Ga naar inhoud

ksbsync.exe werkt niet meer

LucD

Door LucD
in Archief Hardware algemeen

 Delen

Aanbevolen berichten

LucD Groentje

LucD

Geplaatst:
Geplaatst:

Hoi, bij het opstarten van mijn pc moet ik tegenwoordig engelen geduld hebben, nl hij start op en valt na 1à2 sec terug uit en start vanzelf terug op en dit gebeurd meerdere malen na mekaar. Uiteindelijk na .. min .. start mijn pc op en doet wat hij moet doen. Kan iemand mij helpen met dit opstart probleem. Info tot nu toe heb ik mijn pc volledig afgezet na gebruik.

Link naar reactie
Delen op andere sites
LucD Groentje

LucD

Geplaatst:
  • Auteur
Geplaatst:

Hoi Kape, dank voor je reactie.

Eigenlijk heb ik dit probleem al een tijdje (1à2 mnd). Sinds een paar dagen zet ik mijn pc wel af maar laat hem onder stroom staan. En gisterenvandaag starte hij wel wat vlugger op, maar wachten is nog de boodschap.

groeten luc

Link naar reactie
Delen op andere sites
LucD Groentje

LucD

Geplaatst:
  • Auteur
Geplaatst:

Via configuratie scherm kom ik tot het oudste herstelpunt gedaan op 13/10/2012.

Voor een systeemherstel heb ik wel een heilige schrik - kwestie van teveel installatiedata te verliezen - ben een gamer en er staan wat games op mijn c-drive (die zijn vooraf misschien wel te copiëren).

Maar zou het kunnen dat mijn opstart probleem eerder van technische aard kan zijn - ik loop misschien voorop met hetgeen je me wil voorstellen te doen, sorry.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
LucD Groentje

LucD

Geplaatst:
  • Auteur
Geplaatst:

Beste, zoals gevraagd het log bestand

ComboFix 12-11-15.01 - eigenaar 15/11/2012 19:05:15.3.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.2039.715 [GMT 1:00]

Gestart vanuit: c:\users\eigenaar\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-10-15 to 2012-11-15 ))))))))))))))))))))))))))))))

.

.

2012-11-15 18:15 . 2012-11-15 18:15 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-11-12 11:29 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-11-12 11:29 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys

2012-11-12 11:29 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll

2012-11-12 11:29 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-11-12 11:29 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll

2012-11-12 11:29 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll

2012-11-12 11:29 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-11-12 11:29 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-11-12 11:29 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2012-11-05 09:47 . 2012-11-05 09:47 -------- d-----w- c:\program files (x86)\AMD APP

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-13 10:34 . 2012-04-13 19:14 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-11-13 10:34 . 2011-05-19 06:19 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-24 11:36 . 2012-09-03 12:06 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2012-10-13 12:25 . 2009-10-27 11:38 65309168 ----a-w- c:\windows\system32\MRT.exe

2012-09-28 14:37 . 2012-09-28 14:37 221696 ----a-w- c:\windows\system32\clinfo.exe

2012-09-28 14:36 . 2012-09-28 14:36 75776 ----a-w- c:\windows\system32\OpenVideo64.dll

2012-09-28 14:36 . 2012-09-28 14:36 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll

2012-09-28 14:36 . 2012-09-28 14:36 63488 ----a-w- c:\windows\system32\OVDecode64.dll

2012-09-28 14:36 . 2012-09-28 14:36 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll

2012-09-28 14:36 . 2012-09-28 14:36 32635904 ----a-w- c:\windows\system32\amdocl64.dll

2012-09-28 14:32 . 2012-09-28 14:32 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll

2012-09-14 19:19 . 2012-10-13 10:49 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-14 18:28 . 2012-10-13 10:49 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-09-14 10:51 . 2012-09-14 10:51 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-09-07 11:08 . 2012-09-07 11:08 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-07 11:07 . 2012-07-11 11:43 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-09-07 11:07 . 2011-03-26 17:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-08-31 18:19 . 2012-10-13 10:56 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-08-30 18:03 . 2012-10-13 10:56 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-30 17:12 . 2012-10-13 10:56 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-08-30 17:12 . 2012-10-13 10:56 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-08-24 18:05 . 2012-10-13 10:50 220160 ----a-w- c:\windows\system32\wintrust.dll

