Mededeling

Collapse
No announcement yet.

Kan alleen gmail openen in chrome....

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Kan alleen gmail openen in chrome....

    Hoi,
    Ik heb op mijn laptop 2 gebruikers. De ene gebruiker kan alleen gmail openen in chrome en het opvolgende tabblad kan helemaal niets geopend worden (blijft zelfs vaak blanco). Ook is de laptop daar erg traag met openen van programma's.
    De tweede gebruiker kan gewoon op chrome en kan ook opvolgende tabbladen gewoon gebruiken. Wel is de laptop ook daar erg traag.



    6-3-2014 12:58:13
    MBAM-log-2014-03-06 (17-25-49).txt

    Scan type: Volledige scan (C:\|D:\|E:\|)
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 513086
    Verstreken tijd: 4 uur/uren, 18 minuut/minuten, 3 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 1
    HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{A744F16C-B2D5-4138-81A2-085CDFCDE83A} (Trojan.BHO) -> Geen actie ondernomen.

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 2
    C:\AdwCleaner\Quarantine\C\Users\Elly\AppData\Roaming\OpenCandy\OpenCandy_8F06413447FD4CE6BCFD9BE3C9 5CDF28\DLMgr_3_1.6.44.exe.vir (PUP.Optional.OpenCandy) -> Geen actie ondernomen.
    C:\AdwCleaner\Quarantine\C\Users\Steven.LAPPIE-ELLY\AppData\Roaming\OpenCandy\6736015FD91B44ED859A9C4D80746D10\DeltaTB.exe.vir (PUP.Optional.Babylon.A) -> Geen actie ondernomen.

