Asus K55VD start traag op

[Cooni]

@Kape,

MBAM heb ik een tijdje geleden al eens op mijn PC gehad.

Heb het nu opnieuw geïnstalleerd zoals je zei. (Hij vroeg wel niet om opnieuw op te starten..?)

Er werd niets gevonden en ik kon dus ook niets selecteren en verwijderen.

Ik kon nergens op "bekijk de resultaten" klikken, wel opende er automatisch een logje.

MBAM logje :

Malwarebytes Anti-Malware 1.65.1.1000

Malwarebytes : Free anti-malware download

Databaseversie: v2012.12.11.12

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Niels :: NIELS-PC [administrator]

12/12/2012 0:13:46

mbam-log-2012-12-12 (00-13-46).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 228938

Verstreken tijd: 1 minuut/minuten, 34 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

Er staan wel een aantal dingen van "Funmoods" (nog zo'n irritante toolbar) in de quarantainelijst ?

En het nieuwe hijackthislogje :

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 0:35:36, on 12/12/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16455)

Boot mode: Normal

Running processes:

C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe

C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe

C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Niels\Desktop\HijackThis.exe

C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"

O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: vpngui.exe.lnk = ?

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O17 - HKLM\System\CCS\Services\Tcpip\..\{15246C6F-8BF9-4E51-8D5D-ADC8E39305C6}: NameServer = 195.130.130.11,8.8.8.8

O17 - HKLM\System\CS1\Services\Tcpip\..\{15246C6F-8BF9-4E51-8D5D-ADC8E39305C6}: NameServer = 195.130.130.11,8.8.8.8

O17 - HKLM\System\CS2\Services\Tcpip\..\{15246C6F-8BF9-4E51-8D5D-ADC8E39305C6}: NameServer = 195.130.130.11,8.8.8.8

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll C:\Windows\SysWOW64\nvinit.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--

End of file - 14003 bytes

Bedankt voor jullie hulp !

Niels

11 december 2012 aangepast door Cooni

[kape]

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O20 - AppInit_DLLs: c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll C:\Windows\SysWOW64\nvinit.dll

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download AdwCleaner by Xplode naar je bureaublad.

• Sluit alle openstaande vensters.
  
• Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  
• Voor XP: Gewoon dubbelklikken op AdwCleaner.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht.

12 december 2012 aangepast door kape

[Cooni]

Hier het logje van ADWcleaner

# AdwCleaner v2.100 - Verslag gemaakt op 14/12/2012 om 23:06:49

# Geactualiseerd op 09/12/2012 door Xplode

# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Gebruiker : Niels - NIELS-PC

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\Niels\Downloads\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

File Verwijdert : C:\Users\Niels\AppData\Local\funmoods-speeddial_sf.crx

File Verwijdert : C:\Users\Niels\AppData\Local\Temp\Uninstall.exe

Map Verwijdert : C:\ProgramData\Babylon

Map Verwijdert : C:\ProgramData\Browser Manager

Map Verwijdert : C:\Users\Niels\AppData\Local\Conduit

Map Verwijdert : C:\Users\Niels\AppData\LocalLow\Conduit

Map Verwijdert : C:\Users\Niels\AppData\Roaming\Babylon

Map Verwijdert : C:\Users\Niels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\APN PIP

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar

Sleutel Verwijdert : HKCU\Software\Conduit

Sleutel Verwijdert : HKCU\Software\DataMngr

Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar

Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Sleutel Verwijdert : HKCU\Software\PIP

Sleutel Verwijdert : HKCU\Software\Softonic

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

Sleutel Verwijdert : HKLM\Software\Babylon

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2865317

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Sleutel Verwijdert : HKLM\Software\Conduit

Sleutel Verwijdert : HKLM\Software\DataMngr

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Sleutel Verwijdert : HKLM\Software\PIP

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohd****efph

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

Waarde Verwijdert : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]

***** [browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0F0EzzyD0D0EtDtBtAyDyEyC0ByD0CtAtN0D0Tzu0CtAtCyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=984068851 --> hxxp://www.google.com

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Niels\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[s1].txt - [4552 octets] - [14/12/2012 23:06:49]

########## EOF - C:\AdwCleaner[s1].txt - [4612 octets] ##########

Niels

[kape]

Hoe gedraagt de PC zich nu ? En zijn er nog merkbare sporen van Funmoods ?

