF - Ext: Favicon Picker 3: {446c03e0-2c35-11db-a98b-0800200c9a67} - %profile%\extensions\{446c03e0-2c35-11db-a98b-0800200c9a67}

FF - Ext: AutoPager: autopager@mozilla.org - %profile%\extensions\autopager@mozilla.org

.

- - - - ORPHANS VERWIJDERD - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2011-01-12 23:45:53

ComboFix-quarantined-files.txt 2011-01-12 22:45

Pre-Run: 29.747.957.760 bytes beschikbaar

Post-Run: 29.632.569.344 bytes beschikbaar

- - End Of File - - 57EAAA29FB0963C0D35AB495FEC4DA98

Link naar reactie
Delen op andere sites

Moet toch even de rariteiten opnoemen die ik na herstart van de pc tegenkwam. Ik had Avast zo ingesteld dattie bij herstart weer zou werken.

- Bureaubladafbeelding moest opnieuw ingesteld worden

- Startmenu leek wat betreft de knoppen aan de re-kant weer op default te staan

- Avast-icoon verschijnt niet automatisch in systeembalk? Behalve als ik het programma in Start/Alle Programma's aanklik (hij blijkt dan wel actief te zijn. Maar ik zie toch ook graag weer dat icoontje rechtsonder)

Wat moet ik hiermee? Probleem 1 en 2 zijn uiteraard zo weer ingesteld. Maar Avast dan?

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Driver::

aswFsBlk

aswSP

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

En dan even dit : laat je zowel Malwarebytes, als SuperAntiSpyware in real-time scannen ? Samen met je antivirus (AVAST) zou dat wel eens de oorzaak van de traagheid kunnen zijn … want al die programma’s moeten hun hele scan afwerken vóór je de info te zien krijgt.

P.S. : de kleine kwaaltjes die je in je laatste bericht meldde, worden normaal hersteld nà het verwijderen van Combofix.

Link naar reactie
Delen op andere sites

Eerst antwoord op je vraag. Ik heb de gratis versie van MBAM waar volgens mij geen realtime-scanner bij zit. Verder, aangezien ik niet wist dat je bij SUPERantiSpuware de realtime-bescherming zelf aan met vinken heeft deze dus ook niet aan gestaan.

Ik heb het kladblokbestandje met de aangegeven vergedrukte tekst uit je vorige post naar Combofix gesleept waarna het progje en vervolgens de pc herstartte.

Vervolgens krijg ik een schermpje met een blauwe achtergrond waarin staat dat een logbestand wordt voorbereid met daaronder de waarschuwing dat ik geen andere programma's moet opstarten voordat Combofix klaar is. Dááronder staat een knipperende cursor en verder gebeurt er een hele tijd niets.

Misschien stom maar toen heb ik op de taakbalk geklikt (niet in het Combofix scherm dus) waarbij de knipperende cursor verdwijnt. Voorts gebeurde er weer niets waarna ik het venster maar heb gesloten..

Heb ik iets verkeerd gedaan soms? Het logje heb ik wel terug gevonden in de map C:/Combofix

ComboFix 11-01-12.04 - Mike 13-01-2011 12:45:04.2.3 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.4095.3072 [GMT 1:00]

Gestart vanuit: C:\Users\Mike\Desktop\ComboFix.exe

gebruikte Opdracht switches :: C:\Users\Mike\Desktop\CFScript.txt.txt

AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}

SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_ASWFSBLK

-------\Legacy_ASWSP

-------\Service_aswFsBlk

-------\Service_aswSP

(((((((((((((((((((( Bestanden Gemaakt van 2010-12-13 to 2011-01-13 ))))))))))))))))))))))))))))))

.

