Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Kan iemand mijn Hijacklog bekijken s.v.p.?

Anoniem
Abraham54
19 antwoorden
  • Hallo,

    Mijn computer is de laatste dagen erg traag. Voor de zekerheid even een HijackThis gedraaid. Hieronder het log. Kan iemand, geen leek als ik, s.v.p. even kijken of alles in orde is? Hartelijk dank en groet. Ruurd

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 18:41:14, on 22-10-2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16450)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
    C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Users\Ruurd\Downloads\HijackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://startpage.com/do/mypage.pl?prf=b632e9ac9ee9ab4ba4801a3d128aadfd
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = fritz.box;*.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll
    O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL
    O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll
    O4 - HKLM\..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Ruurd\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Emsisoft Anti-Malware 6.6 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
    O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
    O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\REALTEK\Wireless LAN Utility\RtlService.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 8081 bytes
  • Je gebruikt Norton.
    En aktief zijn ook Emisoft antimalware (= ook antivirus) en Malwarebytes MBAM
    (Spywarescanner en webbeveiliging)

    Norton verzorgt ook al datgene wat die twee andere tools doen.
    Dus zullen er conflicten zijn en het feit dat daardoor de beoogde beveiliging juist in mindere mate aanwezig is!

    Dus deaktiveer in beide tools de aktieve onderdelen!

  • Hallo Abraham54,

    Hartelijk dank voor je uitvoerige antwoord/hulp. Ik gebruikte Emisoft vroeger altijd alleen om af en toe eens een scan te doen. Van de week een update en die heeft er direct een actieve beveiliger van gemaakt. Ik heb alles direct uitgezet. Voor wat betreft Malware Antybites, die gebruikte ik vroeger ook alleen om af en toe te scannen maar ik kreeg hem gratis en had die inderdaad altijd actief op de achtergrond. Ik had geen idee dat dit Norton in de weg kon zitten. Ook die heb ik nu niet meer actief en gebruik ik af en toe voor een scan.

    Verder heb ik alles gedaan wat je voorstelde. Ik kreeg alleen bij je link voor AdwCleaner een popup van Microsoft die mij niet toestond het te downloaden. Toen maar even op Google gezocht en gedownload. Ook bij dit prog kreeg ik een log:

    AdwCleaner v2.005 - Verslag gemaakt op 23/10/2012 om 19:37:06
    # Geactualiseerd op 14/10/2012 door Xplode
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Gebruiker : Ruurd - RUURD-PC
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Users\Ruurd\Desktop\AdwCleaner.exe
    # Optie [Verwijderen]


    ***** [Diensten] *****


    ***** [Files / Mappen] *****

    Map Verwijdert : C:\Program Files (x86)\Smartdl

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\Softonic
    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

    ***** [Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    *************************

    AdwCleaner[S1].txt - [1039 octets] - [23/10/2012 19:37:06]

    ########## EOF - C:\AdwCleaner[S1].txt - [1099 octets] ##########


    Toen, zoals je voorstelde HitmanPro gedraaid. Die vond alleen cookies. Zie log:

    code]
    HitmanPro 3.6.2.171
    www.hitmanpro.com

    Computer name . . . . : RUURD-PC
    Windows . . . . . . . : 6.1.1.7601.X64/2
    User name . . . . . . : Ruurd-PC\Ruurd
    UAC . . . . . . . . . : Disabled
    License . . . . . . . : Free

    Scan date . . . . . . : 2012-10-23 19:42:51
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 3m 45s
    Disk access mode . . : Direct disk access (SRB)
    Cloud . . . . . . . . : Internet
    Reboot . . . . . . . : No

    Threats . . . . . . . : 0
    Traces . . . . . . . : 6

    Objects scanned . . . : 1.957.053
    Files scanned . . . . : 30.791
    Remnants scanned . . : 723.755 files / 1.202.507 keys

    Cookies _____________________________________________________________________

    C:\Users\Ruurd\AppData\Roaming\Microsoft\Windows\Cookies\4SM0QOP1.txt
    C:\Users\Ruurd\AppData\Roaming\Microsoft\Windows\Cookies\CY233Q6X.txt
    C:\Users\Ruurd\AppData\Roaming\Microsoft\Windows\Cookies\DJCUBDKE.txt
    C:\Users\Ruurd\AppData\Roaming\Microsoft\Windows\Cookies\MJJFFZ5F.txt
    C:\Users\Ruurd\AppData\Roaming\Microsoft\Windows\Cookies\SP5F7633.txt
    C:\Users\Ruurd\AppData\Roaming\Microsoft\Windows\Cookies\U9KO2600.txt





    Het ziet er dus naar uit dat de actieve Emisoft en Malware Antybites de boosdoeners waren. Ik ga vanavond eens goed bekijken of alles nu wat sneller is.