2012-08-24 16:57 . 2012-10-13 10:50 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-08-24 13:43 . 2012-08-24 13:43 384352 ----a-w- c:\windows\system32\drivers\avgtdia.sys

2012-08-24 11:15 . 2012-09-22 11:49 17810944 ----a-w- c:\windows\system32\mshtml.dll

2012-08-24 10:39 . 2012-09-22 11:49 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-08-24 10:31 . 2012-09-22 11:49 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 10:22 . 2012-09-22 11:49 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-08-24 10:21 . 2012-09-22 11:49 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 10:20 . 2012-09-22 11:49 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 10:18 . 2012-09-22 11:49 237056 ----a-w- c:\windows\system32\url.dll

2012-08-24 10:17 . 2012-09-22 11:49 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-08-24 10:14 . 2012-09-22 11:49 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 10:14 . 2012-09-22 11:49 816640 ----a-w- c:\windows\system32\jscript.dll

2012-08-24 10:13 . 2012-09-22 11:49 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 10:12 . 2012-09-22 11:49 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-08-24 10:11 . 2012-09-22 11:49 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-08-24 10:10 . 2012-09-22 11:49 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-08-24 10:09 . 2012-09-22 11:49 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-24 10:04 . 2012-09-22 11:49 248320 ----a-w- c:\windows\system32\ieui.dll

2012-08-24 06:59 . 2012-09-22 11:49 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-08-24 06:51 . 2012-09-22 11:49 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-08-24 06:51 . 2012-09-22 11:49 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-08-24 06:47 . 2012-09-22 11:49 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-08-24 06:47 . 2012-09-22 11:49 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-08-24 06:43 . 2012-09-22 11:49 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-08-22 18:12 . 2012-09-12 08:14 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-22 18:12 . 2012-09-12 08:14 950128 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-08-22 18:12 . 2012-09-12 08:14 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2012-08-22 18:12 . 2012-09-12 08:14 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-08-21 21:01 . 2012-09-28 07:46 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2012-08-20 18:48 . 2012-10-13 10:55 243200 ----a-w- c:\windows\system32\wow64.dll

2012-08-20 18:48 . 2012-10-13 10:55 362496 ----a-w- c:\windows\system32\wow64win.dll

2012-08-20 18:48 . 2012-10-13 10:55 13312 ----a-w- c:\windows\system32\wow64cpu.dll

2012-08-20 18:48 . 2012-10-13 10:55 215040 ----a-w- c:\windows\system32\winsrv.dll

2012-08-20 18:48 . 2012-10-13 10:55 16384 ----a-w- c:\windows\system32\ntvdm64.dll

2012-08-20 18:48 . 2012-10-13 10:55 424448 ----a-w- c:\windows\system32\KernelBase.dll

2012-08-20 18:48 . 2012-10-13 10:55 1162240 ----a-w- c:\windows\system32\kernel32.dll

2012-08-20 18:46 . 2012-10-13 10:55 338432 ----a-w- c:\windows\system32\conhost.exe

2012-08-20 18:38 . 2012-10-13 10:54 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:54 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:54 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2012-08-20 18:38 . 2012-10-13 10:53 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll

2012-08-20 17:40 . 2012-10-13 10:55 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll

2012-08-20 17:38 . 2012-10-13 10:55 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-08-20 17:38 . 2012-10-13 10:55 25600 ----a-w- c:\windows\SysWow64\setup16.exe

2012-08-20 17:37 . 2012-10-13 10:55 5120 ----a-w- c:\windows\SysWow64\wow32.dll

2012-08-20 17:37 . 2012-10-13 10:55 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll

2012-08-20 17:32 . 2012-10-13 10:55 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

2012-08-20 17:32 . 2012-10-13 10:55 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

2012-08-20 17:32 . 2012-10-13 10:55 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

2012-08-20 17:32 . 2012-10-13 10:54 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

2012-08-20 17:32 . 2012-10-13 10:54 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