2011-01-12 10:27:28 . 2011-01-12 10:27:38 -------- d-----w- C:\Users\Mike\AppData\Local\{C975C9A7-CA11-40F8-8FAC-8C15EE2EA5D2}

2011-01-11 10:41:40 . 2011-01-11 10:41:49 -------- d-----w- C:\Users\Mike\AppData\Local\{663C8AE9-B5CE-4619-88B2-671F68B127BB}

2011-01-07 16:03:05 . 2011-01-07 16:03:15 -------- d-----w- C:\Users\Mike\AppData\Local\{C1C719A4-CDDD-4383-87FA-E41099447562}

2011-01-06 12:56:24 . 2011-01-06 12:56:24 254528 ----a-w- C:\Windows\system32\drivers\dtsoftbus01.sys

2011-01-06 12:56:17 . 2011-01-06 12:57:01 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite

2011-01-01 03:20:29 . 2011-01-01 03:20:41 -------- d-----w- C:\Users\Mike\AppData\Local\{C3E1C615-9D13-4DA2-8366-AD84A970FD7B}

2010-12-31 11:07:40 . 2010-12-31 11:07:46 -------- d-----w- C:\Users\Mike\AppData\Local\QuickPar

2010-12-28 04:22:34 . 2010-12-28 04:22:34 -------- d-----w- C:\Users\Mike\AppData\Local\AMD

2010-12-28 04:22:23 . 2010-12-28 04:22:23 -------- d-----w- C:\ProgramData\ATI

2010-12-28 04:22:16 . 2010-12-28 04:22:16 -------- d-----w- C:\ProgramData\AMD

2010-12-28 04:19:26 . 2010-02-18 08:18:24 46136 ----a-w- C:\Windows\system32\drivers\amdiox64.sys

2010-12-22 17:31:23 . 2010-12-22 17:35:30 -------- d-----w- C:\Program Files (x86)\TCP Optimizer

2010-12-18 12:23:44 . 2010-09-07 15:47:10 20048 ----a-w- C:\Windows\system32\drivers\aswFsBlk.sys

2010-12-18 12:23:43 . 2010-09-07 15:52:09 121936 ----a-w- C:\Windows\system32\drivers\aswSP.sys

2010-12-18 12:23:42 . 2010-09-07 15:47:49 28752 ----a-w- C:\Windows\system32\drivers\aswRdr.sys

2010-12-18 12:23:41 . 2010-09-07 15:52:29 51280 ----a-w- C:\Windows\system32\drivers\aswTdi.sys

2010-12-18 12:23:40 . 2010-09-07 15:47:33 61008 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys

2010-12-18 12:22:41 . 2011-01-01 11:46:32 -------- d-----w- C:\Program Files (x86)\Alwil Software

2010-12-18 12:20:37 . 2010-12-18 12:20:37 -------- d-----w- C:\Program Files (x86)\Java

2010-12-18 12:17:06 . 2010-12-21 12:32:45 -------- d-----w- C:\Program Files (x86)\Defraggler

2010-12-17 04:27:23 . 2010-12-17 04:27:33 -------- d-----w- C:\Users\Mike\AppData\Local\{22E433A2-84A6-4CAE-B040-7B34E4C7580E}

2010-12-17 04:17:22 . 2010-12-17 04:17:22 -------- d-----w- C:\Users\Mike\AppData\Roaming\SUPERAntiSpyware.com

2010-12-17 04:17:18 . 2010-12-17 04:17:18 -------- d-----w- C:\ProgramData\!SASCORE

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-12-31 20:06:36 . 2010-12-04 15:24:54 38848 ----a-w- C:\Windows\avastSS.scr

2010-12-31 20:06:33 . 2010-12-04 15:24:53 188216 ----a-w- C:\Windows\SysWow64\aswBoot.exe

2010-12-20 17:09:00 . 2010-06-16 13:06:07 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2010-12-20 17:08:40 . 2010-06-16 13:06:06 24152 ----a-w- C:\Windows\system32\drivers\mbam.sys

2010-12-18 12:20:38 . 2010-06-16 13:36:47 521448 ----a-w- C:\Windows\system32\deployJava1.dll

2010-12-05 13:17:33 . 2010-12-05 13:17:33 3527680 ----a-w- C:\Windows\SysWow64\M2LU_Server.exe

