waterman36

ola heren,sorry voor mijn zeer late reactie,heb alles uitgevoerd en de computer is zeker een stuk sneller nu,me vriendin wil het hier graag bij laten en bedankt jullie ervoor haar geholpen te hebben... nogmaals mijn dank heren (Y) voor julle tijd

Zoek.exe Version 4.0.0.1 Updated 18-02-2013 Tool run by Wielma-V8 on vr 22-02-2013 at 20:16:01,21. Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected ==== Installed Programs ====================== Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.5) - Nederlands Adobe Shockwave Player 11.6 CCleaner D3DX10 Defraggler Google Chrome Google Update Helper HiJackThis Intel® Graphics Media Accelerator Driver Java 7 Update 7 Java Auto Updater Java 6 Update 35 JavaFX 2.1.0 king.com (remove only) LG United Mobile Driver Malwarebytes Anti-Malware versie 1.70.0.1100 Messenger Plus 6 Microsoft .NET Framework 4 Client Profile Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MSVCRT Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Spybot - Search & Destroy swMSM Synaptics Pointing Device Driver Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Windows 7 Codec Pack 3.2.0 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Messenger Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Media Player Firefox Plugin WinRAR 4.20 (32-bit) ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\Dwm.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Yuna Software\Messenger Plus\PlusService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\taskeng.exe C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\wuauclt.exe C:\Windows\System32\WUDFHost.exe C:\Windows\Explorer.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Users\Wielma-V8\Downloads\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handle within DNS itself. 127.0.0.1 localhost ::1 localhost ==== FireFox Fix ====================== Deleted from C:\Users\Wielma-V8\AppData\Roaming\Mozilla\Firefox\Profiles\3bm88kgh.default\prefs.js: Added to C:\Users\Wielma-V8\AppData\Roaming\Mozilla\Firefox\Profiles\3bm88kgh.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\Wielma-V8\AppData\Roaming\Mozilla\Firefox\Profiles\8yaerblh.default\prefs.js: Added to C:\Users\Wielma-V8\AppData\Roaming\Mozilla\Firefox\Profiles\8yaerblh.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== System Specs ====================== Windows: Windows 7 Home Basic Edition Service Pack 1 (Build 7601) Internet Explorer: 9.0.8112.16421 Memory (RAM): 1016 MB CPU Info: Intel® Celeron® CPU 560 @ 2.13GHz CPU Speed: 308,8 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: Mobile Intel® 965 Express Chipset Family | Mobile Intel® 965 Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Broadcom 802.11g Network Adapter | Marvell Yukon 88E8042 PCI-E Fast Ethernet Controller CD / DVD Drives: 1x (D: | ) D: hp CDDVDW TS-L633M Ports: COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 149,0GB Hard Disks - Free: C: 119,9GB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 08/14/09 | HPQOEM - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 308A Sun Java version: 1.7.0_07 Country: Nederland Language: NLD ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-02-22 18:07:49 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-02-22 18:07:49 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe 2013-02-22 18:07:48 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-02-22 18:07:48 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-02-22 18:07:48 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe ====== C:\Users\WIELMA~1\AppData\Local\Temp ==== ====== C:\Windows\system32 ===== 2013-02-21 11:59:03 E7D91D008FE76423962B91C43C88E4EB 655872 ----a-w- C:\Windows\System32\msvcr90.dll 2013-02-21 11:59:03 6DE5C66E434A9C1729575763D891C6C2 568832 ----a-w- C:\Windows\System32\msvcp90.dll 2013-02-21 11:59:03 67EC459E42D3081DD8FD34356F7CAFC1 770384 ----a-w- C:\Windows\System32\msvcr100.dll 2013-02-21 11:59:03 4A8BC195ABDC93F0DB5DAB7F5093C52F 224768 ----a-w- C:\Windows\System32\msvcm90.dll 2013-02-21 11:59:03 07BCCDCC337D393D7DB0B2F8FE200B3F 4342088 ----a-w- C:\Windows\System32\mfc100.dll 2013-02-21 11:59:03 03E9314004F504A14A61C3D364B62F66 421200 ----a-w- C:\Windows\System32\msvcp100.dll 2013-02-21 11:58:55 FB6B6F5B04095E9E4A75A25F6B5B20DB 2411 ----a-w- C:\Windows\System32\lgAxconfig.ini 2013-02-21 11:58:55 CF34EEC288A4C53E71602D5E0D65EF89 82432 ----a-w- C:\Windows\System32\msxml4r.dll 2013-02-21 11:58:55 BA674E08FD014AA1289BF2AEEA4962A6 44544 ----a-w- C:\Windows\System32\msxml4a.dll 2013-02-21 11:58:55 44E45BD9327ABC0540593E809B32F3CA 1233920 ----a-w- C:\Windows\System32\msxml4.dll 2013-02-21 11:58:55 2FCEAD2D1E295834D9B0FAF8D0AB5439 53248 ----a-w- C:\Windows\System32\CommonDL.dll 2013-02-13 21:43:06 EED68558AAA106535E7290C9A8E0D5A3 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-13 21:43:06 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2013-02-13 21:43:05 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-13 21:43:05 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2013-02-13 21:43:04 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\System32\ieui.dll 2013-02-13 21:43:04 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-13 21:43:03 