Elke5

Hallo, Daarnet bericht als gepost bij spyware, maar denk dat het hier beter staat... Als ik m'n computer wil opstarten, krijg ik het icoon met m'n naam, maar als ik er op klik krijg ik volgende boodschap: 'De Service User Profile Service verhindert het aanmelden. Gebruikersprofiel kan niet worden geladen.' Weet iemand raad? Alvast bedankt

Ontstoffen staat volgend WE op programma...

Beste, Hierbij logje... Ontstoffen zal ik van 't WE op mijn gemak eens doen, kan ik veel verkeerd doen waardoor ik gegevens verlies/dingen echt kapot maak? Alvast bedankt # AdwCleaner v3.007 - Report created 16/10/2013 at 18:26:04 # Updated 09/10/2013 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (32 bits) # Username : filip - PC_VAN_FILIP # Running from : C:\Users\filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VGEM4665\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Ask Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\Program Files\Ask.com Folder Deleted : C:\Program Files\AVG Secure Search Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\ConduitEngine Folder Deleted : C:\Program Files\pc speed up Folder Deleted : C:\Program Files\Protected Search Folder Deleted : C:\Program Files\Red Sky Folder Deleted : C:\Program Files\Common Files\AVG Secure Search Folder Deleted : C:\Users\filip\AppData\Local\apn Folder Deleted : C:\Users\filip\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\filip\AppData\Local\Conduit Folder Deleted : C:\Users\filip\AppData\Local\DownTango Folder Deleted : C:\Users\filip\AppData\LocalLow\AskToolbar Folder Deleted : C:\Users\filip\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\filip\AppData\LocalLow\Conduit Folder Deleted : C:\Users\filip\AppData\LocalLow\ConduitEngine Folder Deleted : C:\Users\filip\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\filip\AppData\LocalLow\SimplyTech Folder Deleted : C:\Users\filip\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2 Folder Deleted : C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\v594310\Extensions\toolbar@ask.com Folder Deleted : C:\Users\filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Folder Deleted : C:\Users\filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aanjjkgbodmfkdnkkhcjcghgnibdllak File Deleted : C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\v594310\searchplugins\Askcom.xml File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Key Deleted : HKCU\Software\Google\Chrome\Extensions\aanjjkgbodmfkdnkkhcjcghgnibdllak Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aanjjkgbodmfkdnkkhcjcghgnibdllak [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01161763-E33F-439D-81D4-32DC0048D4F7} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01161763-E33F-439D-81D4-32DC0048D4F7} Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2727678 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A54DAB37-E900-4E7A-9E32-7B5372016CE5} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A54DAB37-E900-4E7A-9E32-7B5372016CE5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{684E228B-A5A8-47CA-95D5-4A81E4497BA7} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6D82190-8E14-40D1-B601-91FB214FE1E1} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{95324E44-4B0A-47A9-8F77-9C6415E51C29}] Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\APN Key Deleted : HKCU\Software\Ask.com Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\ProtectedSearch Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\simplytech Key Deleted : HKCU\Software\AppDataLow\Software\smartbar Key Deleted : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_Nederlands_2 Key Deleted : HKLM\Software\APN Key Deleted : HKLM\Software\AskToolbar Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\ImInstaller Key Deleted : HKLM\Software\PIP Key Deleted : HKLM\Software\IncrediMail_MediaBar_Nederlands_2 Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IncrediMail_MediaBar_Nederlands_2 Toolbar Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16514 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Default_Page_URL] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Default_Page_URL] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [start Page] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [start Default_Page_URL] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [search Bar] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [search Page] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [start Page] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [start Default_Page_URL] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [search Bar] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [search Page] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] -\\ Mozilla Firefox v [ File : C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\v594310\prefs.js ] Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search"); Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={D1C8CA51-DFAC-46C6-8E97-1C2CA9E9F1FE}&mid=d1f03ba0cd5e47d0b096d1509d0b4f82-ad1491be2ce6c122f6b66faa90e70c2decf7d34c〈=nl&ds=AVG&p[...] Line Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={D1C8CA51-DFAC-46C6-8E97-1C2CA9E9F1FE}&mid=d1f03ba0cd5e47d0b096d1509d0b4f82-ad1491be2ce6c122f6b66faa90e70c2decf7d34c〈=nl&ds=AVG&pr=fr&d=[...] Line Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SGT&o=APN10374&locale=nl_EU&apn_uid=e87074b9-713a-4692-ae8d-b5150b73394e&apn_ptnrs=%5EAHO&apn_sauid=D0EB4F6B-D010-43F2-9[...] Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", ""); -\\ Google Chrome v30.0.1599.69 [ File : C:\Users\filip\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [16918 octets] - [16/10/2013 18:21:20] AdwCleaner[s0].txt - [16342 octets] - [16/10/2013 18:26:04] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [16403 octets] ##########