    (einde)
    Bijgevoegde Bestanden

  • #2
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16533 BrowserJavaVersion: 1.6.0_23
    Run by Elly at 17:54:28 on 2014-03-06
    Microsoft® Windows Vista™ Business 6.0.6002.2.1252.31.1043.18.2045.649 [GMT 1:00]
    .
    AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\WLANExt.exe
    C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    C:\Windows\system32\aestsrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton 360 Premier Edition\Engine\21.1.0.18\N360.exe
    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
    C:\Windows\system32\PSIService.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Windows\system32\STacSV.exe
    C:\Program Files\Settings Manager\systemk\SystemkService.exe
    C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe
    C:\Program Files\Settings Manager\systemk\SystemkService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Norton 360 Premier Edition\Engine\21.1.0.18\N360.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Settings Manager\systemk\systemku.exe
    C:\Windows\OEM02Mon.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
    C:\Program Files\Alcatel-Lucent\WCM\Connection Manager.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
    C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com
    uURLSearchHooks: {d2ab2732-a124-4fb2-8da5-4a6a9e379331} - <orphaned>
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Linkey: {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - c:\program files\linkey\ieextension\iedll.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton 360 premier edition\engine\21.1.0.18\CoIEPlg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton 360 premier edition\engine\21.1.0.18\ips\IPSBHO.dll
    BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360 premier edition\engine\21.1.0.18\CoIEPlg.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [Google Update] "c:\users\elly\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
    mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
    mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
    mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\11.0\sharedcom\RoxWatchTray11.exe"
    mRun: [CPMonitor] "c:\program files\roxio creator 2009\5.0\CPMonitor.exe"
    mRun: [WCM] c:\program files\alcatel-lucent\wcm\Connection Manager.exe /hide /sec:10
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
    mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
    mRun: [IJNetworkScannerSelectorEX] c:\program files\canon\ij network scanner selector ex\CNMNSST.exe /FORCE
    mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
    dRunOnce: [AutoLaunch] c:\program files\lavasoft\ad-aware\AutoLaunch.exe monthly
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    Trusted Zone: internet
    Trusted Zone: isohunt.com
    Trusted Zone: mcafee.com
    Trusted Zone: mcafee.com
    DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
    DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scan8/oscan8.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    TCP: NameServer = 192.168.2.254 195.121.1.34 195.121.1.66
    TCP: Interfaces\{3E006832-1AAD-4466-AAAB-532D6C4166F6} : DHCPNameServer = 81.28.80.105 81.28.80.118
    TCP: Interfaces\{5303F8F0-77CF-48F2-AA89-DD78670ECC8D} : DHCPNameServer = 192.168.2.254 195.121.1.34 195.121.1.66
    TCP: Interfaces\{7C25B739-0889-47F2-A5B8-7CB4D65219F5} : DHCPNameServer = 192.168.2.254 195.121.1.34 195.121.1.66
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs= c:\progra~1\linkey\ieexte~1\iedll.dll c:\progra~1\settin~1\systemk\syskldr.dll
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.146\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    mASetup: {A744F16C-B2D5-4138-81A2-085CDFCDE83A} - rundll32 sxmg4.dll,InitModule
    IFEO: bpsvc.exe - tasklist.exe
    IFEO: browsersafeguard.exe - tasklist.exe
    IFEO: dprotectsvc.exe - tasklist.exe
    IFEO: protectedsearch.exe - tasklist.exe
    IFEO: rjatydimofu.exe - tasklist.exe
    .
    Note: multiple IFEO entries found. Please refer to Attach.txt
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\elly\appdata\roaming\mozilla\firefox\profiles\12eohbf2.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
    FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
    FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.0.0.136\coffplgn\components\coFFPlgn.dll
    FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.0.0.136\ipsffplgn\components\IPSFFPl.dll
    FF - plugin: c:\program files\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\elly\appdata\local\google\update\1.2.183.13\npGoogleOneClick8.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-15 64160]
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1501000.012\SymDS.sys [2013-11-17 367704]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1501000.012\SymEFA.sys [2013-11-17 935512]
    R1 BHDrvx86;BHDrvx86;c:\program files\norton 360 premier edition\nortondata\21.1.0.18\definitions\bashdefs\20140214.001\BHDrvx86.sys [2014-2-19 1098968]
    R1 c2scsi;c2scsi;c:\windows\system32\drivers\C2SCSI.SYS [2008-8-11 254320]
    R1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\n360\1501000.012\ccSetx86.sys [2013-11-17 127064]
    R1 IDSVix86;IDSVix86;c:\program files\norton 360 premier edition\nortondata\21.1.0.18\definitions\ipsdefs\20140304.002\IDSvix86.sys [2014-3-6 395992]
    R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-6-27 214024]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1501000.012\Ironx86.sys [2013-11-17 206936]
    R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\1501000.012\symtdiv.sys [2013-11-17 383576]
    R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-12-27 73728]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-12-16 21504]
    R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\freemake\capturelib\CaptureLibService.exe [2013-6-30 9216]
    R2 N360;Norton 360;c:\program files\norton 360 premier edition\engine\21.1.0.18\N360.exe [2013-11-17 264360]
    R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2010-9-16 80896]
    R2 SystemkService;Systemk Service;c:\program files\settings manager\systemk\SystemkService.exe [2014-3-2 3448848]
    R2 WiMAX WCM Daemon;WiMAX WCM Daemon;c:\program files\alcatel-lucent\wcm\WiMAXd.exe [2008-12-4 159744]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-12-12 108120]
    R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-8-28 3664384]
    R3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2011-2-11 35088]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 Roxio Upnp Server 11;Roxio Upnp Server 11;c:\program files\roxio creator 2009\digital home 11\RoxioUpnpService11.exe [2008-8-14 367088]
    S2 RoxLiveShare11;LiveShare P2P Server 11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxLiveShare11.exe [2008-8-14 309744]
    S2 RoxWatch11;Roxio Hard Drive Watcher 11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxWatch11.exe [2008-8-14 170480]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-3-1 161384]
    S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2013-6-30 26032]
    S3 bcm;Beceem Communications Inc. Tarang3;c:\windows\system32\drivers\drxvi314.sys [2008-10-10 232960]
    S3 bcmbusctr;Beceem Devices' Enumerator;c:\windows\system32\drivers\BcmBusCtr.sys [2008-10-10 54784]
    S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-6-10 24576]
    S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-23 23040]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-3-6 40776]
    S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2008-12-16 79880]
    S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2008-12-16 35272]
    S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2008-12-16 34216]
    S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2008-12-16 40552]
    S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-2-1 138112]
    S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-2-1 8320]
    S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\program files\roxio creator 2009\digital home 11\RoxioUPnPRenderer11.exe [2008-8-14 313840]
    S3 RoxMediaDB11;RoxMediaDB11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxMediaDB11.exe [2009-1-8 1122304]
    S3 WPFFontCache_v0400;Windows Presentation Foundation-lettertypecache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
    .
    =============== Created Last 30 ================
    .
    2014-03-06 11:56:14 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2014-03-06 11:49:34 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2014-03-02 17:48:22 -------- d-----w- c:\program files\VideoLAN
    2014-03-02 16:08:08 -------- d-----w- c:\program files\Linkey
    2014-03-02 16:07:59 -------- d-----w- c:\program files\Settings Manager
    2014-03-02 16:07:56 -------- d-----w- c:\programdata\systemk
    2014-03-02 16:04:31 -------- d-----w- c:\program files\DVD Shrink
    2014-02-12 15:52:40 1248768 ----a-w- c:\windows\system32\msxml3.dll
    .
    ==================== Find3M ====================
    .
    2014-02-05 08:56:17 1806848 ----a-w- c:\windows\system32\jscript9.dll
    2014-02-05 08:50:39 1129472 ----a-w- c:\windows\system32\wininet.dll
    2014-02-05 08:49:56 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2014-02-05 08:48:40 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2014-02-05 08:48:27 421376 ----a-w- c:\windows\system32\vbscript.dll
    2014-02-05 08:47:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    .
    ============= FINISH: 17:56:40,53 ===============

    Comment


    • #3
      GMER 2.1.19357 - http://www.gmer.net
      Rootkit scan 2014-03-06 18:56:42
      Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST916082 rev.3.CD 149,05GB
      Running: sdtd09nh.exe; Driver: C:\Users\Elly\AppData\Local\Temp\pwdyiuoc.sys