    Nogmaals heel hartelijk dank voor je antwoord en hulp!
    Groet
    Ruurd
  • Hoi Ruurd, je mag het volgende gaan doen:

    [b:d8fc865414]Welk programma[/b:d8fc865414]:
  • Beste Abraham54,

    Gedaan wat je gezegd hebt. Hier het log van Combifix:

    ComboFix 12-10-24.02 - Ruurd 24-10-2012 17:52:25.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2047.945 [GMT 2:00]
    Gestart vanuit: c:\users\Ruurd\Desktop\ComboFix.exe
    AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Ruurd\AppData\Roaming\Ruurdlog.dat
    c:\windows\IsUn0413.exe
    c:\windows\SysWow64\FlashPlayerInstaller.exe
    c:\windows\SysWow64\install
    c:\windows\SysWow64\win32
    c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . konden niet verwijderd worden
    c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . konden niet verwijderd worden
    .
    Besmet exemplaar van c:\windows\SysWow64\kernel32.dll werd aangetroffen en gedesinfecteerd
    Hersteld exemplaar van - c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_fc20fc2ea15dceba\kernel32.dll
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-09-24 to 2012-10-24 ))))))))))))))))))))))))))))))
    .
    .
    2012-10-23 18:46 . 2012-10-08 12:28 34656 —-a-w- c:\windows\system32\TURegOpt.exe
    2012-10-23 18:46 . 2012-10-08 12:28 25952 —-a-w- c:\windows\system32\authuitu.dll
    2012-10-23 18:46 . 2012-10-08 12:28 21344 —-a-w- c:\windows\SysWow64\authuitu.dll
    2012-10-23 18:45 . 2012-10-23 18:46 ——– d—–w- c:\program files (x86)\TuneUp Utilities 2013
    2012-10-23 18:43 . 2012-10-23 18:49 ——– d-sh–w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
    2012-10-22 17:32 . 2012-10-22 17:32 ——– d—–w- c:\program files (x86)\OpenOffice.org 3
    2012-10-22 17:11 . 2012-10-22 17:11 ——– d—–w- c:\users\Ruurd\AppData\Roaming\OpenOffice.org
    2012-10-22 16:00 . 2012-10-22 16:00 ——– d—–w- c:\program files (x86)\Common Files\Steam
    2012-10-22 15:47 . 2012-10-22 15:55 ——– d—–w- c:\program files (x86)\stinger
    2012-10-17 19:11 . 2012-10-17 19:11 ——– d—–w- c:\program files (x86)\Daedalic Entertainment
    2012-10-17 15:40 . 2012-10-17 15:40 ——– d—–w- c:\users\Ruurd\AppData\Roaming\Auslogics
    2012-10-17 15:40 . 2012-10-17 15:40 ——– d—–w- c:\program files (x86)\Auslogics
    2012-10-15 15:22 . 2012-10-15 15:22 ——– d—–w- c:\program files\Common Files\Adobe
    2012-10-15 15:19 . 2012-08-10 01:01 56336 ——w- c:\windows\system32\drivers\PxHlpa64.sys
    2012-10-15 15:18 . 2012-10-15 15:18 ——– d—–w- c:\program files (x86)\Common Files\Sonic Shared
    2012-10-13 14:14 . 2012-10-13 14:14 ——– d—–w- c:\users\Ruurd\AppData\Roaming\Specialbit
    2012-10-13 12:31 . 2012-10-13 12:31 ——– d—–w- c:\users\Ruurd\AppData\Local\Electronic Arts
    2012-10-13 11:04 . 2012-10-13 11:04 ——– d—–w- c:\users\Ruurd\AppData\Roaming\Frogwares
    2012-10-13 11:00 . 2012-10-13 11:00 ——– d—–w- c:\program files (x86)\NVIDIA Corporation
    2012-10-12 19:17 . 2012-10-12 19:45 ——– d—–w- c:\users\Ruurd\AppData\Local\Postbox
    2012-10-12 19:17 . 2012-10-12 19:17 ——– d—–w- c:\users\Ruurd\AppData\Roaming\Postbox
    2012-10-12 19:17 . 2012-10-13 11:21 ——– d—–w- c:\program files (x86)\Postbox
    2012-10-12 16:50 . 2012-10-12 16:50 ——– d—–w- c:\users\Ruurd\AppData\Roaming\KLS Soft
    2012-10-12 15:49 . 2012-10-12 18:15 ——– d—–w- c:\programdata\firebird
    2012-10-12 15:34 . 2012-10-12 15:34 ——– d—–w- c:\users\Ruurd\AppData\Roaming\Thunderbird
    2012-10-11 14:34 . 2005-11-23 18:55 385024 —-a-w- c:\windows\SysWow64\XPControls.ocx
    2012-10-11 14:34 . 2004-03-09 10:30 152848 —-a-w- c:\windows\SysWow64\COMDLG32.OCX
    2012-10-11 14:34 . 2004-03-09 10:30 132880 —-a-w- c:\windows\SysWow64\MSINET.OCX
    2012-10-11 14:34 . 2000-07-15 10:30 101888 —-a-w- c:\windows\SysWow64\VB6STKIT.DLL
    2012-10-11 14:33 . 2012-08-31 18:19 1659760 —-a-w- c:\windows\system32\drivers
    tfs.sys
    2012-10-11 14:33 . 2012-08-30 18:03 5559664 —-a-w- c:\windows\system32
    toskrnl.exe
    2012-10-11 14:33 . 2012-08-30 17:12 3968880 —-a-w- c:\windows\SysWow64
    tkrnlpa.exe
    2012-10-11 14:33 . 2012-08-30 17:12 3914096 —-a-w- c:\windows\SysWow64
    toskrnl.exe
    2012-10-09 17:20 . 2012-10-09 17:20 ——– d—–w- c:\users\Ruurd\AppData\Roaming\Sirrix AG
    2012-10-09 17:18 . 2012-10-09 17:18 ——– d—–w- c:\programdata\Sirrix AG
    2012-10-09 17:14 . 2011-12-21 11:15 219440 —-a-w- c:\windows\system32\drivers\VBoxDrv.sys
    2012-10-09 17:14 . 2011-12-21 11:15 44848 —-a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
    2012-10-06 09:46 . 2012-10-16 15:12 ——– d—–w- c:\windows\system32\drivers\NISx64\1309000.009
    2012-10-06 09:30 . 2012-08-21 21:01 245760 —-a-w- c:\windows\system32\OxpsConverter.exe