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2013-02-13 21:43:02 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-13 21:43:02 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\System32\wininet.dll 2013-02-13 21:43:02 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\System32\url.dll 2013-02-13 21:43:02 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\System32\jscript.dll 2013-02-13 21:43:01 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2013-02-13 21:43:00 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\System32\urlmon.dll 2013-02-13 21:42:59 470D8189D7FE9928FFFECBF55AAA3233 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-02-13 21:42:58 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\System32\mshtml.dll 2013-02-13 21:42:57 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\System32\ieframe.dll 2013-02-13 17:11:21 D45B118114C9B18814CE18F72A34E934 2347008 ----a-w- C:\Windows\System32\win32k.sys 2013-02-13 17:11:10 660100CB90F344040EF57F52FC0681C3 3967848 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2013-02-13 17:11:09 82FF919E9236B0137B5C7455B0E1418A 3913064 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-02-13 17:11:05 1F5F07091D50244F17DD8D5147A628CC 169984 ----a-w- C:\Windows\System32\winsrv.dll ====== C:\Windows\system32\drivers ===== 2013-02-21 12:01:39 B1B06A95DA2CAC7FA19832C60C348C85 25088 ----a-w- C:\Windows\System32\drivers\lgandmodem.sys 2013-02-21 12:01:38 8E0BF6F3B2C9C292BC7CE0DE727CDD56 20736 ----a-w- C:\Windows\System32\drivers\lganddiag.sys 2013-02-21 12:01:38 1D2C90E25483363D54B652898BBC8F2A 20096 ----a-w- C:\Windows\System32\drivers\lgandgps.sys 2013-02-21 12:01:37 3E59DF4984FBD6800D6621480B38A34E 14336 ----a-w- C:\Windows\System32\drivers\lgandbus.sys 2013-02-13 17:11:07 AAB149EE616952BB84308C28E75ED20D 187752 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-02-13 17:11:07 7C0507D2391AF5933600CBCED799F277 1293672 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-01-26 14:15:56 629CABB0421668C9D3D402A3C3D77E14 21104 ----a-w- C:\Windows\System32\drivers\mbam.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-02-21 12:01:24 -------- d-----w- C:\Program Files\LG Electronics 2013-02-21 12:01:22 -------- d--h--w- C:\Program Files\InstallShield Installation Information 2013-02-02 20:21:52 -------- d-----w- C:\Program Files\Defraggler 2013-01-25 14:30:39 -------- d-----w- C:\Program Files\Trend Micro ======= C: ===== 2013-01-27 09:31:33 DDC60CCC46C5DE2386A4961654B0218F 2963 ----a-w- C:\AdwCleaner[s1].txt ====== C:\Users\Wielma-V8\AppData\Roaming ====== 2013-02-22 18:23:09 -------- d-----w- C:\users\Public\AppData\Local\temp 2013-02-22 18:23:09 -------- d-----w- C:\users\Default\AppData\Local\temp 2013-02-22 18:23:09 -------- d-----w- C:\users\Default User\AppData\Local\temp 2013-02-21 11:57:46 -------- d-----w- C:\users\Wielma-V8\AppData\Local\ElevatedDiagnostics 2013-02-10 14:05:56 -------- d-----w- C:\users\Wielma-V8\AppData\Roaming\Unity 2013-02-10 13:55:55 -------- d-----w- C:\users\Wielma-V8\AppData\Local\Unity 2013-02-10 13:55:51 -------- d-----w- C:\users\Wielma-V8\AppData\Locallow\Unity ====== C:\Users\Wielma-V8 ====== 2013-02-22 18:23:09 -------- d-----w- C:\Users\Public\AppData 2013-02-21 11:58:50 -------- d-----w- C:\ProgramData\LGMOBILEAX ====== C: exe-files == 2013-02-21 12:05:21 3E5AE2172D9CBA0DCCCD15B6BD995738 11074048 ----a-w- C:\ProgramData\LGMOBILEAX\USB_Driver\LGE\LGUnitedMobileDriver_S4981MAN38AP22_ML_WHQL_Ver_3.8.1.exe 2013-02-21 12:01:36 27A19B1D154160402548189C84611958 41984 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\UninstallUSB64.exe 2013-02-21 12:01:36 157387BCD520DC835A838C3BBCBABBC2 28672 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\UninstallUSB9x.exe 2013-02-21 12:01:33 54E8BF03FC83E6362B03EC2F1D98CA2C 40960 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\UninstallShld9x.exe 2013-02-21 12:01:33 49C4263F07E948E425613607E0E7AFCC 29184 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\UninstallUSB.exe 2013-02-21 12:01:33 08961BF6D3992CCF9900184E7C446AB5 46592 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\UninstallShld64.exe 2013-02-21 12:01:32 52EB21E7AD8227EC1C41C26807A90137 32768 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\UninstallShld.exe 2013-02-21 12:01:31 018E80C2E1382E3BAEE520371B96CB9F 32768 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\InstallUSB9x.exe 2013-02-21 12:01:27 FB68ACC612314525B015A542617C888B 28672 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\InstallUSB64.exe 2013-02-21 12:01:26 E4352D850E2281C29BFEA49BC6BA5D4E 17920 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\InstallUSB.exe 2013-02-21 12:01:26 D054D347B62C382549E9620971CE0004 11776 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\ExeRemover.exe 2013-02-21 12:01:26 9EF83A7B1468D1D3AA5FE7E06B193541 11264 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\ExeInvoker.exe 2013-02-21 12:01:26 3BD28B5EBCCF6CED0564542356E8D39E 10752 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\ExeLauncher.exe 2013-02-21 12:01:23 753D1E74D8959CE3DA2CD4899A6E7A8F 802816 ----a-w- C:\Program Files\InstallShield Installation Information\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}\setup.exe 