2012-08-20 17:32 . 2012-10-13 10:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

2012-08-20 17:32 . 2012-10-13 10:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-08-20 17:32 . 2012-10-13 10:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

2010-12-09 11:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

2011-12-21 15:44 87440 ----a-w- c:\program files (x86)\adawaretb\adawareDx.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\Zynga\prxtbZyn0.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}]

2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\uTorrentBar_NL\prxtbuTo1.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{90eee664-34b1-422a-a782-779af65cdf6d}]

c:\program files (x86)\IncrediMail_MediaBar_4\tbIncr.dll [bU]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-11-09 11:31 1796552 ----a-w- c:\program files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

2012-08-10 22:54 194928 ----a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files (x86)\Zynga\prxtbZyn0.dll" [2011-05-09 176936]

"{90eee664-34b1-422a-a782-779af65cdf6d}"= "c:\program files (x86)\IncrediMail_MediaBar_4\tbIncr.dll" [bU]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]

"{87775fdb-6972-41f9-ae51-8326e38cb206}"= "c:\program files (x86)\uTorrentBar_NL\prxtbuTo1.dll" [2011-05-09 176936]

"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\adawaretb\adawareDx.dll" [2011-12-21 87440]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll" [2012-11-09 1796552]

.

[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

.

[HKEY_CLASSES_ROOT\clsid\{90eee664-34b1-422a-a782-779af65cdf6d}]

.

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

.

[HKEY_CLASSES_ROOT\clsid\{87775fdb-6972-41f9-ae51-8326e38cb206}]

.

[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-28 39408]

"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-08-05 1353080]

"Skype"="c:\program files (x86)\Skype\\Phone\Skype.exe" [2012-07-13 17418928]

"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-07-16 975800]

"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-16 21432]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]

"Driver Detective"="c:\program files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe" [2012-11-15 3539936]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]

"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-24 2245120]

"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-10-19 36864]

"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]

"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]

"Google Quick Search Box"="c:\program files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-10-28 122880]

"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-05 30192]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]

"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-11-14 197288]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-11-09 997320]

"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-07-16 3524536]

"ROC_ROC_JULY_P1"="c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-09-03 1022048]

"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-10-24 1020512]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"adaware"="reg.exe delete HKCU\Software\AppDataLow\Software\adaware" [X]

"adaware_XP"="reg.exe delete HKCU\Software\adaware" [X]

.

c:\users\eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2012-05-23 2152720]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 ASNDIS4;ASNDIS4 Protocol Driver;c:\windows\system32\ASNDIS4.SYS [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]

R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-05 30192]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-08-24 17152]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]

R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [2012-06-04 203320]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-10 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-07-26 291680]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-10-24 30568]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-14 283200]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-08-13 5167736]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]

S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-07-17 319488]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-10-24 711112]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-10 1222144]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 10:34]

.

2012-11-10 c:\windows\Tasks\Google Software Updater.job

- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-28 22:28]

.

2012-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-14 18:27]

.

2012-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-14 18:27]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1840720]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]

"Launch LGDCore"="c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1783296]

"Launch LCDMon"="c:\program files\Common Files\Logitech\LCD Manager\lcdmon.exe" [bU]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.be/

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 195.130.131.131 195.130.130.3

TCP: Interfaces\{8E59E920-1115-47A1-B932-946B6E06C836}: NameServer = 8.8.8.8,8.8.4.4

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - (no file)

WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-BabylonToolbar - c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe

AddRemove-IncrediMail - c:\program files (x86)\IncrediMail\Bin\ImSetup.exe

AddRemove-IncrediMail_MediaBar_4 Toolbar - c:\progra~2\INCRED~2\UNWISE.EXE

AddRemove-{C3D207A6-E872-46D6-8BE6-2F6BBCE7787C}_is1 - c:\program files (x86)\Iceberg Interactive\Darkness Within 2 Demo\unins000.exe

AddRemove-{C89AF1D9-A501-4AA5-9E44-9753D0F92347} - c:\program files (x86)\InstallShield Installation Information\{C89AF1D9-A501-4AA5-9E44-9753D0F92347}\setup.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,