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-10-22 15:47 . 2012-02-14 17:27 16200 —-a-w- c:\windows\stinger.sys
    2012-10-14 08:30 . 2012-02-15 16:49 696760 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-10-14 08:30 . 2011-05-16 16:32 73656 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-10-11 14:37 . 2011-04-23 17:18 65309168 —-a-w- c:\windows\system32\MRT.exe
    2012-09-29 17:54 . 2011-09-26 17:04 25928 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-09-12 14:07 . 2012-09-12 14:07 58368 —-a-w- c:\windows\SysWow64\sirenacm.dll
    2012-08-22 18:12 . 2012-09-12 11:23 1913200 —-a-w- c:\windows\system32\drivers\tcpip.sys
    2012-08-22 18:12 . 2012-09-12 11:23 950128 —-a-w- c:\windows\system32\drivers
    dis.sys
    2012-08-22 18:12 . 2012-09-12 11:23 376688 —-a-w- c:\windows\system32\drivers
    etio.sys
    2012-08-22 18:12 . 2012-09-12 11:23 288624 —-a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
    2012-08-21 11:01 . 2012-09-14 15:34 33240 —-a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2012-08-21 11:01 . 2012-09-14 15:30 125872 —-a-w- c:\windows\system32\GEARAspi64.dll
    2012-08-21 11:01 . 2012-09-14 15:30 106928 —-a-w- c:\windows\SysWow64\GEARAspi.dll
    2012-08-20 19:06 . 2012-08-20 19:06 388096 —-a-r- c:\users\Ruurd\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-08-20 17:38 . 2012-10-11 14:32 44032 —-a-w- c:\windows\apppatch\acwow64.dll
    2012-08-15 16:40 . 2011-04-25 16:02 18960 —-a-w- c:\windows\system32\drivers\LNonPnP.sys
    2012-08-09 18:13 . 2012-08-09 18:13 175736 —-a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
    2012-08-02 17:58 . 2012-09-12 11:23 574464 —-a-w- c:\windows\system32\d3d10level9.dll
    2012-08-02 16:57 . 2012-09-12 11:23 490496 —-a-w- c:\windows\SysWow64\d3d10level9.dll
    2012-07-26 17:08 . 2012-07-26 17:08 862664 —-a-w- c:\windows\SysWow64\msvcr110.dll
    2012-07-26 17:08 . 2012-07-26 17:08 534480 —-a-w- c:\windows\SysWow64\msvcp110.dll
    2012-07-26 17:08 . 2012-07-26 17:08 251864 —-a-w- c:\windows\SysWow64\vccorlib110.dll
    2012-07-26 17:08 . 2012-07-26 17:08 153536 —-a-w- c:\windows\SysWow64\atl110.dll
    2012-07-26 17:08 . 2012-07-26 17:08 115656 —-a-w- c:\windows\SysWow64\vcomp110.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux1"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
    @=""
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
    "IAStorIcon"=c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
    "HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    .
    R1 ArcSec;archlp;c:\windows\system32\drivers\ArcSec.sys [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2010-10-22 14120]
    R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-05-05 202840]
    R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-05-05 1417304]
    R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-05-05 94808]
    R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-02-15 99384]
    R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
    R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
    R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
    R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-02-15 203320]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
    R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-23 1255736]
    R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
    R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-14 250808]
    R4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-04-23 79360]
    R4 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-04-02 96768]
    R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
    R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
    R4 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
    R4 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-05-29 1301088]
    R4 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-05-29 681056]
    R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
    R4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-10-08 2365792]
    R4 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2011-02-16 14464]
    R4 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-03-09 1066896]
    R4 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-03-09 491920]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2012-08-10 56336]
    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS [2011-08-15 451192]
    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS [2012-05-22 1129120]
    S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [2012-08-31 1385120]
    S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys [2012-06-07 167072]