2013-02-21 12:00:32 FF5F18E3DD09C2ED8A2D496A2BF1D268 11003832 ----a-w- C:\LGP990\USB_Driver\LGUnitedMobileDriver_S4981MAN37AP22_ML_WHQL_Ver_3.7.2.exe 2013-02-21 11:58:55 2F9C24F179435EF26774553795A9282D 109688 ----a-w- C:\ProgramData\LGMOBILEAX\LGMLauncher.exe 2013-02-21 11:58:54 53CC2CD7F46D44F997D5B4ABFAD93083 40024 ----a-w- C:\ProgramData\LGMOBILEAX\B2C_Client\LGbackagent.exe 2013-02-21 11:58:54 3E2A7C89F1EBF5E7C110F6A514EE9893 806456 ----a-w- C:\ProgramData\LGMOBILEAX\B2C_Client\LGUserCSTool.exe 2013-02-21 11:58:53 AECA8205E06504C97E6B86BB43E560E4 404568 ----a-w- C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe 2013-02-21 11:58:53 9E386CC6C826C05B8F9618AE94607ABC 236640 ----a-w- C:\ProgramData\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe === C: other files == 2013-02-22 19:17:20 86E44F84A7903EA6E7734466322D4CB8 716 ----a-w- C:\Users\Wielma-V8\AppData\Local\Temp\test9.bat 2013-02-21 12:06:24 F1CACDA812F5E5B292C2A98BC7CAFBF5 203264 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\RmNet51\lgandRmNet64.sys 2013-02-21 12:06:24 94B0A2A26BDB58AAF3A5574818E3EA0F 134784 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\RmNet51\lgandRmNet.sys 2013-02-21 12:01:44 EFD1765905491B742C531FF6C38E9EC7 31744 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\64BitADB\amd64\lgandnetadb.sys 2013-02-21 12:01:44 9C1751B2E733471AE07561028B7D2A9B 31744 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\64BitADB\amd64\lgandadb.sys 2013-02-21 12:01:43 E165761DB99352DAE13EBD584A45688E 27136 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgx64gps.sys 2013-02-21 12:01:43 D8CDC12F5429878F23DDB3785A0FDF95 28160 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgx64diag.sys 2013-02-21 12:01:43 7AA8B780C65D4A3C0128ED0E264BF194 93184 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\NDIS62\lgandnetndis64.sys 2013-02-21 12:01:43 79FA7A22B0F6F0082F640CBC82A00FCE 34816 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgx64modem.sys 2013-02-21 12:01:43 71FCBB6EE77270E3F18064F5DCD89A98 73728 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\NDIS62\lgandnetndis.sys 2013-02-21 12:01:43 6C00FBD924EBC5C3A59662165BC2CEA5 1919968 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\64BitADB\amd64\WdfCoInstaller01005.dll 2013-02-21 12:01:42 D9DB955CC7D4266B9786F0F1BE05D91E 20096 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgusbgps.sys 2013-02-21 12:01:42 D5B5BAFB062B694E0E0C636716FCB639 23172 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgbus9x.sys 2013-02-21 12:01:42 D4D74D69533C9B502AB2EB320DE6035E 30948 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgusbsdm.sys 2013-02-21 12:01:42 C85B8247FADD432FA54FE11667C8D97D 17920 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgx64bus.sys 2013-02-21 12:01:42 AF9388E736AF0C325067F05EDC350010 13056 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgusbbus.sys 2013-02-21 12:01:42 AE30EA96E60E823C7B525DA356283AE8 20864 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgusbdiag.sys 2013-02-21 12:01:42 46AC66DF3D6EFE81F69BEA823A53AAB5 25216 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgusbmodem.sys 2013-02-21 12:01:42 18E483B05194EA7B9FDC91F0CC98116C 30948 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lggps9x.sys 2013-02-21 12:01:42 0882B15D03FB0D1DE2843223E2719796 32088 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgusbmdm.sys 2013-02-21 12:01:41 FFE9AF80F91C4F2BC589D7C096D1CA05 103936 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetndis64.sys 2013-02-21 12:01:41 E6E2E8F5742A38AA0DD12731C6D103EB 70400 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetndis.sys 2013-02-21 12:01:40 FACAF3BC408488201D545BB6F828774E 36864 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetmodem264.sys 2013-02-21 12:01:40 B9D08320CB4B5C3193BEF086FEF92552 25856 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetadb.sys 2013-02-21 12:01:40 8660C7BFE2CBA7E0B3F5D9ECD05D780E 29184 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetdiag64.sys 2013-02-21 12:01:40 7E36C0B746D14F7A86EB037603CADCF2 28032 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetmodem2.sys 2013-02-21 12:01:40 774AB46A8E737887990B6EDA64442804 23040 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetdiag2.sys 2013-02-21 12:01:40 680DEB3075D4F9FFF02A2754A3A3B6FB 29184 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetdiag264.sys 2013-02-21 12:01:40 620F9CDFC8987FE26F6E0DC37D645B45 36352 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetmodem64.sys 2013-02-21 12:01:40 39E58CE46F87D039994F20B4295887CC 23040 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetdiag.sys 2013-02-21 12:01:40 2D9231585B67DC7432D135F1EA305655 27776 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetmodem.sys 2013-02-21 12:01:40 2C619C0ECA7BC732EDF43038C139868B 22272 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetgps.sys 2013-02-21 12:01:40 0B504998CC8EB4833BDA61DC3FF984A7 28160 ------w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandnetgps64.sys 2013-02-21 12:01:39 E2B5663E547FA5E756B253EFA8EC8286 34304 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandmodem64.sys 2013-02-21 12:01:39 B1B06A95DA2CAC7FA19832C60C348C85 25088 