[Cooni]

Ik heb het gevoel dat hij rapper opstartte voor de acties met ADWcleaner ?

Voor ADWcleaner heb ik wel gemerkt dat hij weer (veel) rapper opstartte.

Het zwarte scherm krijg ik ook niet meer en de errors ook niet dus het is zeker een grotere verbetering !

Bedankt voor jullie hulp,

Niels

[kape]

Ik heb het gevoel dat hij rapper opstartte voor de acties met ADWcleaner ?

Voor ADWcleaner heb ik wel gemerkt dat hij weer (veel) rapper opstartte.

Dat zou erg vreemd zijn, want AdwCleaner heeft nog ongewenste bestanden van je PC verwijderd.

Sluit alle openstaande vensters

Start AdwCleaner en klik Deinstallatie.

Klik op "Ja"

AdwCleaner is nu verwijderd van je pc.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

15 december 2012 aangepast door kape

[Cooni]

Dag Kape,

Heb de acties uitgevoerd maar hij start nog steeds trager op.

Het is nadat ik mijn wachtwoord heb ingevoerd dat het een eeuwigheid duurt.

En het zwarte scherm is er nog steeds, alleen zie ik nu de taakbalk wel en alles erboven is nu zwart.

Alvast bedankt,

Niels

[kape]

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[Cooni]

Sorry voor mijn late antwoord,

Hier het logje van ComboFix :

ComboFix 12-12-17.02 - Niels 19/12/2012 11:08:08.1.8 - x64

Gestart vanuit: C:\Users\Niels\Desktop\ComboFix.exe

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

C:\CFLog

C:\ProgramData\FullRemove.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk

C:\ProgramData\Roaming

(((((((((((((((((((( Bestanden Gemaakt van 2012-11-19 to 2012-12-19 ))))))))))))))))))))))))))))))

2012-12-19 10:17:37 . 2012-12-19 10:17:37 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp

2012-12-19 10:17:37 . 2012-12-19 10:17:37 -------- d-----w- C:\Users\Default\AppData\Local\temp

2012-12-15 12:16:06 . 2012-12-15 12:16:07 -------- d-----w- C:\Program Files\CCleaner

2012-12-15 09:21:22 . 2012-12-15 09:21:52 404920 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-12-15 09:18:38 . 2012-12-15 09:18:38 -------- d-----w- C:\Users\Niels\AppData\Local\Secunia PSI

2012-12-15 09:18:32 . 2012-12-15 09:18:32 -------- d-----w- C:\Program Files (x86)\Secunia

2012-12-15 09:18:07 . 2012-11-28 09:35:19 95184 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-12-14 19:48:20 . 2012-11-08 17:24:30 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{509674A6-E026-4B52-9061-F1125482A3A7}\mpengine.dll

2012-12-11 23:06:55 . 2012-09-29 18:54:26 25928 ----a-w- C:\Windows\system32\drivers\mbam.sys

2012-12-11 23:06:54 . 2012-12-11 23:07:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-12-10 19:28:07 . 2012-12-10 19:28:09 -------- d-----w- C:\Program Files\Recuva

2012-12-10 19:25:15 . 2012-12-10 19:25:16 -------- d-----w- C:\Program Files\Speccy

2012-12-05 22:20:44 . 2012-12-05 22:21:26 -------- d-----w- C:\Users\Niels\AppData\Local\Microsoft Games

2012-11-24 00:12:35 . 2012-11-24 00:13:10 -------- d-s---w- C:\Users\Niels\Google Drive

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-12-19 07:39:13 . 2012-11-17 09:24:24 151552 ----a-w- C:\Windows\KMSEmulator.exe

2012-12-19 07:39:03 . 2012-10-23 20:31:55 380 ----a-w- C:\Users\Niels\AppData\Roaming\sp_data.sys

2012-12-12 21:24:21 . 2012-10-17 15:42:19 67413224 ----a-w- C:\Windows\system32\MRT.exe