    S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-04-11 31432]
    S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20121023.002\IDSvia64.sys [2012-10-05 513184]
    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS [2012-04-18 190072]
    S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS [2012-04-18 405624]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-23 171600]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]
    S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]
    S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe [2012-06-16 138272]
    S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\REALTEK\Wireless LAN Utility\RtlService.exe [2010-04-16 36864]
    S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
    S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-03-09 288768]
    S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-05-05 202840]
    S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-05-05 1417304]
    S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-05-05 94808]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]
    S3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys [2010-10-22 714368]
    S3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640]
    S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232]
    S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]
    S3 LVUVC64;Logitech QuickCam Fusion(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]
    S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [2010-01-07 448512]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2011-09-14 398112]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - WS2IFSL
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-10-14 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-15 08:30]
    .
    2012-09-15 c:\windows\Tasks\GlaryInitialize.job
    - c:\program files (x86)\Glary Utilities\initialize.exe [2012-05-09 21:13]
    .
    2012-06-09 c:\windows\Tasks\GlaryUpdate.job
    - c:\program files (x86)\Glary Utilities\webupdate.exe [2012-05-09 21:16]
    .
    .
    ——— X64 Entries ———–
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = https://startpage.com/do/mypage.pl?prf=b632e9ac9ee9ab4ba4801a3d128aadfd
    uInternet Settings,ProxyOverride = fritz.box;*.local
    TCP: DhcpNameServer = 192.168.178.1
    .
    .
    ——- Bestandsassociaties ——-
    .
    JSEFile=NOTEPAD.EXE %1
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    AddRemove-{4567EA14-6BCA-3EF9-859B-92CE48B1D704}.KB2478663 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe
    AddRemove-{4567EA14-6BCA-3EF9-859B-92CE48B1D704}.KB2518870 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe
    AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
    AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2487367 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
    AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
    AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
    AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
    "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.0.9\diMaster.dll\" /prefetch:1"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
    @Denied: (2) (LocalSystem)
    "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
    7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
    "{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
    64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
    "{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
    69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
    "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
    94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
    "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
    df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
    "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
    fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
    "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
    b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
    @Denied: (2) (LocalSystem)
    "Timestamp"=hex:a3,64,9e,30,2f,6b,cc,01
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\avmwlanstick\WlanNetService.exe
    c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
    c:\program files (x86)\REALTEK\Wireless LAN Utility\RtWlan.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2012-10-24 18:07:12 - machine werd herstart
    ComboFix-quarantined-files.txt 2012-10-24 16:07
    .
    Pre-Run: 237.287.014.400 bytes beschikbaar
    Post-Run: 236.906.950.656 bytes beschikbaar
    .
    - - End Of File - - 3636D12676EBC0C9E1063F3114B51F0F