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandmodem.sys 2013-02-21 12:01:38 CEA9A4CD6B3A83428CE8501240833668 27136 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandgps64.sys 2013-02-21 12:01:38 8E0BF6F3B2C9C292BC7CE0DE727CDD56 20736 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lganddiag.sys 2013-02-21 12:01:38 1D2C90E25483363D54B652898BBC8F2A 20096 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandgps.sys 2013-02-21 12:01:38 08CBACC00D15DCDBBAAE1A7C8F231C61 27648 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lganddiag64.sys 2013-02-21 12:01:37 54A40A58FF71936026F2E49ECFD487B8 25728 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandadb.sys 2013-02-21 12:01:37 48CD7E6520D47D62EAB0E6CE3EC30C65 19456 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandbus64.sys 2013-02-21 12:01:37 3E59DF4984FBD6800D6621480B38A34E 14336 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\lgandbus.sys 2013-02-21 12:01:36 F9CF2DB8B99DC50EAB538C4D860AC1A4 1419232 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\WdfCoInstaller01005.dll 2013-02-21 12:01:25 D548502C71BCA19D1E0B6657BC80FBA4 41520 ----a-w- C:\Program Files\LG Electronics\LG United Mobile Driver\CCPORT.SYS 2013-02-21 12:01:23 1BF0FC52D41BE3F3C1025B3971BC49A0 577024 ------w- C:\Program Files\InstallShield Installation Information\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}\ISSetup.dll 2013-02-21 11:59:26 67EC459E42D3081DD8FD34356F7CAFC1 770384 ----a-w- C:\ProgramData\LGMOBILEAX\B2C_Client\msvcr100.dll 2013-02-21 11:59:26 07BCCDCC337D393D7DB0B2F8FE200B3F 4342088 ----a-w- C:\ProgramData\LGMOBILEAX\B2C_Client\mfc100.dll 2013-02-21 11:59:26 03E9314004F504A14A61C3D364B62F66 421200 ----a-w- C:\ProgramData\LGMOBILEAX\B2C_Client\msvcp100.dll 2013-02-21 11:58:54 CBD9CEB2202E935EDA56D966E7CAA450 131072 ----a-w- C:\ProgramData\LGMOBILEAX\B2C_Client\LGMobileDL.dll 2013-02-21 11:58:54 99CCD6B6F0FB65EC7492BF375220C88B 24576 ----a-w- C:\ProgramData\LGMOBILEAX\B2C_Client\LGMobileDLRapi.dll 2013-02-21 11:58:54 06B190D021C8F19390DC7DA770C1E75D 643072 ----a-w- C:\ProgramData\LGMOBILEAX\B2C_Client\LGMUpgradeDL.dll ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1352697264-3736273443-3975901195-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spybot-S&D Cleaning"="C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe /autoclean" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "PlusService"="C:\Program Files\Yuna Software\Messenger Plus\PlusService.exe" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "SDTray"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spybot-S&D Cleaning"="C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe /autoclean" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08-02-2013 18:24] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26-11-2012 16:19] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26-11-2012 16:19] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Wielma-V8\AppData\Roaming\Mozilla\Firefox\Profiles\8yaerblh.default - Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - LavaFox V2-Blue - %ProfilePath%\extensions\djziggy@gmail.com AppDir: C:\Program Files\Mozilla Firefox - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} ==== Firefox Plugins ====================== Profilepath: C:\Users\Wielma-V8\AppData\Roaming\Mozilla\Firefox\Profiles\3bm88kgh.default 8C1CAFEBED8CA61926158CEE71F8A750 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director Profilepath: C:\Users\Wielma-V8\AppData\Roaming\Mozilla\Firefox\Profiles\8yaerblh.default 6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director 479CB5CBEA7F1CA44B54E7823F78314C - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U7 96C406EC877EB23BB753E59B776C6BC7 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.10 69505F9C479C4FF95621C3E1A7B6E5CE - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 8C1CAFEBED8CA61926158CEE71F8A750 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - Silverlight Plug-In B6EEED4BD48A2C6CA543E6D29F518822 - C:\Program Files\Mozilla Firefox\plugins\npmidas.dll - king.com - Game controller for firefox D1CC5365F151777DF447242E476796BA - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System BF2AD333C79072EEBE5AE0D72670E64E - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== Google Drive - Wielma-V8 - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Wielma-V8 - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Wielma-V8 - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Love Smoke - Wielma-V8 - Default\Extensions\jgibfhhccaknggplelmbaepoikkcnllb Gmail - Wielma-V8 - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\users\Wielma-V8\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Wielma-V8\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.chat-united.nl/controls/msnchat45.cab O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe ==== Empty IE Cache ====================== C:\Users\Wielma-V8\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wielma-V8\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\users\Wielma-V8\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\WIELMA~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Wielma-V8\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