2012-11-11 21:50:39 . 2012-10-14 11:34:58 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-11-11 21:50:39 . 2012-10-14 11:34:58 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-11-11 19:18:11 . 2012-11-11 19:18:11 560184 ----a-w- C:\Windows\system32\drivers\sptd.sys

2012-11-09 23:34:42 . 2012-11-09 23:34:42 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll

2012-11-09 23:34:40 . 2012-11-09 23:34:40 704136 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2012-10-30 22:51:56 . 2012-10-20 11:16:30 59728 ----a-w- C:\Windows\system32\drivers\aswTdi.sys

2012-10-30 22:51:55 . 2012-10-20 11:16:32 370288 ----a-w- C:\Windows\system32\drivers\aswSP.sys

2012-10-30 22:51:55 . 2012-10-20 11:16:29 984144 ----a-w- C:\Windows\system32\drivers\aswSnx.sys

2012-10-30 22:51:55 . 2012-10-20 11:16:28 71600 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys

2012-10-30 22:51:53 . 2012-10-20 11:16:32 25232 ----a-w- C:\Windows\system32\drivers\aswFsBlk.sys

2012-10-30 22:51:07 . 2012-10-20 11:16:03 41224 ----a-w- C:\Windows\avastSS.scr

2012-10-30 22:50:59 . 2012-10-20 11:16:01 227648 ----a-w- C:\Windows\SysWow64\aswBoot.exe

2012-10-30 22:50:30 . 2012-10-20 11:16:28 285328 ----a-w- C:\Windows\system32\aswBoot.exe

2012-10-23 23:36:20 . 2012-10-23 23:36:20 27760 ----a-w- C:\Windows\system32\drivers\ggsemc.sys

2012-10-23 23:36:20 . 2012-10-23 23:36:20 14448 ----a-w- C:\Windows\system32\drivers\ggflt.sys

2012-10-17 19:52:07 . 2012-10-17 19:52:07 283200 ----a-w- C:\Windows\system32\drivers\dtsoftbus01.sys

2012-10-17 15:21:01 . 2012-10-17 15:21:01 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll

2012-10-17 15:20:57 . 2012-10-17 15:20:57 704136 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2012-10-16 08:38:37 . 2012-12-10 09:41:58 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38:34 . 2012-12-10 09:41:58 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39:52 . 2012-12-10 09:41:58 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll

2012-10-15 20:46:56 . 2012-10-15 20:46:56 89088 ----a-w- C:\Windows\system32\RegisterIEPKEYs.exe

2012-10-15 20:46:56 . 2012-10-15 20:46:56 86528 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2012-10-15 20:46:56 . 2012-10-15 20:46:56 76800 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe

2012-10-15 20:46:56 . 2012-10-15 20:46:56 74752 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2012-10-15 20:46:56 . 2012-10-15 20:46:56 74752 ----a-w- C:\Windows\SysWow64\iesetup.dll

2012-10-15 20:46:56 . 2012-10-15 20:46:56 63488 ----a-w- C:\Windows\SysWow64\tdc.ocx

2012-10-15 20:46:56 . 2012-10-15 20:46:56 48640 ----a-w- C:\Windows\SysWow64\mshtmler.dll

2012-10-15 20:46:56 . 2012-10-15 20:46:56 367104 ----a-w- C:\Windows\SysWow64\html.iec

2012-10-15 20:46:56 . 2012-10-15 20:46:56 35840 ----a-w- C:\Windows\SysWow64\imgutil.dll

2012-10-15 20:46:56 . 2012-10-15 20:46:56 23552 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2012-10-15 20:46:56 . 2012-10-15 20:46:56 161792 ----a-w- C:\Windows\SysWow64\msls31.dll

2012-10-15 20:46:56 . 2012-10-15 20:46:56 152064 ----a-w- C:\Windows\SysWow64\wextract.exe

2012-10-15 20:46:56 . 2012-10-15 20:46:56 150528 ----a-w- C:\Windows\SysWow64\iexpress.exe

2012-10-15 20:46:56 . 2012-10-15 20:46:56 11776 ----a-w- C:\Windows\SysWow64\mshta.exe