2010-12-05 13:17:32 . 2010-12-05 13:17:32 1120768 ----a-w- C:\Windows\SysWow64\M2ElevatedCalls.dll

2010-11-28 10:50:08 . 2010-11-28 10:50:08 86016 ----a-w- C:\Windows\SysWow64\frapsvid.dll

2010-11-28 10:50:04 . 2010-11-28 10:50:04 84992 ----a-w- C:\Windows\system32\frapsv64.dll

2010-11-26 04:20:20 . 2010-11-26 04:20:20 8120320 ----a-w- C:\Windows\system32\drivers\atikmdag.sys

2010-11-26 03:19:32 . 2010-11-26 03:19:32 21610496 ----a-w- C:\Windows\system32\atio6axx.dll

2010-11-26 03:02:08 . 2010-11-26 03:02:08 16702976 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2010-11-26 02:58:22 . 2010-11-26 02:58:22 143360 ----a-w- C:\Windows\system32\atiapfxx.exe

2010-11-26 02:58:12 . 2010-11-26 02:58:12 550400 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2010-11-26 02:57:08 . 2010-11-26 02:57:08 648704 ----a-w- C:\Windows\system32\aticfx64.dll

2010-11-26 02:54:58 . 2010-11-26 02:54:58 462848 ----a-w- C:\Windows\system32\ATIDEMGX.dll

2010-11-26 02:54:48 . 2010-11-26 02:54:48 478720 ----a-w- C:\Windows\system32\atieclxx.exe

2010-11-26 02:54:12 . 2010-11-26 02:54:12 203776 ----a-w- C:\Windows\system32\atiesrxx.exe

2010-11-26 02:53:00 . 2010-11-26 02:53:00 120320 ----a-w- C:\Windows\system32\atitmm64.dll

2010-11-26 02:52:42 . 2010-11-26 02:52:42 423424 ----a-w- C:\Windows\system32\atipdl64.dll

2010-11-26 02:52:36 . 2010-11-26 02:52:36 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll

2010-11-26 02:52:26 . 2010-11-26 02:52:26 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll

2010-11-26 02:52:20 . 2010-11-26 02:52:20 16384 ----a-w- C:\Windows\system32\atimuixx.dll

2010-11-26 02:52:16 . 2010-11-26 02:52:16 59392 ----a-w- C:\Windows\system32\atiedu64.dll

2010-11-26 02:52:10 . 2010-11-26 02:52:10 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2010-11-26 02:49:04 . 2010-11-26 02:49:04 4066816 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2010-11-26 02:40:14 . 2010-11-26 02:40:14 4794368 ----a-w- C:\Windows\system32\atidxx64.dll

2010-11-26 02:30:20 . 2010-11-26 02:30:20 51200 ----a-w- C:\Windows\system32\aticalrt64.dll

2010-11-26 02:30:20 . 2010-11-26 02:30:20 4122624 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2010-11-26 02:30:18 . 2010-11-26 02:30:18 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2010-11-26 02:30:10 . 2010-11-26 02:30:10 44544 ----a-w- C:\Windows\system32\aticalcl64.dll

2010-11-26 02:30:08 . 2010-11-26 02:30:08 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2010-11-26 02:29:58 . 2010-11-26 02:29:58 6815232 ----a-w- C:\Windows\system32\aticaldd64.dll

2010-11-26 02:29:52 . 2010-11-26 02:29:52 3217408 ----a-w- C:\Windows\system32\atiumd6a.dll

2010-11-26 02:28:44 . 2010-11-26 02:28:44 5441024 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2010-11-26 02:24:38 . 2010-11-26 02:24:38 58880 ----a-w- C:\Windows\system32\coinst.dll

2010-11-26 02:24:06 . 2010-11-26 02:24:06 5258240 ----a-w- C:\Windows\system32\atiumd64.dll

2010-11-26 02:22:26 . 2010-11-26 02:22:26 3460096 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2010-11-26 02:17:28 . 2010-11-26 02:17:28 351232 ----a-w- C:\Windows\system32\atiadlxx.dll

