langzame comp

[Mako]

Hoi,

Sorry voor de late reactie .

Hoe gaat het nu met de computer? Is er al een merkbaar verschil?

[Mako]

Hallo waterman36,

Gaat het al wat beter met je vriendin's computer?

[waterman36]

ola jongens,wil niet pressen maar hoe zit het met het antwoord ...

- - - Updated - - -

owww:D zie net dat jullie wel antwoord hebben gegeven ...:$

nou nog geen verbeteringen hoor.....

wat hebben we nog in het vat zitten?

[Mako]

Download CCleaner. (Als je het nog niet hebt)

Installeer het en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Download Defraggler

Zorg er wel voor dat je tijdens de installatie het vinkje weg haalt bij "Install optional Yahoo! Toolbar"

Klik bij Schijf op de schijf waar je Windows op hebt geïnstalleerd.

Kies vervolgens voor Defragmenteer

Zeker de eerste keer zal dit proces tijd vergen!

[waterman36]

nou alles uyitgevoerd,computer reageerd iets beter maar nog niet echt naar behoren,heb wel ff een logje aangemaakt,zag het niet staan maar toch maar gedaan....

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:52:10, on 2-2-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"

O4 - HKCU\..\Run: [spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.chat-united.nl/controls/msnchat45.cab

O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

--

End of file - 5768 bytes

[kweezie wabbit]

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[Mako]

Hallo waterman36,

Wil het een beetje lukken...?

[waterman36]

ola,....nou de combofix moet ik nog doen,maar das pas volgend weekend weer,kan dan weer met de comp werken

we zijn ermee bezig

[kape]

OK, dan lezen we het resultaat hier wel.

[waterman36]

nou ben der weer en we gaan weer verder ,alle stasppen weer uitgevoerd,hier de log van combofix

ComboFix 13-02-22.01 - Wielma-V8 22-02-2013 19:10:27.1.1 - x86

Microsoft Windows 7 Home Basic 6.1.7601.1.1252.31.1043.18.1015.360 [GMT 1:00]

Gestart vanuit: c:\users\Wielma-V8\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-01-22 to 2013-02-22 ))))))))))))))))))))))))))))))

.

.

2013-02-22 18:20 . 2013-02-22 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-02-22 17:57 . 2013-02-22 17:57 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7DD07F4B-C3C8-4382-B358-B742F77A374B}\MpKsl5f7f30a2.sys

2013-02-21 19:46 . 2013-02-08 00:45 6954968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7DD07F4B-C3C8-4382-B358-B742F77A374B}\mpengine.dll

2013-02-21 12:01 . 2012-03-02 15:02 25088 ----a-w- c:\windows\system32\drivers\lgandmodem.sys

2013-02-21 12:01 . 2012-03-02 15:02 20736 ----a-w- c:\windows\system32\drivers\lganddiag.sys

2013-02-21 12:01 . 2012-03-02 15:02 20096 ----a-w- c:\windows\system32\drivers\lgandgps.sys

2013-02-21 12:01 . 2012-03-02 15:02 14336 ----a-w- c:\windows\system32\drivers\lgandbus.sys

2013-02-21 12:01 . 2013-02-21 12:01 -------- d-----w- c:\program files\LG Electronics

2013-02-21 12:01 . 2013-02-21 12:01 -------- d--h--w- c:\program files\InstallShield Installation Information

2013-02-21 12:00 . 2013-02-21 12:00 -------- d-----w- C:\LGP990

2013-02-21 11:59 . 2011-05-10 12:37 655872 ----a-w- c:\windows\system32\msvcr90.dll

2013-02-21 11:59 . 2011-05-10 12:37 568832 ----a-w- c:\windows\system32\msvcp90.dll

2013-02-21 11:59 . 2011-05-10 12:37 224768 ----a-w- c:\windows\system32\msvcm90.dll

2013-02-21 11:59 . 2010-03-17 23:15 770384 ----a-w- c:\windows\system32\msvcr100.dll

2013-02-21 11:59 . 2010-03-17 23:15 4342088 ----a-w- c:\windows\system32\mfc100.dll

2013-02-21 11:59 . 2010-03-17 23:15 421200 ----a-w- c:\windows\system32\msvcp100.dll

2013-02-21 11:58 . 2006-05-04 07:33 53248 ----a-w- c:\windows\system32\CommonDL.dll

2013-02-21 11:58 . 2005-11-24 01:34 82432 ----a-w- c:\windows\system32\msxml4r.dll

2013-02-21 11:58 . 2005-10-04 00:39 44544 ----a-w- c:\windows\system32\msxml4a.dll

2013-02-21 11:58 . 2005-09-11 13:51 1233920 ----a-w- c:\windows\system32\msxml4.dll

2013-02-21 11:58 . 2013-02-21 12:05 -------- d-----w- c:\programdata\LGMOBILEAX

2013-02-21 11:57 . 2013-02-21 11:57 -------- d-----w- c:\users\Wielma-V8\AppData\Local\ElevatedDiagnostics

2013-02-20 06:46 . 2013-02-08 00:45 6954968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-02-19 15:19 . 2009-06-22 17:58 89600 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL

2013-02-13 21:42 . 2013-01-08 22:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-02-13 21:42 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll

2013-02-13 17:11 . 2013-01-04 03:00 2347008 ----a-w- c:\windows\system32\win32k.sys

2013-02-13 17:11 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-02-13 17:11 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-02-13 17:11 . 2013-01-03 05:05 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-02-13 17:11 . 2013-01-03 05:04 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2013-02-13 17:11 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll

2013-02-10 14:05 . 2013-02-10 14:05 -------- d-----w- c:\users\Wielma-V8\AppData\Roaming\Unity