      ---- System - GMER 2.1 ----

      SSDT 95259D70 ZwAlertResumeThread
      SSDT 95259E08 ZwAlertThread
      SSDT 9A3B31A8 ZwAllocateVirtualMemory
      SSDT 950FA810 ZwAlpcConnectPort
      SSDT 952591F8 ZwAssignProcessToJobObject
      SSDT 952595A8 ZwCreateMutant
      SSDT 952A1FC0 ZwCreateSymbolicLinkObject
      SSDT 9521EE70 ZwCreateThread
      SSDT 95259290 ZwDebugActiveProcess
      SSDT 9A102640 ZwDuplicateObject
      SSDT 953A6788 ZwFreeVirtualMemory
      SSDT 95259650 ZwImpersonateAnonymousToken
      SSDT 95259CD8 ZwImpersonateThread
      SSDT 950FA778 ZwLoadDriver
      SSDT 953A66D0 ZwMapViewOfSection
      SSDT 95259510 ZwOpenEvent
      SSDT 953A6F60 ZwOpenProcess
      SSDT 9A1025C8 ZwOpenProcessToken
      SSDT 952593E0 ZwOpenSection
      SSDT 9A102F60 ZwOpenThread
      SSDT 95259150 ZwProtectVirtualMemory
      SSDT 95259EA0 ZwResumeThread
      SSDT 953A6478 ZwSetContextThread
      SSDT 953A6510 ZwSetInformationProcess
      SSDT 95259328 ZwSetSystemInformation
      SSDT 95259478 ZwSuspendProcess
      SSDT 95259F38 ZwSuspendThread
      SSDT 95259A70 ZwTerminateProcess
      SSDT 95259FD0 ZwTerminateThread
      SSDT 953A6598 ZwUnmapViewOfSection
      SSDT 9A3B3100 ZwWriteVirtualMemory
      SSDT 95259098 ZwCreateThreadEx

      ---- Kernel code sections - GMER 2.1 ----

      .text ntoskrnl.exe!KeInsertQueue + 30D 82481814 8 Bytes [70, 9D, 25, 95, 08, 9E, 25, ...] {JO 0xffffff9f; AND EAX, 0x259e0895; XCHG EBP, EAX}
      .text ntoskrnl.exe!KeInsertQueue + 321 82481828 4 Bytes [A8, 31, 3B, 9A]
      .text ntoskrnl.exe!KeInsertQueue + 32D 82481834 4 Bytes [10, A8, 0F, 95]
      .text ntoskrnl.exe!KeInsertQueue + 381 82481888 4 Bytes [F8, 91, 25, 95]
      .text ntoskrnl.exe!KeInsertQueue + 3E5 824818EC 4 Bytes [A8, 95, 25, 95]
      .text ...
      ? System32\drivers\mfwbtnu.sys Het systeem kan het opgegeven pad niet vinden. !
      ? C:\Users\Elly\AppData\Local\Temp\mbr.sys Het systeem kan het opgegeven bestand niet vinden. !