2012-10-15 20:46:56 . 2012-10-15 20:46:56 110592 ----a-w- C:\Windows\SysWow64\IEAdvpack.dll

2012-10-15 20:46:56 . 2012-10-15 20:46:56 101888 ----a-w- C:\Windows\SysWow64\admparse.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 91648 ----a-w- C:\Windows\system32\SetIEInstalledDate.exe

2012-10-15 20:46:55 . 2012-10-15 20:46:55 89088 ----a-w- C:\Windows\system32\ie4uinit.exe

2012-10-15 20:46:55 . 2012-10-15 20:46:55 85504 ----a-w- C:\Windows\system32\iesetup.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 82432 ----a-w- C:\Windows\system32\icardie.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 76800 ----a-w- C:\Windows\system32\tdc.ocx

2012-10-15 20:46:55 . 2012-10-15 20:46:55 65024 ----a-w- C:\Windows\system32\pngfilt.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 55296 ----a-w- C:\Windows\system32\msfeedsbs.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 534528 ----a-w- C:\Windows\system32\ieapfltr.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 49664 ----a-w- C:\Windows\system32\imgutil.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 48640 ----a-w- C:\Windows\system32\mshtmler.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 452608 ----a-w- C:\Windows\system32\dxtmsft.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 448512 ----a-w- C:\Windows\system32\html.iec

2012-10-15 20:46:55 . 2012-10-15 20:46:55 403248 ----a-w- C:\Windows\system32\iedkcs32.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 39936 ----a-w- C:\Windows\system32\iernonce.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 3695416 ----a-w- C:\Windows\system32\ieapfltr.dat

2012-10-15 20:46:55 . 2012-10-15 20:46:55 30720 ----a-w- C:\Windows\system32\licmgr10.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 282112 ----a-w- C:\Windows\system32\dxtrans.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 267776 ----a-w- C:\Windows\system32\ieaksie.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 249344 ----a-w- C:\Windows\system32\webcheck.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 222208 ----a-w- C:\Windows\system32\msls31.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 197120 ----a-w- C:\Windows\system32\msrating.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 165888 ----a-w- C:\Windows\system32\iexpress.exe

2012-10-15 20:46:55 . 2012-10-15 20:46:55 163840 ----a-w- C:\Windows\system32\ieakui.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 160256 ----a-w- C:\Windows\system32\wextract.exe

2012-10-15 20:46:55 . 2012-10-15 20:46:55 160256 ----a-w- C:\Windows\system32\ieakeng.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 149504 ----a-w- C:\Windows\system32\occache.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 145920 ----a-w- C:\Windows\system32\iepeers.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 135168 ----a-w- C:\Windows\system32\IEAdvpack.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 12288 ----a-w- C:\Windows\system32\mshta.exe

2012-10-15 20:46:55 . 2012-10-15 20:46:55 114176 ----a-w- C:\Windows\system32\admparse.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 111616 ----a-w- C:\Windows\system32\iesysprep.dll

2012-10-15 20:46:55 . 2012-10-15 20:46:55 10752 ----a-w- C:\Windows\system32\msfeedssync.exe

2012-10-15 20:46:55 . 2012-10-15 20:46:55 103936 ----a-w- C:\Windows\system32\inseng.dll

2012-10-15 17:59:28 . 2012-10-20 11:16:31 54072 ----a-w- C:\Windows\system32\drivers\aswRdr2.sys

2012-10-13 11:08:13 . 2011-03-29 02:36:46 19720 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-10-09 18:17:13 . 2012-11-16 12:20:25 55296 ----a-w- C:\Windows\system32\dhcpcsvc6.dll

2012-10-09 18:17:13 . 2012-11-16 12:20:25 226816 ----a-w- C:\Windows\system32\dhcpcore6.dll

2012-10-09 17:40:31 . 2012-11-16 12:20:25 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40:31 . 2012-11-16 12:20:25 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

2012-10-08 09:42:54 . 2012-10-08 09:42:54 831848 ----a-w- C:\Windows\SysWow64\nvumdshim.dll

2012-10-08 09:42:54 . 2012-10-08 09:42:54 14922600 ----a-w- C:\Windows\system32\nvwgf2umx.dll