nou ben der weer en we gaan weer verder ,alle stasppen weer uitgevoerd,hier de log van combofix ComboFix 13-02-22.01 - Wielma-V8 22-02-2013 19:10:27.1.1 - x86 Microsoft Windows 7 Home Basic 6.1.7601.1.1252.31.1043.18.1015.360 [GMT 1:00] Gestart vanuit: c:\users\Wielma-V8\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2013-01-22 to 2013-02-22 )))))))))))))))))))))))))))))) . . 2013-02-22 18:20 . 2013-02-22 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-02-22 17:57 . 2013-02-22 17:57 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7DD07F4B-C3C8-4382-B358-B742F77A374B}\MpKsl5f7f30a2.sys 2013-02-21 19:46 . 2013-02-08 00:45 6954968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7DD07F4B-C3C8-4382-B358-B742F77A374B}\mpengine.dll 2013-02-21 12:01 . 2012-03-02 15:02 25088 ----a-w- c:\windows\system32\drivers\lgandmodem.sys 2013-02-21 12:01 . 2012-03-02 15:02 20736 ----a-w- c:\windows\system32\drivers\lganddiag.sys 2013-02-21 12:01 . 2012-03-02 15:02 20096 ----a-w- c:\windows\system32\drivers\lgandgps.sys 2013-02-21 12:01 . 2012-03-02 15:02 14336 ----a-w- c:\windows\system32\drivers\lgandbus.sys 2013-02-21 12:01 . 2013-02-21 12:01 -------- d-----w- c:\program files\LG Electronics 2013-02-21 12:01 . 2013-02-21 12:01 -------- d--h--w- c:\program files\InstallShield Installation Information 2013-02-21 12:00 . 2013-02-21 12:00 -------- d-----w- C:\LGP990 2013-02-21 11:59 . 2011-05-10 12:37 655872 ----a-w- c:\windows\system32\msvcr90.dll 2013-02-21 11:59 . 2011-05-10 12:37 568832 ----a-w- c:\windows\system32\msvcp90.dll 2013-02-21 11:59 . 2011-05-10 12:37 224768 ----a-w- c:\windows\system32\msvcm90.dll 2013-02-21 11:59 . 2010-03-17 23:15 770384 ----a-w- c:\windows\system32\msvcr100.dll 2013-02-21 11:59 . 2010-03-17 23:15 4342088 ----a-w- c:\windows\system32\mfc100.dll 2013-02-21 11:59 . 2010-03-17 23:15 421200 ----a-w- c:\windows\system32\msvcp100.dll 2013-02-21 11:58 . 2006-05-04 07:33 53248 ----a-w- c:\windows\system32\CommonDL.dll 2013-02-21 11:58 . 2005-11-24 01:34 82432 ----a-w- c:\windows\system32\msxml4r.dll 2013-02-21 11:58 . 2005-10-04 00:39 44544 ----a-w- c:\windows\system32\msxml4a.dll 2013-02-21 11:58 . 2005-09-11 13:51 1233920 ----a-w- c:\windows\system32\msxml4.dll 2013-02-21 11:58 . 2013-02-21 12:05 -------- d-----w- c:\programdata\LGMOBILEAX 2013-02-21 11:57 . 2013-02-21 11:57 -------- d-----w- c:\users\Wielma-V8\AppData\Local\ElevatedDiagnostics 2013-02-20 06:46 . 2013-02-08 00:45 6954968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-02-19 15:19 . 2009-06-22 17:58 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL 2013-02-13 21:42 . 2013-01-08 22:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-02-13 21:42 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 17:11 . 2013-01-04 03:00 2347008 ----a-w- c:\windows\system32\win32k.sys 2013-02-13 17:11 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-02-13 17:11 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-13 17:11 . 2013-01-03 05:05 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-13 17:11 . 2013-01-03 05:04 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-02-13 17:11 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll 2013-02-10 14:05 . 2013-02-10 14:05 -------- d-----w- c:\users\Wielma-V8\AppData\Roaming\Unity 2013-02-10 13:55 . 2013-02-10 13:55 -------- d-----w- c:\users\Wielma-V8\AppData\Local\Unity 2013-02-02 20:21 . 2013-02-02 20:22 -------- d-----w- c:\program files\Defraggler 2013-02-02 19:53 . 2013-02-02 19:53 -------- d-----w- c:\program files\CCleaner 2013-01-26 14:16 . 2013-01-26 14:16 -------- d-----w- c:\users\Wielma-V8\AppData\Roaming\Malwarebytes 2013-01-26 14:16 . 2013-01-26 14:16 -------- d-----w- c:\programdata\Malwarebytes 2013-01-26 14:15 . 2013-01-26 14:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-01-26 14:15 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-01-25 14:30 . 2013-01-25 14:30 388096 ----a-r- c:\users\Wielma-V8\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-01-25 14:30 . 2013-01-25 14:30 -------- d-----w- c:\program files\Trend Micro . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-08 17:24 . 2012-04-04 16:49 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-02-08 17:24 . 2011-06-15 08:29 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-01-30 10:53 . 2011-06-15 07:54 232336 ------w- c:\windows\system32\MpSigStub.exe 2013-01-20 14:59 . 2013-01-20 14:59 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2013-01-20 14:59 . 2011-04-27 14:25 100328 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-12-29 13:21 . 2011-06-15 18:37 32608 ----a-w- c:\windows\king-uninstall.exe 2012-12-16 14:13 . 2012-12-21 15:16 295424 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-21 15:16 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-07 12:26 . 2013-01-09 07:05 308736 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 12:20 . 2013-01-09 07:05 2576384 ----a-w- c:\windows\system32\gameux.dll 2012-12-07 10:46 . 2013-01-09 07:05 43520 ----a-w- c:\windows\system32\csrr.rs 2012-12-07 10:46 . 2013-01-09 07:05 30720 ----a-w- c:\windows\system32\usk.rs 2012-12-07 10:46 . 2013-01-09 07:05 45568 ----a-w- c:\windows\system32\oflc-nz.rs 2012-12-07 10:46 . 2013-01-09 07:05 44544 ----a-w- c:\windows\system32\pegibbfc.rs 2012-12-07 10:46 . 2013-01-09 07:05 20480 ----a-w- c:\windows\system32\pegi-pt.rs 2012-12-07 10:46 . 2013-01-09 07:05 23552 ----a-w- c:\windows\system32\oflc.rs 2012-12-07 10:46 . 2013-01-09 07:05 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2012-12-07 10:46 . 2013-01-09 07:05 46592 ----a-w- c:\windows\system32\fpb.rs 2012-12-07 10:46 . 2013-01-09 07:05 20480 ----a-w- c:\windows\system32\pegi.rs 2012-12-07 10:46 . 2013-01-09 07:05 21504 ----a-w- c:\windows\system32\grb.rs 2012-12-07 10:46 . 2013-01-09 07:05 40960 ----a-w- c:\windows\system32\cob-au.rs 2012-12-07 10:46 . 2013-01-09 07:05 15360 ----a-w- c:\windows\system32\djctq.rs 2012-12-07 10:46 . 2013-01-09 07:05 55296 ----a-w- c:\windows\system32\cero.rs 2012-12-07 10:46 . 2013-01-09 07:05 51712 ----a-w- c:\windows\system32\esrb.rs 2012-11-30 04:47 . 2013-01-09 07:06 293376 ----a-w- c:\windows\system32\KernelBase.dll 2012-11-30 04:45 . 2013-01-09 07:06 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2012-11-30 02:55 . 2013-01-09 07:06 271360 ----a-w- c:\windows\system32\conhost.exe 2012-11-30 02:38 . 2013-01-09 07:06 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2012-11-30 02:38 . 2013-01-09 07:06 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-28 07:22 . 2012-11-28 07:23 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8772AF55-0191-420B-9254-87E696BAEA41}\gapaengine.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spybot-S&D Cleaning"="c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2012-09-24 802304] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152] "SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [x] R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [x] R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [x] R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [x] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [x] S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSL5F7F30A2 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc GPSvcGroup REG_MULTI_SZ GPSvc . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-02-02 19:49 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-02-22 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 17:24] . 2013-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-11-26 15:19] . 2013-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-11-26 15:19] . . ------- Bijkomende Scan ------- . uStart Page = https://www.google.nl/ mStart Page = about:blank TCP: DhcpNameServer = 62.179.104.196 213.46.228.196 DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-LSI Soft Modem - c:\windows\agrsmdel . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\SetId\Internal] @Denied: (A 2) (LocalSystem) "DATA2"="<settings accountStatus=\"3\" oldDevice=\"\" timeDiff=\"-3\" expireTime=\"1310717508\" productStatus=\"1\" obSize=\"0\" InstallIS=\"1289332796\" isSubsc=\"0\" authStat_is=\"0\" version=\"14.1\" keyType=\"195\" prodId=\"2\" moduleId1=\"8\" moduleId2=\"0\" relType=\"0\" />\0a" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-02-22 19:23:06 ComboFix-quarantined-files.txt 2013-02-22 18:23 . Pre-Run: 128.687.771.648 bytes beschikbaar Post-Run: 128.691.167.232 bytes beschikbaar . - - End Of File - - 6C8873C6BDD3C1A7CE63235049E28044

