Ga naar inhoud

laptop erg traag geworden, wie kan het logje nakijken


Aanbevolen berichten

Ik neem aan dat je de log bedoeld na de herstart. Hieronder heb ik de log geplakt.

ComboFix 11-01-25.05 - Tjenna 26-01-2011 19:38:18.7.2 - x86 NETWORK

Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.31.1043.18.2046.1569 [GMT 1:00]

Gestart vanuit: c:\users\Tjenna\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Tjenna\Desktop\CFScript.txt

FILE ::

"c:\users\Tjenna\Productivity_2.2.exe"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\Conduit

c:\program files\Conduit\Community Alerts\Alert.dll

c:\program files\Conduit\Community Alerts\Alert0.dll

c:\program files\Productivity_2.2

c:\program files\Productivity_2.2\GottenAppsContextMenu.xml

c:\program files\Productivity_2.2\OtherAppsContextMenu.xml

c:\program files\Productivity_2.2\Productivity_2.2ToolbarHelper.exe

c:\program files\Productivity_2.2\prxtbProd.dll

c:\program files\Productivity_2.2\SharedAppsContextMenu.xml

c:\program files\Productivity_2.2\tbProd.dll

c:\program files\Productivity_2.2\toolbar.cfg

c:\program files\Productivity_2.2\ToolbarContextMenu.xml

c:\program files\Productivity_2.2\uninstall.exe

c:\users\Tjenna\AppData\Local\Conduit

c:\users\Tjenna\AppData\Local\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1295532_1291203_NL.xml

c:\users\Tjenna\AppData\Local\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_909619_905414_NL.xml

c:\users\Tjenna\AppData\Local\Conduit\Community Alerts\LanguagePacks\en.xml

c:\users\Tjenna\AppData\Local\Conduit\CT2903601\Productivity_2.2AutoUpdateHelper.exe

c:\users\Tjenna\Productivity_2.2.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-12-26 to 2011-01-26 ))))))))))))))))))))))))))))))

.

2011-01-26 18:45 . 2011-01-26 18:45 -------- d-----w- c:\users\Tjenna\AppData\Local\temp

2011-01-26 18:45 . 2011-01-26 18:45 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-01-25 16:28 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B4270E35-4BCA-4D22-AEE6-BD6695BF1840}\mpengine.dll

2011-01-23 20:41 . 2011-01-23 20:41 388096 ----a-r- c:\users\Tjenna\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-01-23 20:41 . 2011-01-23 20:41 -------- d-----w- c:\program files\Trend Micro

2011-01-23 20:40 . 2011-01-23 20:40 1402880 ----a-w- c:\users\Tjenna\HiJackThis.msi

2011-01-23 17:31 . 2011-01-23 17:31 -------- d-----w- c:\users\Tjenna\AppData\Roaming\Malwarebytes

2011-01-23 17:31 . 2011-01-23 17:31 -------- d-----w- c:\programdata\Malwarebytes

2011-01-23 17:31 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-23 17:31 . 2011-01-23 17:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-23 17:31 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-22 07:13 . 2011-01-22 07:13 -------- d-----w- C:\PerfLogs

2011-01-21 20:56 . 2011-01-22 07:28 -------- d-----w- C:\e13a3dac77af4ca660c0

2011-01-21 20:31 . 2011-01-21 20:31 -------- d-----w- c:\users\Tjenna\AppData\Local\ElevatedDiagnostics

2011-01-21 20:27 . 2011-01-21 20:29 -------- d-----w- c:\program files\Microsoft ATS

2011-01-21 20:26 . 2011-01-21 20:26 772904 ----a-w- c:\users\Tjenna\Mats_Run.ieperformance.exe

2011-01-21 09:33 . 2011-01-21 09:33 -------- d-----w- c:\users\Tjenna\Citrix

2011-01-21 09:32 . 2011-01-21 09:33 -------- d-----w- c:\users\Tjenna\AppData\Roaming\HPAppData

2011-01-21 09:32 . 2011-01-21 09:32 -------- d-----w- c:\users\Tjenna\AppData\Local\Productivity_2.2

2011-01-21 09:32 . 2011-01-21 09:32 -------- d-----w- c:\users\Tjenna\AppData\Local\ConduitEngine

2011-01-21 09:12 . 2011-01-21 10:01 -------- d-----w- c:\program files\ConduitEngine

2011-01-21 08:36 . 2011-01-21 08:35 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-01-19 16:58 . 2011-01-19 16:58 2560 ----a-w- c:\windows\_MSRSTRT.EXE

2011-01-17 19:18 . 2011-01-20 18:59 -------- d-----w- c:\program files\DivX

2011-01-01 15:55 . 2011-01-01 15:55 -------- d-----w- C:\Zwijsen

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-11-08 22:57 . 2010-11-08 22:57 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]

"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-06-24 247144]

"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2010-10-27 3365176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RtHDVCpl.exe" [2007-04-08 4423680]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]

"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-09-19 311296]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-26 30192]

"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2007-11-28 36864]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]

"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]

"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]

"EverioService"="c:\program files\CyberLink\PCM4Everio\EverioService.exe" [2007-11-01 151552]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608]

"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]

"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-10-12 304568]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]

"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"GrpConv"="grpconv -o" [X]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]

c:\users\Tjenna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2007-6-1 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2007-08-14 19:05 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2333502118-3492070629-603404857-1000]

"EnableNotificationsRef"=dword:00000003

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2010-07-14 65584]

R2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2010-09-15 95568]

R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-09-15 217088]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 135664]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-06-24 92008]

R2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [2007-10-31 125440]

R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2007-10-29 17920]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2007-11-15 28464]

R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-09-15 18120]

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-09-15 36640]

R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-26 30192]

R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2007-10-17 73472]

R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2007-10-17 43904]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2010-07-20 96488]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2010-07-20 12776]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2010-07-20 121576]

R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-11-16 818688]

R3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]

R3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]

R3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-09-28 292128]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2007-09-20 79136]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-29 9344]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - ECACHE

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

2011-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 16:12]

2011-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 16:12]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

uInternet Settings,ProxyOverride = *.local

IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: {D37DCEA1-8F6B-48C3-AACA-0A669CA9F1FB} = 195.121.1.34,195.121.1.66

.

- - - - ORPHANS VERWIJDERD - - - -

HKLM-RunOnce-<NO NAME> - (no file)

AddRemove-Productivity_2.2 Toolbar - c:\progra~1\PRODUC~1.2\UNINST~1.EXE

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-01-26 19:45

Windows 6.0.6000 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:0000007b

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Voltooingstijd: 2011-01-26 19:47:56

ComboFix-quarantined-files.txt 2011-01-26 18:47

ComboFix2.txt 2011-01-25 20:50

Pre-Run: 99.696.680.960 bytes beschikbaar

Post-Run: 99.617.894.400 bytes beschikbaar

- - End Of File - - 37CB3D5B7166BA1F7F5785BD5014505E

Link naar reactie
Delen op andere sites

Hoi,

ik heb alleen c:\program files\ConduitEngine kunnen verwijderen. Het andere bestandje c:\users\Tjenna\AppData\Local\ConduitEngine kan ik nergens vinden.

De problemen zijn nog niet verdwenen. Wel merkte ik net dat de laptop en dan met name de internetverbinding/laden van een pagina niet traag gebeurd in de veilige modus. Ik weet niet of dat hoort, maar vond het wel apart.

Wat kan ik nu doen en waar kan ik het bestandje vinden c:\users\Tjenna\AppData\Local\ConduitEngine

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.