2013-02-10 13:55 . 2013-02-10 13:55 -------- d-----w- c:\users\Wielma-V8\AppData\Local\Unity

2013-02-02 20:21 . 2013-02-02 20:22 -------- d-----w- c:\program files\Defraggler

2013-02-02 19:53 . 2013-02-02 19:53 -------- d-----w- c:\program files\CCleaner

2013-01-26 14:16 . 2013-01-26 14:16 -------- d-----w- c:\users\Wielma-V8\AppData\Roaming\Malwarebytes

2013-01-26 14:16 . 2013-01-26 14:16 -------- d-----w- c:\programdata\Malwarebytes

2013-01-26 14:15 . 2013-01-26 14:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-01-26 14:15 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-25 14:30 . 2013-01-25 14:30 388096 ----a-r- c:\users\Wielma-V8\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-01-25 14:30 . 2013-01-25 14:30 -------- d-----w- c:\program files\Trend Micro

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-02-08 17:24 . 2012-04-04 16:49 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-02-08 17:24 . 2011-06-15 08:29 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-01-30 10:53 . 2011-06-15 07:54 232336 ------w- c:\windows\system32\MpSigStub.exe

2013-01-20 14:59 . 2013-01-20 14:59 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2013-01-20 14:59 . 2011-04-27 14:25 100328 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys

2012-12-29 13:21 . 2011-06-15 18:37 32608 ----a-w- c:\windows\king-uninstall.exe

2012-12-16 14:13 . 2012-12-21 15:16 295424 ----a-w- c:\windows\system32\atmfd.dll

2012-12-16 14:13 . 2012-12-21 15:16 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-07 12:26 . 2013-01-09 07:05 308736 ----a-w- c:\windows\system32\Wpc.dll

2012-12-07 12:20 . 2013-01-09 07:05 2576384 ----a-w- c:\windows\system32\gameux.dll

2012-12-07 10:46 . 2013-01-09 07:05 43520 ----a-w- c:\windows\system32\csrr.rs

2012-12-07 10:46 . 2013-01-09 07:05 30720 ----a-w- c:\windows\system32\usk.rs

2012-12-07 10:46 . 2013-01-09 07:05 45568 ----a-w- c:\windows\system32\oflc-nz.rs

2012-12-07 10:46 . 2013-01-09 07:05 44544 ----a-w- c:\windows\system32\pegibbfc.rs

2012-12-07 10:46 . 2013-01-09 07:05 20480 ----a-w- c:\windows\system32\pegi-pt.rs

2012-12-07 10:46 . 2013-01-09 07:05 23552 ----a-w- c:\windows\system32\oflc.rs

2012-12-07 10:46 . 2013-01-09 07:05 20480 ----a-w- c:\windows\system32\pegi-fi.rs

2012-12-07 10:46 . 2013-01-09 07:05 46592 ----a-w- c:\windows\system32\fpb.rs

2012-12-07 10:46 . 2013-01-09 07:05 20480 ----a-w- c:\windows\system32\pegi.rs

2012-12-07 10:46 . 2013-01-09 07:05 21504 ----a-w- c:\windows\system32\grb.rs

2012-12-07 10:46 . 2013-01-09 07:05 40960 ----a-w- c:\windows\system32\cob-au.rs

2012-12-07 10:46 . 2013-01-09 07:05 15360 ----a-w- c:\windows\system32\djctq.rs

2012-12-07 10:46 . 2013-01-09 07:05 55296 ----a-w- c:\windows\system32\cero.rs

2012-12-07 10:46 . 2013-01-09 07:05 51712 ----a-w- c:\windows\system32\esrb.rs

2012-11-30 04:47 . 2013-01-09 07:06 293376 ----a-w- c:\windows\system32\KernelBase.dll

2012-11-30 04:45 . 2013-01-09 07:06 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll

2012-11-30 02:55 . 2013-01-09 07:06 271360 ----a-w- c:\windows\system32\conhost.exe

2012-11-30 02:38 . 2013-01-09 07:06 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38 . 2013-01-09 07:06 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38 . 2013-01-09 07:06 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-11-30 02:38 . 2013-01-09 07:06 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-28 07:22 . 2012-11-28 07:23 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8772AF55-0191-420B-9254-87E696BAEA41}\gapaengine.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Spybot-S&D Cleaning"="c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]

"PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2012-09-24 802304]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]

"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [x]

R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [x]

R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [x]

R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [x]

R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - MPKSL5F7F30A2

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc

GPSvcGroup REG_MULTI_SZ GPSvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-02-02 19:49 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-02-22 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 17:24]

.

2013-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-26 15:19]

.

2013-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-26 15:19]

.

.

------- Bijkomende Scan -------

.

uStart Page = https://www.google.nl/

mStart Page = about:blank

TCP: DhcpNameServer = 62.179.104.196 213.46.228.196

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab

.

- - - - ORPHANS VERWIJDERD - - - -

.

AddRemove-LSI Soft Modem - c:\windows\agrsmdel

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\SetId\Internal]

@Denied: (A 2) (LocalSystem)

"DATA2"="<settings accountStatus=\"3\" oldDevice=\"\" timeDiff=\"-3\" expireTime=\"1310717508\" productStatus=\"1\" obSize=\"0\" InstallIS=\"1289332796\" isSubsc=\"0\" authStat_is=\"0\" version=\"14.1\" keyType=\"195\" prodId=\"2\" moduleId1=\"8\" moduleId2=\"0\" relType=\"0\" />\0a"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-02-22 19:23:06

ComboFix-quarantined-files.txt 2013-02-22 18:23

.

Pre-Run: 128.687.771.648 bytes beschikbaar

Post-Run: 128.691.167.232 bytes beschikbaar

.

- - End Of File - - 6C8873C6BDD3C1A7CE63235049E28044