ola,....nou de combofix moet ik nog doen,maar das pas volgend weekend weer,kan dan weer met de comp werken we zijn ermee bezig

nou alles uyitgevoerd,computer reageerd iets beter maar nog niet echt naar behoren,heb wel ff een logje aangemaakt,zag het niet staan maar toch maar gedaan.... Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:52:10, on 2-2-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.chat-united.nl/controls/msnchat45.cab O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe -- End of file - 5768 bytes

ola jongens,wil niet pressen maar hoe zit het met het antwoord ... - - - Updated - - - owww:D zie net dat jullie wel antwoord hebben gegeven ...:$ nou nog geen verbeteringen hoor..... wat hebben we nog in het vat zitten?

# AdwCleaner v2.108 - Verslag gemaakt op 27/01/2013 om 10:31:33 # Geactualiseerd op 24/01/2013 door Xplode # Besturingssysteem : Windows 7 Home Basic Service Pack 1 (32 bits) # Gebruiker : Wielma-V8 - WIELMA-V8-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Wielma-V8\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Verwijdert : C:\ProgramData\Ask Map Verwijdert : C:\ProgramData\InstallMate Map Verwijdert : C:\ProgramData\Premium Map Verwijdert : C:\ProgramData\Trymedia Map Verwijdert : C:\Users\WIELMA~1\AppData\Local\Temp\BabylonToolbar Map Verwijdert : C:\Users\Wielma-V8\AppData\Roaming\BrowserCompanion Map Verwijdert : C:\Users\Wielma-V8\AppData\Roaming\OpenCandy ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Crossrider Sleutel Verwijdert : HKCU\Software\Blabbers Sleutel Verwijdert : HKCU\Software\BrowserCompanion Sleutel Verwijdert : HKCU\Software\Cr_Installer Sleutel Verwijdert : HKCU\Software\IM Sleutel Verwijdert : HKCU\Software\ImInstaller Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijdert : HKCU\Software\Optimizer Pro Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\12d8f2e1af370aadb690c2ecdaa1a347 Sleutel Verwijdert : HKLM\Software\OpenCandy NSIS SDK ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v [Onmogelijk de versie te verkrijgen] File : C:\Users\Wielma-V8\AppData\Roaming\Mozilla\Firefox\Profiles\8yaerblh.default\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v24.0.1312.56 File : C:\Users\Wielma-V8\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [2834 octets] - [27/01/2013 10:31:33] ########## EOF - C:\AdwCleaner[s1].txt - [2894 octets] ##########