      ---- User code sections - GMER 2.1 ----

      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtClose 777941A4 5 Bytes JMP 5F9C80A0 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtCreateFile 77794264 5 Bytes JMP 5F9C7EE0 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtCreateFile + 6 7779426A 4 Bytes CALL AEF96B29
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtCreateFile + B 7779426F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtFlushBuffersFile 77794764 5 Bytes JMP 5F9E6E90 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtLockFile 77794934 5 Bytes JMP 5F9E6F80 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtMapViewOfSection + 6 777949BA 4 Bytes [28, 83, 37, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtMapViewOfSection + B 777949BF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenFile 77794A44 5 Bytes JMP 5F9C7E50 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenFile + 6 77794A4A 4 Bytes CALL AEF9B309
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenFile + B 77794A4F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenProcess + 6 77794ACA 4 Bytes [A8, 81, 37, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenProcess + B 77794ACF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenProcessToken + 6 77794ADA 4 Bytes CALL 76798260
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenProcessToken + B 77794ADF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenProcessTokenEx + 6 77794AEA 4 Bytes [A8, 82, 37, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenProcessTokenEx + B 77794AEF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenThread + 6 77794B3A 4 Bytes [68, 81, 37, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenThread + B 77794B3F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenThreadToken + 6 77794B4A 4 Bytes [68, 82, 37, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenThreadToken + B 77794B4F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenThreadTokenEx + 6 77794B5A 4 Bytes CALL 767982E1
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtOpenThreadTokenEx + B 77794B5F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtQueryAttributesFile + 6 77794BEA 4 Bytes [A8, 80, 37, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtQueryAttributesFile + B 77794BEF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtQueryFullAttributesFile + 6 77794C9A 4 Bytes CALL 7679841F
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtQueryFullAttributesFile + B 77794C9F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtQueryInformationFile 77794CB4 5 Bytes JMP 5F9C8120 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtReadFile 77794EC4 5 Bytes JMP 5F9C7F80 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtSetInformationFile 77795174 5 Bytes JMP 5F9C81B0 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtSetInformationFile + 6 7779517A 4 Bytes CALL AEFA7A39
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtSetInformationFile + B 7779517F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtSetInformationThread + 6 777951CA 4 Bytes [28, 82, 37, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtSetInformationThread + B 777951CF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtUnlockFile 77795444 5 Bytes JMP 5F9E7010 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtUnmapViewOfSection + 6 7779546A 4 Bytes [68, 83, 37, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtUnmapViewOfSection + B 7779546F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[1288] ntdll.dll!NtWriteFile 777954D4 5 Bytes JMP 5F9C8010 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ntdll.dll!NtTerminateThread 77795394 5 Bytes JMP 00170050
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!OpenSCManagerA + 125 76832EB8 7 Bytes JMP 001A0768
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!CloseServiceHandle + AA 7683834F 7 Bytes JMP 001A0210
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!AreAllAccessesGranted + 3FD 76859EAF 7 Bytes JMP 001A05A0
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!CreateServiceW + FF 76859FB3 7 Bytes JMP 001A012C
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!ControlService + C1 7685A079 7 Bytes JMP 001A084C
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!I_ScGetCurrentGroupStateW + 8F 76896629 3 Bytes JMP 001A03D8
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!I_ScGetCurrentGroupStateW + 93 7689662D 3 Bytes [89, EB, F9] {MOV EBX, EBP; STC }
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!ControlServiceExA + 10E 7689673C 3 Bytes JMP 001A0048
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!ControlServiceExA + 112 76896740 3 Bytes [89, EB, F9] {MOV EBX, EBP; STC }
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!SetServiceObjectSecurity + FB 76896DD4 3 Bytes JMP 001A0684
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!SetServiceObjectSecurity + FF 76896DD8 3 Bytes [89, EB, F9] {MOV EBX, EBP; STC }
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!ChangeServiceConfigA + 1A3 76896F7C 3 Bytes JMP 001A04BC
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!ChangeServiceConfigA + 1A7 76896F80 3 Bytes [89, EB, F9] {MOV EBX, EBP; STC }
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!ChangeServiceConfig2W + BB 7689729C 2 Bytes JMP 001A02F4
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] ADVAPI32.dll!ChangeServiceConfig2W + BF 768972A0 3 Bytes [89, EB, F9] {MOV EBX, EBP; STC }
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] USER32.dll!FindWindowA + 1BF 75E29F35 7 Bytes JMP 001A0A12
      .text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[1956] USER32.dll!RecordShutdownReason + 36A 75E6B7BE 7 Bytes JMP 001A0930
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] ntdll.dll!NtTerminateThread 77795394 5 Bytes JMP 001E0050
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] ADVAPI32.dll!OpenSCManagerA + 125 76832EB8 7 Bytes JMP 00220768
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] ADVAPI32.dll!CloseServiceHandle + AA 7683834F 7 Bytes JMP 00220210
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] ADVAPI32.dll!AreAllAccessesGranted + 3FD 76859EAF 7 Bytes JMP 002205A0
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] ADVAPI32.dll!CreateServiceW + FF 76859FB3 7 Bytes JMP 0022012C
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] ADVAPI32.dll!ControlService + C1 7685A079 7 Bytes JMP 0022084C
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] ADVAPI32.dll!I_ScGetCurrentGroupStateW + 8F 76896629 7 Bytes JMP 002203D8
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] ADVAPI32.dll!ControlServiceExA + 10E 7689673C 7 Bytes JMP 00220048
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] ADVAPI32.dll!SetServiceObjectSecurity + FB 76896DD4 7 Bytes JMP 00220684
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] ADVAPI32.dll!ChangeServiceConfigA + 1A3 76896F7C 7 Bytes JMP 002204BC
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] ADVAPI32.dll!ChangeServiceConfig2W + BB 7689729C 2 Bytes JMP 002202F4
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] ADVAPI32.dll!ChangeServiceConfig2W + BE 7689729F 4 Bytes [98, 89, EB, F9] {CWDE ; MOV EBX, EBP; STC }
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] USER32.dll!FindWindowA + 1BF 75E29F35 7 Bytes JMP 00220A12
      .text C:\Program Files\Alcatel-Lucent\WCM\WiMAXd.exe[3728] USER32.dll!RecordShutdownReason + 36A 75E6B7BE 7 Bytes JMP 00220930
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtClose 777941A4 5 Bytes JMP 5F9C80A0 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtCreateFile 77794264 5 Bytes JMP 5F9C7EE0 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtCreateFile + 6 7779426A 4 Bytes CALL 9AE56B29