2012-10-08 09:42:52 . 2012-10-08 09:42:52 1482600 ----a-w- C:\Windows\system32\nvdispgenco64.dll

2012-10-08 09:42:48 . 2012-10-08 09:42:48 26331496 ----a-w- C:\Windows\system32\nvoglv64.dll

2012-10-08 09:42:48 . 2012-10-08 09:42:48 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll

2012-10-08 09:42:42 . 2012-10-08 09:42:42 2574696 ----a-w- C:\Windows\SysWow64\nvcuvid.dll

2012-10-08 09:42:42 . 2012-10-08 09:42:42 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll

2012-10-08 09:42:42 . 2012-06-14 10:52:13 973672 ----a-w- C:\Windows\system32\nvumdshimx.dll

2012-10-08 09:42:38 . 2012-10-08 09:42:38 7697768 ----a-w- C:\Windows\SysWow64\nvcuda.dll

2012-10-08 09:42:38 . 2012-10-08 09:42:38 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll

2012-10-08 09:42:36 . 2012-10-08 09:42:36 30056 ----a-w- C:\Windows\system32\drivers\nvpciflt.sys

2012-10-08 09:42:36 . 2012-10-08 09:42:36 2747240 ----a-w- C:\Windows\system32\nvcuvid.dll

2012-10-08 09:42:36 . 2012-10-08 09:42:36 25256296 ----a-w- C:\Windows\system32\nvcompiler.dll

2012-10-08 09:42:36 . 2012-10-08 09:42:36 1867112 ----a-w- C:\Windows\SysWow64\nvcuvenc.dll

2012-10-08 09:42:36 . 2012-06-14 10:52:12 247144 ----a-w- C:\Windows\system32\nvinitx.dll

2012-10-08 09:42:34 . 2012-10-08 09:42:34 9146728 ----a-w- C:\Windows\system32\nvcuda.dll

2012-10-08 09:42:32 . 2012-10-08 09:42:32 6127464 ----a-w- C:\Windows\SysWow64\nvopencl.dll

2012-10-08 09:42:22 . 2012-10-08 09:42:22 7414632 ----a-w- C:\Windows\system32\nvopencl.dll

2012-10-08 09:42:20 . 2012-10-08 09:42:20 18252136 ----a-w- C:\Windows\system32\nvd3dumx.dll

2012-10-08 09:42:18 . 2012-10-08 09:42:18 13443944 ----a-w- C:\Windows\system32\drivers\nvlddmkm.sys

2012-10-08 09:42:18 . 2012-06-14 10:52:12 202600 ----a-w- C:\Windows\SysWow64\nvinit.dll

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" [2012-02-24 02:42:05 3331312]

"USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-07 04:12:52 291608]

"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-02 23:33:32 2321072]

"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 13:54:28 322208]

"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 11:59:04 174752]

"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 08:29:42 105016]

"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2012-10-30 22:50:59 4297136]

"ACMON"="C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" [2012-02-21 12:49:04 102568]

"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2012-09-23 19:43:48 3477640]

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 08:04:54 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 22:27:14 138576]

R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-11-26 14:09:20 659040]

R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys [2012-01-09 04:13:12 195584]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-20 04:35:36 102368]

R3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\system32\DRIVERS\ggflt.sys [2012-10-23 23:36:20 14448]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 20:34:18 57344]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 09:43:56 273168]

R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 19:20:56 174440]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14:10:20 19456]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 20:35:57 56832]

R3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 13:38:28 155320]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys [2012-06-27 08:37:56 157672]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 08:37:56 16872]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 08:37:56 177640]

R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys [2012-06-27 08:37:56 146920]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 04:35:36 203104]

R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 14:07:35 57856]

R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 14:08:26 30208]

R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-15 20:44:42 1255736]

R3 X6va011;X6va011;C:\Windows\SysWOW64\Drivers\X6va011 [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 02:10:10 57184]

S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-07 04:12:54 16152]

S0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 09:42:36 30056]

S0 sptd;sptd;C:\Windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 07:55:04 17536]

S2 AFBAgent;AFBAgent;C:\Windows\system32\FBAgent.exe [2011-03-03 23:57:58 379520]