hijack met administrator rechten geopend,hier het logje Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.5) - Nederlands Adobe Shockwave Player 11.6 D3DX10 Google Chrome Google Update Helper HiJackThis Intel® Graphics Media Accelerator Driver Java 7 Update 7 Java 6 Update 35 JavaFX 2.1.0 king.com (remove only) LSI HDA Modem Malwarebytes Anti-Malware versie 1.70.0.1100 Messenger Plus! 6 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile Microsoft Antimalware Service NL-NL Language Pack Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MSVCRT Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Spybot - Search & Destroy swMSM Synaptics Pointing Device Driver Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Windows 7 Codec Pack 3.2.0 Windows Live Communications Platform Windows Live Essentials Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Messenger Windows Live Messenger Windows Live Photo Common Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Media Player Firefox Plugin WinRAR 4.20 (32-bit) - - - Updated - - - de comp is iets sneller maar nog veels te langzaam liggen,zou het eventueel aan de labtop kunnen liggen,deze is al +- 4 jaar oud?

hoi,hier hetlogje van mbam en van hijack,overigens zag ik browsercompanion tussen program files staan,heb er niets mee gedaan Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.01.26.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Wielma-V8 :: WIELMA-V8-PC [administrator] Bescherming: Ingeschakeld 26-1-2013 15:17:38 mbam-log-2013-01-26 (15-17-38).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 196730 Verstreken tijd: 7 minuut/minuten, 47 seconde(n) Geheugenprocessen gedetecteerd: 1 C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> 1684 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 2 HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111181125} (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111181125} (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\OptimizerPro\ix_updater.exe (Trojan.Dropper.H) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:59:51, on 26-1-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe O4 - HKCU\..\Run: [spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.chat-united.nl/controls/msnchat45.cab O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe -- End of file - 5848 bytes

1. Ga naar Start - Configuratiescherm - Programma's Deïnstalleer BrowserCompanion kan browsercompanion niet vinden,staat niet tussen de programma's,ook niet bij'start'en een zoekopdracht geven????

hier een hijack als administrator uitgevoerd Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:58:37, on 26-1-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\BrowserCompanion\BCHelper.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe O4 - HKCU\..\Run: [spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.chat-united.nl/controls/msnchat45.cab O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe -- End of file - 5910 bytes

hoi ten eerste nog mijn dank voor het verwijderen en verbeteren van mijn prestaties van de computer,top top top dus dan gelijk ook maar f de comp van me vriendin doen ... het volgende is er aan de hand,computer is erg traag en 2 proghrammas tegelijk open is al een groot probleem,plaats hierbij f een hijack loggie,zouden jullie het even na willen kijken,thnxthnxthnx Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:36:43, on 25-1-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\BrowserCompanion\BCHelper.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe O4 - HKCU\..\Run: [spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.chat-united.nl/controls/msnchat45.cab O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe -- End of file - 5488 bytes

superrrr jongens,me laptoppie is weer he-le-maal schoon en lekker snel weer,jullie hebben me echt geholpen...thnx daarvoor en uiteraard ben ik een donatie ook niet vergeten te doen,wel het kleinste bedrag,maar gegevenb met een goed hart... thnx:)

NEH ,HELEMAAL NIET MEER,IK DENK DAT HET HIERBIJ OPGELOST IS..SUPERRRRRR heb alleen nog een vraagje,wat rade jullie aan als bescherming voor de pc,virusscanner en firewall?