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtCreateFile + B 7779426F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtFlushBuffersFile 77794764 5 Bytes JMP 5F9E6E90 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtLockFile 77794934 5 Bytes JMP 5F9E6F80 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtMapViewOfSection + 6 777949BA 4 Bytes [28, 6F, 23, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtMapViewOfSection + B 777949BF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenFile 77794A44 5 Bytes JMP 5F9C7E50 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenFile + 6 77794A4A 4 Bytes CALL 9AE5B309
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenFile + B 77794A4F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenProcess + 6 77794ACA 4 Bytes [A8, 6D, 23, 00] {TEST AL, 0x6d; AND EAX, [EAX]}
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenProcess + B 77794ACF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenProcessToken + 6 77794ADA 4 Bytes CALL 76796E4C
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenProcessToken + B 77794ADF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenProcessTokenEx + 6 77794AEA 4 Bytes [A8, 6E, 23, 00] {TEST AL, 0x6e; AND EAX, [EAX]}
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenProcessTokenEx + B 77794AEF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenThread + 6 77794B3A 4 Bytes [68, 6D, 23, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenThread + B 77794B3F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenThreadToken + 6 77794B4A 4 Bytes [68, 6E, 23, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenThreadToken + B 77794B4F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenThreadTokenEx + 6 77794B5A 4 Bytes CALL 76796ECD
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtOpenThreadTokenEx + B 77794B5F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtQueryAttributesFile + 6 77794BEA 4 Bytes [A8, 6C, 23, 00] {TEST AL, 0x6c; AND EAX, [EAX]}
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtQueryAttributesFile + B 77794BEF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtQueryFullAttributesFile + 6 77794C9A 4 Bytes CALL 7679700B
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtQueryFullAttributesFile + B 77794C9F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtQueryInformationFile 77794CB4 5 Bytes JMP 5F9C8120 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtReadFile 77794EC4 5 Bytes JMP 5F9C7F80 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtSetInformationFile 77795174 5 Bytes JMP 5F9C81B0 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtSetInformationFile + 6 7779517A 4 Bytes CALL 9AE67A39
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtSetInformationFile + B 7779517F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtSetInformationThread + 6 777951CA 4 Bytes [28, 6E, 23, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtSetInformationThread + B 777951CF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtUnlockFile 77795444 5 Bytes JMP 5F9E7010 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtUnmapViewOfSection + 6 7779546A 4 Bytes [68, 6F, 23, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtUnmapViewOfSection + B 7779546F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[5432] ntdll.dll!NtWriteFile 777954D4 5 Bytes JMP 5F9C8010 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6028] ntdll.dll!NtClose 777941A4 5 Bytes JMP 5F9C80A0 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6028] ntdll.dll!NtCreateFile 77794264 5 Bytes JMP 5F9C7EE0 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6028] ntdll.dll!NtFlushBuffersFile 77794764 5 Bytes JMP 5F9E6E90 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6028] ntdll.dll!NtLockFile 77794934 5 Bytes JMP 5F9E6F80 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6028] ntdll.dll!NtOpenFile 77794A44 5 Bytes JMP 5F9C7E50 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6028] ntdll.dll!NtQueryInformationFile 77794CB4 5 Bytes JMP 5F9C8120 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6028] ntdll.dll!NtReadFile 77794EC4 5 Bytes JMP 5F9C7F80 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6028] ntdll.dll!NtSetInformationFile 77795174 5 Bytes JMP 5F9C81B0 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6028] ntdll.dll!NtUnlockFile 77795444 5 Bytes JMP 5F9E7010 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6028] ntdll.dll!NtWriteFile 777954D4 5 Bytes JMP 5F9C8010 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtClose 777941A4 5 Bytes JMP 5F9C80A0 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtCreateFile 77794264 5 Bytes JMP 5F9C7EE0 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtCreateFile + 6 7779426A 4 Bytes CALL 09096B29
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtCreateFile + B 7779426F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtFlushBuffersFile 77794764 5 Bytes JMP 5F9E6E90 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtLockFile 77794934 5 Bytes JMP 5F9E6F80 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtMapViewOfSection + 6 777949BA 4 Bytes [28, 93, 91, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtMapViewOfSection + B 777949BF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenFile 77794A44 5 Bytes JMP 5F9C7E50 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenFile + 6 77794A4A 4 Bytes CALL 0909B309
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenFile + B 77794A4F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenProcess + 6 77794ACA 4 Bytes [A8, 91, 91, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenProcess + B 77794ACF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenProcessToken + 6 77794ADA 4 Bytes CALL 7679DC70
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenProcessToken + B 77794ADF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenProcessTokenEx + 6 77794AEA 4 Bytes [A8, 92, 91, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenProcessTokenEx + B 77794AEF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenThread + 6 77794B3A 4 Bytes [68, 91, 91, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenThread + B 77794B3F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenThreadToken + 6 77794B4A 4 Bytes [68, 92, 91, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenThreadToken + B 77794B4F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenThreadTokenEx + 6 77794B5A 4 Bytes CALL 7679DCF1
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtOpenThreadTokenEx + B 77794B5F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtQueryAttributesFile + 6 77794BEA 4 Bytes [A8, 90, 91, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtQueryAttributesFile + B 77794BEF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtQueryFullAttributesFile + 6 77794C9A 4 Bytes CALL 7679DE2F
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtQueryFullAttributesFile + B 77794C9F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtQueryInformationFile 77794CB4 5 Bytes JMP 5F9C8120 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtReadFile 77794EC4 5 Bytes JMP 5F9C7F80 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtSetInformationFile 77795174 5 Bytes JMP 5F9C81B0 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtSetInformationFile + 6 7779517A 4 Bytes CALL 090A7A39
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtSetInformationFile + B 7779517F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtSetInformationThread + 6 777951CA 4 Bytes [28, 92, 91, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtSetInformationThread + B 777951CF 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtUnlockFile 77795444 5 Bytes JMP 5F9E7010 c:\program files\settings manager\systemk\systemk.dll
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtUnmapViewOfSection + 6 7779546A 4 Bytes [68, 93, 91, 00]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtUnmapViewOfSection + B 7779546F 1 Byte [E2]
      .text C:\Program Files\Google\Chrome\Application\chrome.exe[6044] ntdll.dll!NtWriteFile 777954D4 5 Bytes JMP 5F9C8010 c:\program files\settings manager\systemk\systemk.dll