S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 04:19:34 659968]

S2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15:36:14 15416]

S2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 08:14:00 277120]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 22:51:55 71600]

S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-11 16:34:44 135952]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 23:38:24 607456]

S2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2011-12-16 18:02:46 128280]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2011-12-16 18:02:56 161560]

S2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2012-11-26 14:09:22 1225312]

S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-16 19:30:40 363800]

S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 09:44:04 594704]

S3 AiCharger;ASUS Charger Driver;C:\Windows\system32\DRIVERS\AiCharger.sys [2012-02-29 09:08:34 17152]

S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 04:13:12 195584]

S3 AsusVBus;AsusVBus;C:\Windows\system32\DRIVERS\AsusVBus.sys [2011-12-21 21:15:56 35968]

S3 AsusVTouch;AsusVTouch;C:\Windows\system32\DRIVERS\AsusVTouch.sys [2011-11-08 02:48:28 16512]

S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-10-17 19:52:07 283200]

S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys [2012-02-19 18:16:24 200488]

S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 02:31:14 331264]

S3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-02-07 04:12:54 356120]

S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-07 04:12:56 787736]

S3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys [2010-09-01 08:30:58 17976]

S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\system32\DRIVERS\RtsBaStor.sys [2012-02-01 09:06:18 292968]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 13:57:24 565352]

Inhoud van de 'Gedeelde Taken' map

2012-12-19 C:\Windows\Tasks\AutoKMS.job

- C:\Windows\AutoKMS\AutoKMS.exe [2012-11-17 09:24:54 . 2012-11-17 09:24:54]

2012-12-19 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 02:29:00 . 2012-02-24 02:28:59]

2012-12-19 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 02:29:00 . 2012-02-24 02:28:59]

2012-12-19 C:\Windows\Tasks\HP Photo Creations Messager.job

- C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11:00 . 2011-02-15 10:11:00]

2012-12-18 C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job

- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41:18 . 2011-11-25 20:41:18]

2012-12-18 C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41:18 . 2011-11-25 20:41:18]

--------- X64 Entries -----------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 22:50:24 133400 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2011-05-25 07:09:22 227840 ----a-w- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2011-05-25 07:09:22 227840 ----a-w- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2012-02-22 07:18:22 170264]

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2012-02-22 07:18:00 398616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=C:\Windows\System32\nvinitx.dll

------- Bijkomende Scan -------

uLocal Page = C:\Windows\system32\blank.htm

mStart Page = hxxp://www.google.com

mLocal Page = C:\Windows\SysWOW64\blank.htm

IE: &Verzenden naar OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.131.5 195.130.130.133 192.168.1.1

TCP: Interfaces\{15246C6F-8BF9-4E51-8D5D-ADC8E39305C6}: NameServer = 195.130.130.11,8.8.8.8

TCP: Interfaces\{15246C6F-8BF9-4E51-8D5D-ADC8E39305C6}\34963736F66353231323: NameServer = 195.130.130.11,8.8.8.8

TCP: Interfaces\{15246C6F-8BF9-4E51-8D5D-ADC8E39305C6}\75966696F57323: NameServer = 195.130.130.11,8.8.8.8

TCP: Interfaces\{15246C6F-8BF9-4E51-8D5D-ADC8E39305C6}\96E656C696379656E6: NameServer = 195.130.130.11,8.8.8.8

- - - - ORPHANS VERWIJDERD - - - -

Toolbar-Locked - (no file)

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)

HKLM-Run-ETDCtrl - C:\Program Files (x86)\Elantech\ETDCtrl.exe

[kape]

Download de Emsisoft Emergency Kit naar het bureaublad en pak het ZIP bestand uit.

• Open de map "EmsisoftEmergencyKit" en dubbelklik op "Start.exe"
  
• Klik nu op "Emergency Kit Scanner" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "Ja"
  
  
• Als de update gereed is en de melding "Update process is succesvol afgerond" verschijnt klikt u op "menu" en dan op "Scan PC"
  
• Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
  
• Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
  
• Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
  
• Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde" u zal nu de volgende melding krijgen maar klik hier op "Ja"
  
  
• Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
  
• Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
  
• Herstart nu de computer.