Beste, Hierbij link: http://speccy.piriform.com/results/yTOosIN2rfnuA36sHfNZVFL Bedankt alweer

Hallo, PC start nog steeds tergend traag op en werkt ook traag... Maakt ook behoorlijk veel lawaai tijdens opstarten...

Hallo, Hierbij logje ComboFix 13-10-09.01 - filip 10/10/2013 20:08:00.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.1919.1018 [GMT 2:00] Gestart vanuit: c:\users\filip\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\END c:\windows\system32\rnaph.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2013-09-10 to 2013-10-10 )))))))))))))))))))))))))))))) . . 2013-10-10 18:20 . 2013-10-10 18:20 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-10-10 18:20 . 2013-10-10 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-10-09 19:35 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-10-09 19:35 . 2013-10-09 19:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-09-15 07:44 . 2013-07-16 04:35 615936 ----a-w- c:\windows\system32\themeui.dll 2013-09-15 07:44 . 2013-08-08 01:45 2049536 ----a-w- c:\windows\system32\win32k.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-09 19:51 . 2012-10-06 18:29 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-10-09 19:51 . 2012-10-06 18:29 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-09-29 08:05 . 2012-07-31 19:32 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-08-29 16:15 . 2013-08-29 16:14 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-08-29 16:15 . 2013-08-29 16:14 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-08-29 16:15 . 2013-08-29 16:14 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-08-02 04:09 . 2013-08-28 19:49 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-07-25 19:31 . 2013-07-25 19:31 388096 ----a-r- c:\users\filip\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-07-17 19:41 . 2013-08-18 06:23 2048 ----a-w- c:\windows\system32\tzres.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-14 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvSvc"="c:\windows\system32\nvsvc.dll" [2006-11-22 90191] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-11-22 7757824] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-11-22 81920] "RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "QuickFinder Scheduler"="c:\program files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2005-11-30 77892] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-27 81920] "MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-09-12 561152] "Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-08-28 606208] "lxeemon.exe"="c:\program files\Lexmark Pro700 Series\lxeemon.exe" [2010-05-17 770728] "EzPrint"="c:\program files\Lexmark Pro700 Series\ezprint.exe" [2010-05-17 148280] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-1-10 106560] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-09-22 16:28 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-10-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-06 19:51] . 2013-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 18:31] . 2013-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 18:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.zita.be/ mWindow Title = Telenet Internet IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 IE: Open with WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta TCP: DhcpNameServer = 195.130.130.130 195.130.131.130 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} - hxxp://www.digitalwebbooks.com/reader/dbplugin.cab DPF: {FD47E0E7-D528-4D72-9386-E608448119C6} - hxxp://www.superstarracing.net/miniclip/ChatRepublicPlayer.cab . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{95324E44-4B0A-47A9-8F77-9C6415E51C29} - (no file) SafeBoot-WudfPf SafeBoot-WudfRd . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-10-10 20:23 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . [0] 0x69A000AA . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . . c:\users\filip\AppData\Local\Temp\catchme.dll 53248 bytes executable . Scan succesvol afgerond verborgen bestanden: 1 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:0000000f . Voltooingstijd: 2013-10-10 20:26:21 ComboFix-quarantined-files.txt 2013-10-10 18:26 . Pre-Run: 81.314.660.352 bytes beschikbaar Post-Run: 83.418.632.192 bytes beschikbaar . - - End Of File - - 55AF48DDBBBC7CCC232237B9E70AF6DA 2F04F445C78D9EB185BCF8FDEF1E6DF0