      ---- Devices - GMER 2.1 ----

      AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS
      AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS
      AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS
      AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
      AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys

      ---- Registry - GMER 2.1 ----

      Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021091A0031400000000000F01FEC\[email protected]_1043 1147543963
      Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9040710900063D11C8EF10054038389C\[email protected] 1147571712

      ---- EOF - GMER 2.1 ----

      Comment


      • #4
        Download Zoek.zip naar het bureaublad.
        • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.


        Antivirussoftware uitschakelen
        Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

        Zoek.exe uitvoeren
        Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
        • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
        • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
        • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
        • Klik nu op de knop "Run script".
        • Er verschijnt een popup met de melding dat er geen script aangetroffen is, druk gewoon op OK.
        • Zoek.exe gaat nu een scan + reparatie uitvoeren, bij sommige systemen kan deze langer dan een half uur duren.
        • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
        • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
        • Post het geopende logje in het volgende bericht als bijlage.


        Zoek.exe logbestand plaatsen
        • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht.
          (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Dankje wel Juisterr. Ik heb het zoek logbestandje hier toegevoegd.
          Bijgevoegde Bestanden

          Comment


          • #6
            Is er na deze opruiming al wat verbeterd ?

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              Hoi Juisterr

              Er is nog steeds niets verbeterd, ik kan nog steeds geen pagina openen behalve mijn gmail en een volgend tabblad blijft nog steeds blanco. Ook is hij nog steeds even traag.

              Comment


              • #8
                Zou iemand nog iets voor me weten wat ik nog zou kunnen proberen???

                Comment


                • #9
                  Download ComboFix van één van deze locaties:

                  Link 1
                  Link 2


                  * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.

                  >>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.






                  1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

                  * (hier of hier

                  2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
                  3. Dubbelklik op "Combofix.exe" om de tool te starten.
                  4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