  • Download [b:a36158b5d8]RogueKiller[/b:a36158b5d8] naar je bureaublad.
    Sluit alle overige programma's.
    Start het programma.
    [b:a36158b5d8]
  • Hallo,

    Helaas lukt het mij niet Roguekiller te downloaden. Norton geeft direct aan dat het programma niet safe is. Ik heb geprobeerd dit te omzeilen maar als ik het programma opstart, komt Norton weer in beeld en verwijdert het.
    Weet je misschien een andere oplossing?

    Groet en dank
    Ruurd
  • Na heel veel gepruts het prog tóch langs Norton gekregen en laten draaien. Ik bleef maar een melding krijgen dat het niet veilig was. Ik
    ben maar even afgegaan op de deskundigheid van de mensen hier.

    Hier de inhoud van het log:

    RogueKiller V8.2.0 [10/22/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website: http://tigzy.geekstogo.com
    oguekiller.php
    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Ruurd [Admin rights]
    Mode : Scan – Date : 10/25/2012 19:02:20

    &curren;&curren;&curren; Bad processes : 0 &curren;&curren;&curren;

    &curren;&curren;&curren; Registry Entries : 14 &curren;&curren;&curren;
    [TASK][SUSP PATH] {32E36785-EF10-43BC-A59E-F9287BD5380F} : C:\Windows\system32\pcalua.exe -a "C:\Users\Ruurd\Desktop\Art of Murder The Secret Files NL (basp)\MystSetupVideo.exe" -d "C:\Users\Ruurd\Desktop\Art of Murder The Secret Files NL (basp)" -> FOUND
    [TASK][SUSP PATH] {F2D1198D-8681-4832-B406-0990B5AFDF15} : C:\Windows\system32\pcalua.exe -a C:\Users\Ruurd\Desktop\backup\mp610swin64101ea24.exe -d C:\Users\Ruurd\Desktop\backup -> FOUND
    [HJPOL] HKLM\[…]\System : DisableRegistryTools (0) -> FOUND
    [HJ] HKLM\[…]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
    [HJPOL] HKLM\[…]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
    [HJ] HKLM\[…]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
    [HJ] HKLM\[…]\System : EnableLUA (0) -> FOUND
    [HJ] HKLM\[…]\Wow6432Node\System : EnableLUA (0) -> FOUND
    [HJ SMENU] HKCU\[…]\Advanced : Start_ShowVideos (0) -> FOUND
    [HJ DESK] HKCU\[…]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK] HKCU\[…]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
    [HJ DESK] HKCU\[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
    [HJ DESK] HKLM\[…]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK] HKLM\[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    &curren;&curren;&curren; Particular Files / Folders: &curren;&curren;&curren;

    &curren;&curren;&curren; Driver : [NOT LOADED] &curren;&curren;&curren;

    &curren;&curren;&curren; HOSTS File: &curren;&curren;&curren;
    –> C:\Windows\system32\drivers\etc\hosts

    127.0.0.1 localhost


    &curren;&curren;&curren; MBR Check: &curren;&curren;&curren;

    +++++ PhysicalDrive0: Volume0 +++++
    — User —
    [MBR] d17be1e12a2e477a5566b298b57d3c88
    [BSP] 3987b2db95c3072c72c6bc3375c1bd2a : Windows 7 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 276634 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 566548480 | Size: 150000 Mo
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 873748480 | Size: 52104 Mo
    User = LL1 … OK!
    Error reading LL2 MBR!

    Finished : << RKreport[1].txt >>
    RKreport[1].txt
  • Heb jij via een registerhack de UAC - gebruikersaccountbeheer uitgeschakeld?
  • Niet via een 'registerhack'. Die heb ik zelf bij installatie van Windows 7
    zelf uitgezet. Ik werd n.l. helemaal gek van al die popups die om toestemming vroegen.
  • Als je die UAC op de middenstand hebt staan, zal je zelden toestemming moeten geven en wat is daar verkeerd aan?