27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b

"{7B13EC3E-999A-4B70-B9CB-2617B8323822}"=hex:51,66,7a,6c,4c,1d,38,12,50,ef,00,

7f,a8,d7,1e,0e,c6,dd,65,57,bd,6c,7c,36

"{90EEE664-34B1-422A-A782-779AF65CDF6D}"=hex:51,66,7a,6c,4c,1d,38,12,0a,e5,fd,

94,83,7a,44,07,d8,94,34,da,f3,02,9b,79

"{30F9B915-B755-4826-820B-08FBA6BD249D}"=hex:51,66,7a,6c,4c,1d,38,12,7b,ba,ea,

34,67,f9,48,0d,fd,1d,4b,bb,a3,e3,60,89

"{87775FDB-6972-41F9-AE51-8326E38CB206}"=hex:51,66,7a,6c,4c,1d,38,12,b5,5c,64,

83,40,27,97,04,d1,47,c0,66,e6,d2,f6,12

"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,

89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b

"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,

91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27

"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,38,12,7f,9b,9b,

9c,1f,0a,b3,0c,e6,c1,9f,c6,6e,b6,39,a8

"{6C97A91E-4524-4019-86AF-2AA2D567BF5C}"=hex:51,66,7a,6c,4c,1d,38,12,70,aa,84,

68,16,0b,77,05,f9,b9,69,e2,d0,39,fb,48

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,38,12,56,d4,ff,

2a,76,16,f7,0f,cb,a0,57,2b,fd,5c,25,2f

"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,

38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4

"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,

57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b

"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,

ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3

"{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a,

ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49

"{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}"=hex:51,66,7a,6c,4c,1d,38,12,90,71,5e,

cc,4f,af,fb,04,c4,32,35,80,2b,70,38,5a

"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,

d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{32004B8A-44A9-43E7-84E9-808838809519}"=hex:51,66,7a,6c,4c,1d,38,12,e4,48,13,

36,9b,0a,89,06,fb,ff,c3,c8,3d,de,d1,0d

"{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}"=hex:51,66,7a,6c,4c,1d,38,12,35,fc,e1,

93,3e,68,a1,09,fc,5c,6e,9a,4b,77,a7,8a

"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:26,7a,ce,7e,46,26,cd,01

.

[HKEY_USERS\S-1-5-21-4008131127-1393343971-146402269-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:10,34,68,4e,ed,fe,45,19,f8,5e,7e,41,10,65,6a,8b,1d,f1,b0,a6,af,31,b3,

78,3d,c3,68,14,73,d7,93,2f,40,96,c8,8a,40,c2,b8,00,f8,7e,66,b0,99,3d,cf,95,\

"??"=hex:2f,b6,6f,45,ee,e2,ec,0a,29,d5,69,d3,55,fd,2c,18

.

[HKEY_USERS\S-1-5-21-4008131127-1393343971-146402269-1000\Software\SecuROM\License information*]

"datasecu"=hex:e7,3f,78,d1,c4,e2,bd,70,25,d5,4b,6a,45,aa,1f,5e,04,fe,15,c3,4d,

d1,57,44,8d,95,5b,ec,19,10,2e,74,bf,36,76,8c,77,d5,b9,c8,80,ee,ce,e4,77,d2,\

"rkeysecu"=hex:d8,b3,6f,c8,c5,a4,b4,ee,b0,0c,41,37,45,36,46,e1

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-11-15 19:29:34

ComboFix-quarantined-files.txt 2012-11-15 18:29

ComboFix2.txt 2012-11-15 18:01

.

Pre-Run: 139.827.625.984 bytes beschikbaar

Post-Run: 139.727.179.776 bytes beschikbaar

.

- - End Of File - - 5D222D48E7291D262BEE8F608D0634CD

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Registry::

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}]

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{90eee664-34b1-422a-a782-779af65cdf6d}]

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

[-HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]

[-HKEY_CLASSES_ROOT\clsid\{90eee664-34b1-422a-a782-779af65cdf6d}]

[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[-HKEY_CLASSES_ROOT\clsid\{87775fdb-6972-41f9-ae51-8326e38cb206}]

[-HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

[-HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[-HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[-HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.