                  * Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

                  5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

                  Windows 10 opstarten in Veilige Modus

                  Comment


                  • #10
                    ComboFix 14-03-10.01 - Steven 11-03-2014 18:15:23.4.2 - x86
                    Microsoft® Windows Vista™ Business 6.0.6002.2.1252.31.1043.18.2045.1137 [GMT 1:00]
                    Gestart vanuit: c:\users\Steven.LAPPIE-ELLY\Downloads\ComboFix.exe
                    AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
                    FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
                    SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
                    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                    .
                    .
                    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    c:\programdata\Roaming
                    c:\users\Elly\TstClnt.exe
                    c:\users\Elly\tstsrvr.exe
                    c:\windows\system32\CddbCdda.dll
                    c:\windows\system32\drivers\etc\hosts.ics
                    c:\windows\TEMP\logishrd\LVPrcInj01.dll
                    .
                    .
                    (((((((((((((((((((( Bestanden Gemaakt van 2014-02-11 to 2014-03-11 ))))))))))))))))))))))))))))))
                    .
                    .
                    2014-03-11 17:28 . 2014-03-11 18:04 -------- d-----w- c:\users\Steven.LAPPIE-ELLY\AppData\Local\temp
                    2014-03-11 17:28 . 2014-03-11 17:28 -------- d-----w- c:\users\Steven\AppData\Local\temp
                    2014-03-11 17:28 . 2014-03-11 17:28 -------- d-----w- c:\users\Elly\AppData\Local\temp
                    2014-03-11 17:28 . 2014-03-11 17:28 -------- d-----w- c:\users\Default\AppData\Local\temp
                    2014-03-09 07:50 . 2014-03-09 07:17 24064 ----a-w- c:\windows\zoek-delete.exe
                    2014-03-09 07:17 . 2014-03-09 07:47 -------- d-----w- C:\zoek_backup
                    2014-03-06 11:56 . 2014-03-06 11:56 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
                    2014-03-06 11:49 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
                    2014-03-04 11:48 . 2014-03-04 11:48 -------- d-----w- c:\users\Steven.LAPPIE-ELLY\AppData\Roaming\dvdcss
                    2014-03-02 18:22 . 2014-03-04 11:50 -------- d-----w- c:\users\Steven.LAPPIE-ELLY\AppData\Roaming\vlc
                    2014-03-02 17:48 . 2014-03-02 17:48 -------- d-----w- c:\program files\VideoLAN
                    2014-03-02 16:42 . 2014-03-04 10:24 -------- d-----w- c:\programdata\DVD Shrink
                    2014-03-02 16:08 . 2014-03-02 16:08 -------- d-----w- c:\program files\Linkey
                    2014-03-02 16:07 . 2014-03-02 16:07 -------- d-----w- c:\program files\Settings Manager
                    2014-03-02 16:07 . 2014-03-11 18:04 -------- d-----w- c:\programdata\systemk
                    2014-03-02 16:04 . 2014-03-02 16:42 -------- d-----w- c:\program files\DVD Shrink
                    2014-02-12 15:52 . 2013-12-05 02:12 1248768 ----a-w- c:\windows\system32\msxml3.dll
                    .
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                    REGEDIT4
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
                    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-09-11 02:09 131248 ----a-w- c:\users\Steven.LAPPIE-ELLY\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
                    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-09-11 02:09 131248 ----a-w- c:\users\Steven.LAPPIE-ELLY\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
                    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-09-11 02:09 131248 ----a-w- c:\users\Steven.LAPPIE-ELLY\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
                    .
                    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                    "AdobeBridge"="" [BU]
                    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-06 39408]
                    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                    "OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864]
                    "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-04-25 174872]
                    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-26 1029416]
                    "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
                    "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]
                    "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe" [2008-08-13 240112]
                    "CPMonitor"="c:\program files\Roxio Creator 2009\5.0\CPMonitor.exe" [2008-08-10 80368]
                    "WCM"="c:\program files\Alcatel-Lucent\WCM\Connection Manager.exe" [2009-04-23 6512640]
                    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
                    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-06 198160]
                    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-16 13793824]
                    "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-06-16 92704]
                    "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
                    "IJNetworkScannerSelectorEX"="c:\program files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-03-26 449168]
                    "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-13 405504]
                    .
                    c:\users\Steven.LAPPIE-ELLY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                    Dropbox.lnk - c:\users\Steven.LAPPIE-ELLY\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
                    .
                    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
                    Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-1-15 809488]
                    QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                    "EnableUIADesktopToggle"= 0 (0x0)
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
                    "AppInit_DLLs"=c:\progra~1\Linkey\IEEXTE~1\iedll.dll
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
                    @="Service"
                    .
                    [HKLM\~\startupfolder\C:^Users^Steven.LAPPIE-ELLY^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]
                    path=c:\users\Steven.LAPPIE-ELLY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk
                    backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup
                    backupExtension=.Startup
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
                    2007-09-10 23:43 67488 ----a-w- c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
                    2008-06-12 01:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
                    2008-11-13 07:03 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
                    2007-10-30 18:52 16200 ----a-w- c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
                    2009-05-21 10:13 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
                    2008-02-13 18:21 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
                    2010-01-13 22:50 135664 ----atw- c:\users\Steven.LAPPIE-ELLY\AppData\Local\Google\Update\GoogleUpdate.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
                    2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
                    2009-04-02 14:11 342312 ----a-w- c:\program files\iTunes\iTunesHelper.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
                    2008-10-10 13:46 69632 ----a-w- c:\windows\KHALMNPR.Exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
                    2013-04-04 13:50 887432 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
                    2008-12-03 11:47 1205760 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
                    2007-08-07 00:05 200704 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
                    2006-08-17 08:00 1116920 ----a-w- c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
                    2013-03-01 10:16 18643560 ----a-r- c:\program files\Skype\Phone\Skype.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
                    2009-01-06 04:38 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
                    2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
                    "DisableMonitoring"=dword:00000001
                    .
                    S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-09-20 73728]
                    .
                    .
                    --- Andere Services/Drivers In Geheugen ---
                    .
                    *NewlyCreated* - WS2IFSL
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
                    LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
                    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                    2014-03-06 09:27 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
                    .
                    Inhoud van de 'Gedeelde Taken' map
                    .
                    2014-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                    - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-09 11:46]
                    .
                    2014-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                    - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-09 11:46]
                    .
                    2014-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1072179391-3643905457-714905926-1000Core.job
                    - c:\users\Elly\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-27 20:54]
                    .
                    2014-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1072179391-3643905457-714905926-1000UA.job
                    - c:\users\Elly\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-27 20:54]
                    .
                    2014-03-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1072179391-3643905457-714905926-1002Core.job
                    - c:\users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-13 21:36]
                    .
                    2014-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1072179391-3643905457-714905926-1002UA.job
                    - c:\users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-13 21:36]
                    .
                    2014-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1072179391-3643905457-714905926-1004Core.job
                    - c:\users\Steven.LAPPIE-ELLY\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-13 22:50]
                    .
                    2014-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1072179391-3643905457-714905926-1004UA.job
                    - c:\users\Steven.LAPPIE-ELLY\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-13 22:50]
                    .
                    .
                    ------- Bijkomende Scan -------
                    .
                    uStart Page = hxxp://www.google.com
                    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
                    TCP: DhcpNameServer = 192.168.2.254 195.121.1.34 195.121.1.66
                    .
                    - - - - ORPHANS VERWIJDERD - - - -
                    .
                    Toolbar-10 - (no file)
                    HKCU-Run-Logitech Vid - c:\program files\Logitech\Logitech Vid\vid.exe
                    HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
                    HKU-Default-RunOnce-AutoLaunch - c:\program files\Lavasoft\Ad-Aware\AutoLaunch.exe
                    SafeBoot-WudfPf
                    SafeBoot-WudfRd
                    AddRemove-Aangifte inkomstenbelasting 2008 - g:\bdienst\2008\ib2008u.exe
                    AddRemove-Messenger Plus! - c:\program files\Yuna Software\Messenger Plus!\Uninstall.exe
                    AddRemove-Mozilla Firefox (3.0.11) - c:\program files\Mozilla Firefox\uninstall\helper.exe
                    AddRemove-{209A2DC5-D119-15C5-82EC-D4C24616809C} - c:\windows\system32\mjjezqcbdunz.dll-uninst.exe
                    AddRemove-{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1 - c:\program files\Uniblue\RegistryBooster\unins000.exe
                    .
                    .
                    .
                    **************************************************************************
                    .
                    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
                    Rootkit scan 2014-03-11 19:04
                    Windows 6.0.6002 Service Pack 2 NTFS
                    .
                    scannen van verborgen processen ...
                    .
                    scannen van verborgen autostart items ...
                    .
                    scannen van verborgen bestanden ...
                    .
                    .
                    c:\users\STEVEN~1.LAP\AppData\Local\Temp\catchme.dll 53248 bytes executable
                    .
                    Scan succesvol afgerond
                    verborgen bestanden: 1
                    .
                    **************************************************************************
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
                    "ImagePath"="\"c:\program files\Norton 360 Premier Edition\Engine\21.1.0.18\N360.exe\" /s \"N360\" /m \"c:\program files\Norton 360 Premier Edition\Engine\21.1.0.18\diMaster.dll\" /prefetch:1"
                    "ImagePath"="\SystemRoot\System32\Drivers\N360\1501000.012\SYMTDIV.SYS"
                    "TrustedImagePaths"="c:\program files\Norton 360 Premier Edition\Engine\21.1.0.18"
                    .
                    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
                    @Denied: (A) (Users)
                    @Denied: (A) (Everyone)
                    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                    "BlindDial"=dword:00000000
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
                    @Denied: (A) (Users)
                    @Denied: (A) (Everyone)
                    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                    "BlindDial"=dword:00000000
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
                    @Denied: (A) (Users)
                    @Denied: (A) (Everyone)
                    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                    "BlindDial"=dword:00000000
                    .
                    --------------------- DLLs Geladen Onder Lopende Processen ---------------------
                    .
                    - - - - - - - > 'Explorer.exe'(7692)
                    c:\program files\Bonjour\mdnsNSP.dll
                    c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
                    c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
                    c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr
                    c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
                    c:\program files\Roxio\Drag-to-Disc\Shellex.dll
                    c:\windows\system32\DLAAPI_W.DLL
                    c:\windows\system32\CDRTC.DLL
                    c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
                    c:\program files\WinSCP\DragExt.dll
                    c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
                    .
                    ------------------------ Andere Aktieve Processen ------------------------
                    .
                    c:\windows\system32\nvvsvc.exe
                    c:\windows\system32\nvvsvc.exe
                    c:\windows\system32\WLANExt.exe
                    c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
                    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
                    c:\program files\Bonjour\mDNSResponder.exe
                    c:\program files\Intel\WiFi\bin\EvtEng.exe
                    c:\program files\Freemake\CaptureLib\CaptureLibService.exe
                    c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
                    c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
                    c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
                    c:\program files\Norton 360 Premier Edition\Engine\21.1.0.18\N360.exe
                    c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
                    c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe
                    c:\windows\system32\PSIService.exe
                    c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
                    c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
                    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
                    c:\program files\Dell Support Center\bin\sprtsvc.exe
                    c:\windows\system32\STacSV.exe
                    c:\program files\Settings Manager\systemk\SystemkService.exe
                    c:\program files\Alcatel-Lucent\WCM\WiMAXd.exe
                    c:\program files\Settings Manager\systemk\SystemkService.exe
                    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                    c:\windows\system32\DRIVERS\xaudio.exe
                    c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
                    c:\windows\system32\DllHost.exe
                    c:\program files\Norton 360 Premier Edition\Engine\21.1.0.18\N360.exe
                    c:\program files\Settings Manager\systemk\systemku.exe
                    .
                    **************************************************************************
                    .
                    Voltooingstijd: 2014-03-11 19:09:25 - machine werd herstart
                    ComboFix-quarantined-files.txt 2014-03-11 18:09
                    ComboFix2.txt 2009-02-11 07:42
                    .
                    Pre-Run: 41.643.225.088 bytes beschikbaar
                    Post-Run: 41.515.307.008 bytes beschikbaar
                    .
                    - - End Of File - - 5ADDD5CC1D7CDBF4EEA35089DCB65DE5
                    5C616939100B85E558DA92B899A0FC36