    Want nu door het uitschakelen van de UAC is Windows net iets veiliger dan het inmiddels antieke Windows XP, met ingeschakelde UAC: 16 x veiliger!
  • Ok, ik zal daar naar kijken. Maar even terug naar de laatste log van Roguekiller. Is alles in orde nu?

    Groet
    Ruurd
  • [b:ede50b70d4]Doe de ESET online scan (Klik).[/b:ede50b70d4]
    [list:ede50b70d4]
    [*:ede50b70d4]Klik op de knop [b:ede50b70d4]ESET Online Scanner[/b:ede50b70d4]
    [*:ede50b70d4]Zet een vinkje bij [b:ede50b70d4]YES, I accept the Terms of Use[/b:ede50b70d4]
    [*:ede50b70d4]Klik op [b:ede50b70d4]Start[/b:ede50b70d4]
    [*:ede50b70d4]Sta het ActiveX control toe om te installeren.
    [*:ede50b70d4]Zet een vinkje bij de volgende opties:
    [list:ede50b70d4][*:ede50b70d4][b:ede50b70d4]Remove found threats[/b:ede50b70d4]
    [*:ede50b70d4][b:ede50b70d4]Scan archives[/b:ede50b70d4][/list:u:ede50b70d4]
    [*:ede50b70d4]Klik vervolgens op [b:ede50b70d4]
  • Hallo,

    Ook hier weer een irritant probleem. Eerst kon ik de scan opstarten maar kreeg de melding dat een proxy de updates tegen zou houden. Ik werk dus niet met een proxy! CCleaner gedraaid de pc opnieuw opgestart en weer terug naar de site. Als ik nu klik op 'akkoord' dan gaat het vinkje automatisch weer weg en gebeurt er niets.

    Is er een mooi alternatief voor Eset?
    Groet
    Ruurd
  • Doe nu eerst maar het volgende:

    download MiniToolBox en plaats dit tool op jouw bureaublad.

    [b:8767f15659]"Farbar MiniToolBox" gebruiken[/b:8767f15659]:
    [list:8767f15659][*:8767f15659] [b:8767f15659]
  • Na heel veel proberen is het toch gelukt. Een scan van iets meer dan een uur. Eset heeft niets gevonden. Ik kreeg geen log!

    Groet
    Ruurd
  • Oké, ook de Mini Toolbox gedaan. Met het volgende log als resultaat:

    MiniToolBox by Farbar Version: 23-07-2012
    Ran by Ruurd (administrator) on 26-10-2012 at 18:36:42
    Microsoft Windows 7 Home Premium Service Pack 1 (X64)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP-configuratie

    De DNS-omzettingscache is leeggemaakt.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset IE Proxy Settings": IE Proxy Settings were reset.

    ========================= FF Proxy Settings: ==============================


    "Reset FF Proxy Settings": Firefox Proxy settings were reset.

    ========================= Hosts content: =================================

    127.0.0.1 localhost

    ========================= IP Configuration: ================================

    FRITZ!WLAN USB Stick N = Draadloze netwerkverbinding 2 (Connected)
    Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller = LAN-verbinding (Media disconnected)
    Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = LAN-verbinding 2 (Media disconnected)
    Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter = Draadloze netwerkverbinding (Media disconnected)


    # ———————————-
    # IPv4-configuratie
    # ———————————-
    pushd interface ipv4

    reset
    set global
    set interface interface="LAN-verbinding" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
    set interface interface="LAN-verbinding 2" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
    set interface interface="Draadloze netwerkverbinding" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
    set interface interface="Draadloze netwerkverbinding 2" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


    popd
    # Einde van IPv4-configuratie



    Windows IP-configuratie

    Hostnaam . . . . . . . . . . . . : Ruurd-PC
    Primair DNS-achtervoegsel . . . . :
    Knooppunttype . . . . . . . . . . : hybride
    IP-routering ingeschakeld . . . . : nee
    WINS-proxy ingeschakeld . . . . . : nee
    DNS-achtervoegselzoeklijst. . . . : fritz.box

    Draadloos LAN-adapter voor Draadloze netwerkverbinding 2:

    Verbindingsspec. DNS-achtervoegsel: fritz.box
    Beschrijving. . . . . . . . . . . : FRITZ!WLAN USB Stick N
    Fysiek adres. . . . . . . . . . . : BC-05-43-06-8E-69
    DHCP ingeschakeld . . . . . . . . : ja
    Autom. configuratie ingeschakeld : ja
    IPv6-adres. . . . . . . . . . . . : 2001:980:63a0:1:2014:e7f3:bea7:b431(voorkeur)
    Tijdelijk IPv6-adres. . . . . . . : 2001:980:63a0:1:7df7:e130:96b2:31ff(voorkeur)
    Link-local IPv6-adres . . . . . . : fe80::2014:e7f3:bea7:b431%15(voorkeur)
    IPv4-adres. . . . . . . . . . . . : 192.168.178.25(voorkeur)
    Subnetmasker. . . . . . . . . . . : 255.255.255.0
    Lease verkregen . . . . . . . . . : vrijdag 26 oktober 2012 17:22:07
    Lease verlopen. . . . . . . . . . : maandag 5 november 2012 17:22:07
    Standaardgateway. . . . . . . . . : fe80::be05:43ff:fef2:8ba0%15
    192.168.178.1
    DHCP-server . . . . . . . . . . . : 192.168.178.1
    DHCPv6 IAID . . . . . . . . . . . : 498861379
    DHCPv6-client DUID. . . . . . . . : 00-01-00-01-15-44-AC-5A-00-18-F3-D0-04-36
    DNS-servers . . . . . . . . . . . : fd00::be05:43ff:fef2:8ba0
    192.168.178.1
    NetBIOS via TCPIP . . . . . . . . : ingeschakeld

    Draadloos LAN-adapter voor Draadloze netwerkverbinding:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
    Fysiek adres. . . . . . . . . . . : 00-15-AF-0B-8F-1D
    DHCP ingeschakeld . . . . . . . . : ja
    Autom. configuratie ingeschakeld : ja

    Ethernet-adapter voor LAN-verbinding 2:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
    Fysiek adres. . . . . . . . . . . : 00-18-F3-D0-0A-7C
    DHCP ingeschakeld . . . . . . . . : ja
    Autom. configuratie ingeschakeld : ja

    Ethernet-adapter voor LAN-verbinding:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller
    Fysiek adres. . . . . . . . . . . : 00-18-F3-D0-04-36
    DHCP ingeschakeld . . . . . . . . : ja
    Autom. configuratie ingeschakeld : ja

    Tunnel-adapter voor isatap.fritz.box:

    Mediumstatus. . . . . . . . . . . : medium ontkoppeld
    Verbindingsspec. DNS-achtervoegsel: fritz.box
    Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter #2
    Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP ingeschakeld . . . . . . . . : nee
    Autom. configuratie ingeschakeld : ja

    Tunnel-adapter voor Teredo Tunneling Pseudo-Interface:

    Verbindingsspec. DNS-achtervoegsel:
    Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP ingeschakeld . . . . . . . . : nee
    Autom. configuratie ingeschakeld : ja
    IPv6-adres. . . . . . . . . . . . : 2001:0:5ef5:79fb:18d6:1d27:3f57:4de6(voorkeur)
    Link-local IPv6-adres . . . . . . : fe80::18d6:1d27:3f57:4de6%13(voorkeur)
    Standaardgateway. . . . . . . . . :
    NetBIOS via TCPIP . . . . . . . . : uitgeschakeld
    Server: fritz.box
    Address: fd00::be05:43ff:fef2:8ba0

    Naam: google.com
    Addresses: 2a00:1450:400c:c03::66
    74.125.132.138
    74.125.132.100
    74.125.132.101
    74.125.132.139
    74.125.132.102
    74.125.132.113


    Pingen naar google.com [2a00:1450:400c:c03::66] met 32 bytes aan gegevens:
    Antwoord van 2a00:1450:400c:c03::66: tijd=23 ms
    Antwoord van 2a00:1450:400c:c03::66: tijd=23 ms

    Ping-statistieken voor 2a00:1450:400c:c03::66:
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
    (0% verlies).