2010-11-26 02:17:20 . 2010-11-26 02:17:20 249856 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2010-11-26 02:17:08 . 2010-11-26 02:17:08 14848 ----a-w- C:\Windows\system32\atig6pxx.dll

2010-11-26 02:17:04 . 2010-11-26 02:17:04 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2010-11-26 02:17:04 . 2010-11-26 02:17:04 12800 ----a-w- C:\Windows\system32\atiglpxx.dll

2010-11-26 02:17:00 . 2010-11-26 02:17:00 31744 ----a-w- C:\Windows\system32\atig6txx.dll

2010-11-26 02:16:54 . 2010-11-26 02:16:54 27136 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2010-11-26 02:16:46 . 2010-11-26 02:16:46 289792 ----a-w- C:\Windows\system32\drivers\atikmpag.sys

2010-11-26 02:16:04 . 2010-11-26 02:16:04 39936 ----a-w- C:\Windows\system32\atiuxp64.dll

2010-11-26 02:15:58 . 2010-11-26 02:15:58 30720 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2010-11-26 02:15:52 . 2010-11-26 02:15:52 37888 ----a-w- C:\Windows\system32\atiu9p64.dll

2010-11-26 02:15:42 . 2010-11-26 02:15:42 28672 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2010-11-26 02:15:00 . 2010-11-26 02:15:00 53248 ----a-w- C:\Windows\system32\drivers\ati2erec.dll

2010-11-26 02:09:18 . 2010-11-26 02:09:18 53760 ----a-w- C:\Windows\system32\atimpc64.dll

2010-11-26 02:09:18 . 2010-11-26 02:09:18 53760 ----a-w- C:\Windows\system32\amdpcom64.dll

2010-11-26 02:09:12 . 2010-11-26 02:09:12 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2010-11-26 02:09:12 . 2010-11-26 02:09:12 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2010-11-17 12:04:32 . 2010-11-17 12:04:32 115216 ----a-w- C:\Windows\system32\drivers\AtihdW76.sys

2010-11-15 11:27:11 . 2010-06-18 21:03:14 103736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2010-11-10 01:54:18 . 2010-11-10 01:54:18 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2010-10-18 07:41:42 . 2010-10-20 21:38:51 8006480 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1DE2174A-0664-4740-8CDF-99B7716547AE}\mpengine.dll

.

((((((((((((((((((((((((((((( SnapShot@2011-01-12_22.44.33 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54:17 . 2011-01-12 22:28:21 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54:17 . 2011-01-13 11:50:23 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54:17 . 2011-01-12 22:28:21 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54:17 . 2011-01-13 11:50:23 32768 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54:17 . 2011-01-13 11:50:23 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54:17 . 2011-01-12 22:28:21 16384 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-06-16 16:16:11 . 2011-01-13 11:32:51 31686 C:\Windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10:35 . 2011-01-13 11:51:32 42610 C:\Windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

- 2009-07-14 05:10:35 . 2011-01-12 22:29:12 42610 C:\Windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

- 2010-06-16 15:55:06 . 2011-01-12 22:29:12 14442 C:\Windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2260744916-3219625853-3690884673-1000_UserData.bin

+ 2010-06-16 15:55:06 . 2011-01-13 11:51:33 14442 C:\Windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2260744916-3219625853-3690884673-1000_UserData.bin

- 2010-06-16 15:54:09 . 2011-01-12 22:27:47 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-06-16 15:54:09 . 2011-01-13 11:51:02 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:46:26 . 2011-01-13 11:34:38 79744 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