ComboFix 13-01-14.01 - arjan 14-01-2013 18:01:59.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3764.2342 [GMT 1:00] Gestart vanuit: c:\users\arjan\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Voorgaande Run ------- . c:\program files (x86)\Vid-Saver\Vid-Saver.exe c:\program files (x86)\Vid-Saver\Vid-Saver.ico c:\program files (x86)\Vid-Saver\Vid-Saver.ini c:\program files (x86)\Vid-Saver\Vid-SaverGui.exe c:\program files (x86)\Vid-Saver\Vid-SaverInstaller.log c:\programdata\0ubyabpf.exe.b c:\programdata\FullRemove.exe c:\users\arjan\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx c:\users\arjan\AppData\Roaming\adaware-installer-reboot-required.tmp . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_DiagnosticScan -------\Service_Start1Driver . . (((((((((((((((((((( Bestanden Gemaakt van 2012-12-14 to 2013-01-14 )))))))))))))))))))))))))))))) . . 2013-01-14 17:08 . 2013-01-14 17:08 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-01-14 05:14 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe 2013-01-13 13:25 . 2013-01-13 13:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-01-13 13:25 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-01-13 12:57 . 2013-01-13 12:57 -------- d-----w- c:\windows\system32\SPReview 2013-01-13 12:12 . 2010-11-20 04:35 2560 ----a-w- c:\windows\system32\drivers\nl-NL\rdpwd.sys.mui 2013-01-13 12:11 . 2010-11-20 04:33 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui 2013-01-13 12:11 . 2010-11-20 04:27 3072 ----a-w- c:\windows\system32\drivers\nl-NL\Dot4usb.sys.mui 2013-01-13 11:57 . 2010-11-20 03:18 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll 2013-01-13 11:56 . 2010-11-20 04:27 758272 ----a-w- c:\windows\system32\PortableDeviceApi.dll 2013-01-13 11:55 . 2010-11-20 04:27 448512 ----a-w- c:\windows\system32\shlwapi.dll 2013-01-13 11:54 . 2010-11-20 04:26 1009152 ----a-w- c:\windows\system32\mcmde.dll 2013-01-13 11:47 . 2013-01-13 11:47 -------- d-----w- c:\windows\system32\EventProviders 2013-01-09 16:38 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll 2012-12-31 00:40 . 2012-12-17 05:43 38096 ----a-w- c:\windows\system32\drivers\gfiark.sys 2012-12-30 20:23 . 2012-12-30 20:23 -------- d-----w- c:\program files (x86)\Toolbar Cleaner 2012-12-30 04:17 . 2012-12-30 04:17 -------- d-----w- c:\users\arjan\AppData\Local\Programs 2012-12-28 10:03 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5DB18C6A-FE03-4C4A-87E8-6511EABAD9BB}\mpengine.dll 2012-12-23 12:46 . 2012-12-23 12:46 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-12-23 12:46 . 2012-12-23 12:46 -------- d-----w- c:\program files\iTunes 2012-12-21 05:53 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-21 05:53 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-21 05:53 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-21 05:53 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-14 16:43 . 2012-05-13 09:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2013-01-13 12:49 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2013-01-13 12:49 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2013-01-09 21:30 . 2011-06-11 19:44 67599240 ----a-w- c:\windows\system32\MRT.exe 2013-01-09 18:53 . 2012-07-23 16:30 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-09 18:53 . 2012-07-23 16:30 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-01-01 04:25 . 2011-06-11 22:18 32608 ----a-w- c:\windows\king-uninstall.exe 2012-12-30 20:24 . 2012-11-27 02:24 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys 2012-12-30 09:35 . 2012-04-11 17:26 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2012-11-30 04:45 . 2013-01-09 16:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-11-14 07:06 . 2012-12-12 21:44 17811968 ----a-w- c:\windows\system32\mshtml.dll 2012-11-14 06:32 . 2012-12-12 21:44 10925568 ----a-w- c:\windows\system32\ieframe.dll 2012-11-14 06:11 . 2012-12-12 21:44 2312704 ----a-w- c:\windows\system32\jscript9.dll 2012-11-14 06:04 . 2012-12-12 21:44 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-11-14 06:04 . 2012-12-12 21:44 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-11-14 06:02 . 2012-12-12 21:44 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-11-14 06:02 . 2012-12-12 21:44 237056 ----a-w- c:\windows\system32\url.dll 2012-11-14 05:59 . 2012-12-12 21:44 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-11-14 05:58 . 2012-12-12 21:44 816640 ----a-w- c:\windows\system32\jscript.dll 2012-11-14 05:57 . 2012-12-12 21:44 599040 ----a-w- c:\windows\system32\vbscript.dll 2012-11-14 05:57 . 2012-12-12 21:44 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-11-14 05:55 . 2012-12-12 21:44 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-11-14 05:55 . 2012-12-12 21:44 729088 ----a-w- c:\windows\system32\msfeeds.dll 2012-11-14 05:53 . 2012-12-12 21:44 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-11-14 05:52 . 2012-12-12 21:44 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-11-14 05:46 . 2012-12-12 21:44 248320 ----a-w- c:\windows\system32\ieui.dll 2012-11-14 02:09 . 2012-12-12 21:44 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-11-14 01:58 . 2012-12-12 21:44 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-11-14 01:57 . 2012-12-12 21:44 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-11-14 01:49 . 2012-12-12 21:44 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-11-14 01:48 . 2012-12-12 21:44 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-11-14 01:44 . 2012-12-12 21:44 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-11-09 05:45 . 2012-12-12 16:36 2048 ----a-w- c:\windows\system32\tzres.dll 2012-11-09 04:42 . 2012-12-12 16:36 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-11-02 05:59 . 2012-12-12 16:36 478208 ----a-w- c:\windows\system32\dpnet.dll 2012-11-02 05:11 . 2012-12-12 16:36 376832 ----a-w- c:\windows\SysWow64\dpnet.dll 2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-09-27 3077528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-11 975952] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "KPN Assistent"="c:\program files (x86)\KPN\KPN Assistent\KPN_Assistent.exe" [2011-08-18 33560288] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui] [bU] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 ALSysIO;ALSysIO;c:\users\arjan\AppData\Local\Temp\ALSysIO64.sys [x] R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-06-10 40448] R3 dump_wmimmc;dump_wmimmc;c:\gamescampus\Heroes In the Sky\GameGuard\dump_wmimmc.sys [x] R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2012-12-17 38096] R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-08-02 22528] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x] R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-06-11 1255736] S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2012-12-30 14456] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-11 321104] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-01-12 08:43 1606760 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe . Inhoud van de 'Gedeelde Taken' map . 2013-01-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-23 18:53] . 2013-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-06 09:38] . 2013-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-06 09:38] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-06-10 324608] "mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-05-07 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-05-07 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-05-07 413208] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-29 11101800] "PLFSetI"="c:\windows\PLFSetI.exe" [2010-11-22 206208] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216] . ------- Bijkomende Scan ------- . uStart Page = about:blank uLocal Page = c:\windows\system32\blank.htm mDefault_Page_URL = hxxp://acer.msn.com mStart Page = hxxp://acer.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 192.168.2.254 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-1A:Stardock TrayMonitor - (no file) Wow6432Node-HKLM-RunServices-1A:Stardock TrayMonitor - (no file) Toolbar-Locked - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,13,62,68,5f,17,51,43,84,d4,e2,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,13,62,68,5f,17,51,43,84,d4,e2,\ . [HKEY_USERS\S-1-5-21-1268928345-919485190-3944749271-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-01-14 18:11:37 ComboFix-quarantined-files.txt 2013-01-14 17:11 . Pre-Run: 418.739.032.064 bytes beschikbaar Post-Run: 418.440.388.608 bytes beschikbaar . - - End Of File - - 52267719637C155A845047A26EF55E43