                    Comment


                    • #11
                      Heeft iemand nog een advies voor mij wat ik zou kunnen proberen?? Ik heb nog steeds het probleem bij Chrome en ook dat hij zo traag is.

                      Comment


                      • #12
                        update nu Malwarebytes (Mbam) en doe een nieuwe scan, verwijder nu alles wat het vind en start opnieuw op.
                        Vertel even hoe het staat met de problemen?

                        Windows 10 opstarten in Veilige Modus

                        Comment


                        • #13
                          Malwarebytes Anti-Malware 1.75.0.1300
                          www.malwarebytes.org

                          Database version: v2014.03.13.06

                          Windows Vista Service Pack 2 x86 NTFS
                          Internet Explorer 9.0.8112.16421
                          Steven :: LAPPIE-ELLY [administrator]

                          13-3-2014 19:04:32
                          mbam-log-2014-03-13 (19-04-32).txt

                          Scan type: Full scan (C:\|)
                          Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
                          Scan options disabled: P2P
                          Objects scanned: 519287
                          Time elapsed: 2 hour(s), 24 minute(s), 42 second(s)

                          Memory Processes Detected: 0
                          (No malicious items detected)

                          Memory Modules Detected: 0
                          (No malicious items detected)

                          Registry Keys Detected: 0
                          (No malicious items detected)

                          Registry Values Detected: 0
                          (No malicious items detected)

                          Registry Data Items Detected: 0
                          (No malicious items detected)

                          Folders Detected: 0
                          (No malicious items detected)

                          Files Detected: 0
                          (No malicious items detected)

                          (end)
                          Malware heeft dus niets gevonden en het probleem is dus nog onveranderd. In ieder geval vast bedankt voor alle tijd en moeite, heb je nog een idee ?
                          Steven

                          Comment


                          • #14
                            Download ZHPDiag naar het bureaublad.

                            Antivirussoftware uitschakelen
                            Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met ZHPDiag.

                            ZHPDiag installeren
                            • Dubbelklik op zhpdiag.exe om de installatie te starten.
                            • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
                            • Klik meerdere keren op "Suivant" om het installatieproces te doorlopen.
                            • Klik op "Installer" wanneer daar om gevraagd wordt en op "Terminer" wanneer de installatie voltooid is.


                            ZHPDiag uitvoeren
                            Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
                            • Dubbelklik op de snelkoppeling met de naam ZHPDiag
                            • Het startvenster verschijnt, klik nu op "Configureren".
                            • Als de taal niet als Nederlands is ingesteld klik rechts onderaan op het icoontje "Sélectionner une langue" en kies "Néerlandais".
                            • Klik daarna links onderaan op het icoontje "Diagnosemogelijkheden".
                            • Er wordt nu een scan van je systeem gemaakt wacht geduldig tot deze voltooid is.


                            ZHPDiag.txt logbestand plaatsen
                            • Voeg het logbestand met de naam "ZHPDiag.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op het bureaublad.)

                            Windows 10 opstarten in Veilige Modus

                            Comment


                            • #15
                              Hoi Juisterr. Ik heb het logbestan gemaakt maar ik krijg hem met geenmoelijheid meegestuurd als bijlage. Ik krijg ook steeds een bericht dat ik daar niet bevoegd toe ben...

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X