+ 2010-06-16 15:54:09 . 2011-01-13 11:51:02 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-06-16 15:54:09 . 2011-01-12 22:27:47 32768 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-06-16 15:54:09 . 2011-01-13 11:51:02 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2010-06-16 15:54:09 . 2011-01-12 22:27:47 16384 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-06-16 15:54:08 . 2011-01-13 11:51:08 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-06-16 15:54:08 . 2011-01-12 22:27:47 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-06-16 15:54:08 . 2011-01-13 11:51:08 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2010-06-16 15:54:08 . 2011-01-12 22:27:47 16384 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-01-12 22:27:26 . 2011-01-12 22:27:26 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-01-13 11:49:36 . 2011-01-13 11:49:36 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-01-13 11:49:36 . 2011-01-13 11:49:36 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2011-01-12 22:27:26 . 2011-01-12 22:27:26 2048 C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-14 09:16:31 . 2011-01-13 11:35:26 701326 C:\Windows\system32\perfh013.dat

- 2009-07-14 09:16:31 . 2011-01-12 22:31:40 701326 C:\Windows\system32\perfh013.dat

- 2009-07-14 02:36:59 . 2011-01-12 22:31:40 615810 C:\Windows\system32\perfh009.dat

+ 2009-07-14 02:36:59 . 2011-01-13 11:35:26 615810 C:\Windows\system32\perfh009.dat

+ 2009-07-14 09:16:31 . 2011-01-13 11:35:26 133358 C:\Windows\system32\perfc013.dat

- 2009-07-14 09:16:31 . 2011-01-12 22:31:40 133358 C:\Windows\system32\perfc013.dat

- 2009-07-14 02:36:59 . 2011-01-12 22:31:40 106190 C:\Windows\system32\perfc009.dat

+ 2009-07-14 02:36:59 . 2011-01-13 11:35:26 106190 C:\Windows\system32\perfc009.dat

+ 2009-07-14 05:01:48 . 2011-01-13 11:49:03 232632 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-06-17 11:18:12 . 2011-01-13 02:51:36 505784 C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2260744916-3219625853-3690884673-1000-12288.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36:00 94208 ----a-w- C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36:00 94208 ----a-w- C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36:00 94208 ----a-w- C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36:00 94208 ----a-w- C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"FTD Watchdog Monitor"="C:\Program Files (x86)\FTD Watchdog\FtdMonitor.exe" [2009-03-14 08:38:46 176640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"amd_dc_opt"="C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 11:53:10 77824]

"Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 12:12:28 439568]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 12:27:14 138576]

R3 cpuz130;cpuz130;C:\Users\Mike\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]

R3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files (x86)\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe [x]

R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-17 08:31:00 1255736]

S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [2010-06-18 18:12:11 834544]

S1 SASDIFSV;SASDIFSV;C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 18:23:05 14920]

S1 SAS***IL;SAS***IL;C:\Program Files (x86)\SUPERAntiSpyware\SAS***IL64.SYS [2010-02-17 18:23:05 12360]

S2 !SASCORE;SAS Core Service;C:\Program Files (x86)\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 17:49:27 128752]

S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [2010-11-26 02:54:12 203776]

S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-11-25 21:03:12 354304]

S2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 04:23:36 194496]

S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 15:47:33 61008]

S3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 08:18:24 46136]

S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2010-11-26 04:20:20 8120320]

S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys [2010-11-26 02:16:46 289792]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys [2010-11-17 12:04:32 115216]

S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-06 12:56:24 254528]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 07:10:56 344680]

--- Andere Services/Drivers In Geheugen ---

*Deregistered* - Avgtdia

.

--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36:00 97792 ----a-w- C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36:00 97792 ----a-w- C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36:00 97792 ----a-w- C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36:00 97792 ----a-w- C:\Users\Mike\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"combofix"="C:\ComboFix\CF15783.cfxxe" [X]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-02-13 09:03:54 7074336]

aangepast door Biskwietje
Link naar reactie
Delen op andere sites

Snelheid en/of pagina's laden als de browser actief is gaat wel weer vlotter ja. Het opstarten van Firefox gaat alleen erg traag wat eerst sneller ging. Is daar nog iets aan te doen?

Als ik me goed herinner moet Combofix op een wat aparte manier weer worden verwijderd toch? Dan kan ik bij heropstart even checken of Avast gewoon weer mee opstart en het icoon weer gewoon verschijnt.

aangepast door Biskwietje
Aanvulling
Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.