    De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
    Minimum = 23ms, Maximum = 23ms, Gemiddelde = 23ms
    Server: fritz.box
    Address: fd00::be05:43ff:fef2:8ba0

    Naam: yahoo.com
    Addresses: 98.139.183.24
    72.30.38.140
    98.138.253.109


    Pingen naar yahoo.com [98.139.183.24] met 32 bytes aan gegevens:
    Antwoord van 98.139.183.24: bytes=32 tijd=655 ms TTL=50
    Antwoord van 98.139.183.24: bytes=32 tijd=559 ms TTL=50

    Ping-statistieken voor 98.139.183.24:
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
    (0% verlies).

    De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
    Minimum = 559ms, Maximum = 655ms, Gemiddelde = 607ms
    Server: fritz.box
    Address: fd00::be05:43ff:fef2:8ba0

    Naam: bleepingcomputer.com
    Address: 208.43.87.2


    Pingen naar bleepingcomputer.com [208.43.87.2] met 32 bytes aan gegevens:
    Antwoord van 208.43.87.2: De doelhost is niet bereikbaar.
    Antwoord van 208.43.87.2: De doelhost is niet bereikbaar.

    Ping-statistieken voor 208.43.87.2:
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
    (0% verlies).

    Pingen naar 127.0.0.1 met 32 bytes aan gegevens:
    Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128
    Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128

    Ping-statistieken voor 127.0.0.1:
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
    (0% verlies).

    De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
    Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms
    ===========================================================================
    Interfacelijst
    15…bc 05 43 06 8e 69 ……FRITZ!WLAN USB Stick N
    12…00 15 af 0b 8f 1d ……Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
    11…00 18 f3 d0 0a 7c ……Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
    10…00 18 f3 d0 04 36 ……Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller
    1………………………Software Loopback Interface 1
    17…00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
    13…00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    ===========================================================================

    IPv4 routetabel
    ===========================================================================
    Actieve routes:
    Netwerkadres Netmasker Gateway Interface Metric
    0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.25 25
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    192.168.178.0 255.255.255.0 On-link 192.168.178.25 281
    192.168.178.25 255.255.255.255 On-link 192.168.178.25 281
    192.168.178.255 255.255.255.255 On-link 192.168.178.25 281
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 192.168.178.25 281
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 192.168.178.25 281
    ===========================================================================
    Permanente routes:
    Geen

    IPv6 routetabel
    ===========================================================================
    Actieve routes:
    Indien metrische netwerkbestemming Gateway
    15 41 ::/0 fe80::be05:43ff:fef2:8ba0
    1 306 ::1/128 On-link
    13 58 2001::/32 On-link
    13 306 2001:0:5ef5:79fb:18d6:1d27:3f57:4de6/128
    On-link
    15 33 2001:980:63a0:1::/64 On-link
    15 281 2001:980:63a0:1:2014:e7f3:bea7:b431/128
    On-link
    15 281 2001:980:63a0:1:7df7:e130:96b2:31ff/128
    On-link
    15 281 fe80::/64 On-link
    13 306 fe80::/64 On-link
    13 306 fe80::18d6:1d27:3f57:4de6/128
    On-link
    15 281 fe80::2014:e7f3:bea7:b431/128
    On-link
    1 306 ff00::/8 On-link
    13 306 ff00::/8 On-link
    15 281 ff00::/8 On-link
    ===========================================================================
    Permanente routes:
    Geen
    ========================= Winsock entries =====================================

    Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
    Catalog5 02 C:\Windows\SysWOW64
    apinsp.dll [52224] (Microsoft Corporation)
    Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
    Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
    Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
    Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32
    apinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
    x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
    x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
    x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (10/23/2012 07:39:44 PM) (Source: Application Error) (User: )
    Description: Naam van toepassing met fout: TuneUpUtilitiesApp64.exe, versie: 12.0.3600.83, tijdstempel: 0x4fc4eaf5
    Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
    Uitzonderingscode: 0xc0000005
    Foutoffset: 0x0000000001d8f180

  • Verwijder TuneUp Utilities maar.
    Genoeg Windows computers die door dat tool in de problemen zijn gekomen.
    Het gratis Glary Utilities is een fijn alternatief!

    Krijg je overigens als je weer naar Eset gaat nog die verbindingsproblemen?
  • Dank, dank. Nee, het lukt nu wel verbinding te krijgen bij Eset. Alles is nu dus in orde. Ik heb Glary Utities ook nog op mijn pc staan. Was ik vergeten. Ik zal TuneUp er af halen.

    Een goed weekend verder en groet
    Ruurd

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.