Hallo, Alvast bedankt, Hierbij gevraagde log bestanden. Computer start wel tergend traag op (duurt 15 minuten - kan hier iets aan gedaan worden?) + loopt ook geregeld vast... Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:10:39, on 9/10/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16506) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Windows\Samsung\PanelMgr\SSMMgr.exe C:\Program Files\Lexmark Pro700 Series\lxeemon.exe C:\Program Files\Lexmark Pro700 Series\ezprint.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zita R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} (DNL Reader) - http://www.digitalwebbooks.com/reader/dbplugin.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://colruyt.fujiprint.be/Colruyt/UserControls/Part/Upload/ImageUploader5.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {FD47E0E7-D528-4D72-9386-E608448119C6} (ChatRepublicPlayer ActiveX) - http://www.superstarracing.net/miniclip/ChatRepublicPlayer.cab O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: lxee_device - - C:\Windows\system32\lxeecoms.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe O23 - Service: vToolbarUpdater17.0.1 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe -- End of file - 7203 bytes Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.10.09.08 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 filip :: PC_VAN_FILIP [administrator] 9/10/2013 21:37:14 mbam-log-2013-10-09 (21-37-14).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 213634 Verstreken tijd: 22 minuut/minuten, 1 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 1 HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 1 C:\Users\filip\AppData\Local\Temp\ct2727678 (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 3 C:\Users\filip\AppData\Local\Temp\nwmgfahwxgthtvkedoy.bfg (Trojan.FakeMS) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\filip\AppData\Local\Temp\sygqxjtxlpmkffxk.exe (Trojan.Agent.rfz) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\filip\AppData\Local\Temp\trlmcitxhmmoracpdgwcolbfetbd.exe (Trojan.Ransom.iGen) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)

Hallo, Via veel omwegen toch kunnen opstarten. Ziehier logfile. Graag jullie mening aub. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:16:09, on 5/10/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16506) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Windows\Samsung\PanelMgr\SSMMgr.exe C:\Program Files\Lexmark Pro700 Series\lxeemon.exe C:\Program Files\Lexmark Pro700 Series\ezprint.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zita R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si=41460&home=true&tid=2938 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=2938&bs=true&q= R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: (no name) - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - (no file) O2 - BHO: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: IncrediMail MediaBar Nederlands 2 - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - (no file) O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Lexmark Werkbalk - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll O3 - Toolbar: (no name) - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - (no file) O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun O4 - HKLM\..\Run: [lxeemon.exe] "C:\Program Files\Lexmark Pro700 Series\lxeemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Pro700 Series\ezprint.exe" O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} (DNL Reader) - http://www.digitalwebbooks.com/reader/dbplugin.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://colruyt.fujiprint.be/Colruyt/UserControls/Part/Upload/ImageUploader5.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {FD47E0E7-D528-4D72-9386-E608448119C6} (ChatRepublicPlayer ActiveX) - http://www.superstarracing.net/miniclip/ChatRepublicPlayer.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: lxee_device - - C:\Windows\system32\lxeecoms.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe O23 - Service: vToolbarUpdater17.0.1 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe

Heb ondertussen geprobeerd met HitmanPro.Kickstart, ik geraag tot in het scherm 'USB BOOT OPTIONS' -> ik kan hier geen keuze maken, en hij gaat ook niet automatisch door... Grt

Hallo, M'n computer is besmet geraakt met het computer virus... Heb proberen opstarten in veilige modus om systeemherstel te doen, maar opstarten lukt niet. Hij gaat afmelden en wil gewoon opstarten. Als ik dan m'n paswoord opnieuw invoer, komt er direct weer 'politiescherm'. Heb hem dan ook proberen op te starten via opstart-USB, maar ik kan nergens selecteren dat hij via USB moet opstarten. Het betreft een Laptop Targa van 2008 (Notebook Traveller 1561 X2 met AMD Dual Core processor). Denk dat laptop ook versleten is, want maakt enorm veel lawaai bij opstarten en werkt heel traag... Zou hem toch terug graag aan de praat krijgen om er nog al m'n gegevens af te halen. Hopende op jullie hulp.... Alvast bedankt