Ga naar inhoud

Laptop is erg traag


Aanbevolen berichten

  • Reacties 32
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Download 51a612a8b27e2-Zoek.pngzoek.exe naar het bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

(hier of hier) kan je lezen hoe je dat doet.

  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
C:\Windows\Sysnative\Tasks\4470;fs
C:\Windows\Sysnative\Tasks\0;fs

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.4 Updated 19-08-2013

Tool run by Kim on di 20-08-2013 at 23:36:04,26.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Kim\Desktop\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results17-07-2013-2208.log 11842 bytes

C:\zoek-results18-08-2013-2336.log 25785 bytes

C:\zoek-results24-07-2013-1251.log 123211 bytes

==== Deleting Files \ Folders ======================

"C:\Windows\Sysnative\Tasks\4470" deleted

"C:\Windows\Sysnative\Tasks\0" deleted

==== EOF on di 20-08-2013 at 23:37:14,60 ======================

Link naar reactie
Delen op andere sites

Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

Schakel alle antivirus- en antispywareprogramma's uit, want deze kunnen namelijk conflicteren met ComboFix.

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

Open een nieuw leeg Kladblok scherm, kopieer en plak hierin de volgende code.

 
 Folder::
 c:\programdata\StarApp
 c:\programdata\InstallMate

 Registry::
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{69FCDB30-084A-8DEF-27D0-F3913D4B2CD1}]
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F55A9352-6C81-1A82-F024-7CBF7C0919D2}]

 Firefox::
 FF - ProfilePath - c:\users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\o3rq6e92.default\
 FF - ExtSQL: 2013-08-15 14:04; qy2gk4uio@eizuuii.org; c:\users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\o3rq6e92.default\extensions\qy2gk4uio@eizuuii. org

Sla dit op op je Bureaublad als CFScript.txt

Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld:

CFScript.gif

Nu zal ComboFix vanzelf worden gestart.

Start opnieuw op als daarom gevraagd wordt, en post de inhoud van de Combofix.txt in je volgende antwoord.

Link naar reactie
Delen op andere sites

ComboFix 13-08-18.01 - Kim 23-08-2013 13:01:04.3.2 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.4091.2486 [GMT 2:00]

Gestart vanuit: c:\users\Kim\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Kim\Desktop\CFScript.txt

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\InstallMate

c:\programdata\InstallMate\{9EF084A1-C577-4D10-AFFB-8D554513A657}\_Setup.dll

c:\programdata\InstallMate\{9EF084A1-C577-4D10-AFFB-8D554513A657}\20130819001707.log

c:\programdata\InstallMate\{9EF084A1-C577-4D10-AFFB-8D554513A657}\Custom.dll

c:\programdata\InstallMate\{9EF084A1-C577-4D10-AFFB-8D554513A657}\Readme.txt

c:\programdata\InstallMate\{9EF084A1-C577-4D10-AFFB-8D554513A657}\Setup.dat

c:\programdata\InstallMate\{9EF084A1-C577-4D10-AFFB-8D554513A657}\Setup.exe

c:\programdata\InstallMate\{9EF084A1-C577-4D10-AFFB-8D554513A657}\Setup.ico

c:\programdata\InstallMate\{9EF084A1-C577-4D10-AFFB-8D554513A657}\TsuDll.dll

c:\programdata\StarApp

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-07-23 to 2013-08-23 ))))))))))))))))))))))))))))))

.

.

2013-08-23 11:07 . 2013-08-23 11:07 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-08-23 10:45 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C2FF6A44-EF14-4D7D-A92D-48B316072CF1}\mpengine.dll

2013-08-22 21:45 . 2013-08-22 21:45 -------- d-----w- c:\users\Kim\AppData\Roaming\Absolutist

2013-08-18 22:28 . 2013-08-18 22:32 -------- d-----w- c:\programdata\FarmFrenzy_Rome

2013-08-18 21:34 . 2013-08-23 11:07 -------- d-----w- c:\users\Kim\AppData\Local\Temp

2013-08-15 22:16 . 2013-08-15 22:18 -------- d-----w- c:\windows\system32\MRT

2013-08-15 20:00 . 2013-08-15 20:00 -------- d-----w- c:\programdata\Funny Bear Studio

2013-08-15 20:00 . 2011-08-16 11:48 -------- d-----w- c:\users\Kim\World Riddles 3 _Secrets of the Ages

2013-08-15 12:31 . 2013-08-15 12:31 -------- d-----w- c:\users\Kim\AppData\Roaming\Friday's games

2013-08-15 12:30 . 2012-01-28 05:35 -------- d-----w- c:\users\Kim\Gourma.._3_NL

2013-08-15 06:42 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll

2013-08-15 06:42 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-08-15 06:42 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll

2013-08-15 06:42 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll

2013-08-15 06:42 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2013-08-15 06:42 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2013-08-15 06:42 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll

2013-08-15 06:42 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2013-08-11 19:54 . 2013-08-18 09:58 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service

2013-08-10 09:24 . 2013-08-10 09:25 -------- d-----w- c:\program files (x86)\Little Shop of Treasures Deluxe

2013-08-06 07:26 . 2013-08-06 07:26 -------- d-----w- c:\users\Kim\AppData\Roaming\Nordcurrent

2013-08-04 20:42 . 2013-08-04 20:42 -------- d-----w- c:\users\Kim\AppData\Roaming\Desperate Housewives

2013-08-04 20:17 . 2013-08-04 20:17 -------- d-----w- c:\program files (x86)\Buena Vista Games

2013-08-04 20:16 . 2013-08-04 20:16 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information

2013-08-04 20:16 . 2013-08-04 20:16 -------- d-----w- c:\users\Kim\AppData\Roaming\InstallShield

2013-07-27 22:47 . 2013-07-27 22:47 -------- d-----w- c:\users\Kim\AppData\Roaming\Tap It Games

2013-07-24 13:17 . 2013-07-26 05:21 -------- d-----w- c:\users\Kim\AppData\Roaming\Ubisoft

2013-07-24 13:13 . 2013-07-24 13:13 -------- d-----w- c:\program files (x86)\Ubisoft

2013-07-24 13:11 . 2013-07-24 13:11 -------- d-----w- c:\users\Kim\AppData\Roaming\MysteryStudio

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-08-21 18:11 . 2012-11-09 20:30 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-08-21 18:11 . 2012-11-09 20:30 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-08-15 22:15 . 2012-11-13 07:11 78161360 ----a-w- c:\windows\system32\MRT.exe

2013-07-16 21:53 . 2013-07-16 21:53 388096 ----a-r- c:\users\Kim\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-07-16 21:52 . 2013-07-16 21:52 1402880 ----a-w- c:\users\Kim\HiJackThis.msi

2013-07-09 04:45 . 2013-08-15 06:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2013-07-07 08:54 . 2013-07-07 08:54 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-07-07 08:54 . 2012-11-08 11:44 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-07-07 08:54 . 2012-11-08 11:44 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-06-27 22:40 . 2013-03-14 16:18 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-06-27 22:40 . 2012-11-08 14:46 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-06-27 22:40 . 2012-11-08 14:46 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-06-05 03:34 . 2013-07-11 21:53 3153920 ----a-w- c:\windows\system32\win32k.sys

2013-06-04 06:00 . 2013-07-11 21:53 624128 ----a-w- c:\windows\system32\qedit.dll

2013-06-04 04:53 . 2013-07-11 21:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll

2012-11-28 07:15 . 2013-01-28 18:15 85504 ---h--w- c:\program files (x86)\IeAdsBlocker.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2009-03-25 1840424]

"Spotify Web Helper"="c:\users\Kim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-07-06 1104384]

"Spotify"="c:\users\Kim\AppData\Roaming\Spotify\Spotify.exe" [2013-07-06 4640768]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 aswRvrt;aswRvrt; [x]

S0 aswVmm;aswVmm; [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

S2 ogmservice;Online Games Manager;c:\program files (x86)\Online Games Manager\ogmservice.exe;c:\program files (x86)\Online Games Manager\ogmservice.exe [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

.

2013-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-09 18:11]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.nl/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.254

FF - ProfilePath - c:\users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\o3rq6e92.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=

FF - ExtSQL: 2013-08-16 18:04; ppc.bv1awgq@b-ayavcc.edu; c:\users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\o3rq6e92.default\extensions\ppc.bv1awgq@b-ayavcc.edu

FF - ExtSQL: !HIDDEN! 2012-11-14 21:26; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

- - - - ORPHANS VERWIJDERD - - - -

.

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

AddRemove-1ClickDownload - c:\program files (x86)\FTDownloader.com\uninst.exe

AddRemove-Dll-Files.com Fixer_is1 - c:\program files (x86)\Dll-Files.com Fixer\unins000.exe

AddRemove-SP_4e24eecb - c:\program files (x86)\WebSearch\uninstall.exe

AddRemove-SP_703c874a - c:\program files (x86)\SaveShare\uninstall.exe

AddRemove-{0611430E-8ACB-63BC-59D5-094BA74F6D45} - c:\progra~3\INSTAL~1\{A22D9~1\Setup.exe

AddRemove-{063165D9-ACFF-A417-D009-7F943E310057} - c:\progra~3\INSTAL~1\{A9F0B~1\Setup.exe

AddRemove-{0BCC2557-0893-C7C7-159F-741222C6B313} - c:\progra~3\INSTAL~1\{E17FE~1\Setup.exe

AddRemove-{0F44DC3F-6E62-4961-A14B-95323C512F9B}_is1 - c:\program files (x86)\Solibo Ltd\NCdownloader\unins000.exe

AddRemove-{12993942-DD3A-93E2-C271-CE9EDA334D26} - c:\progra~3\INSTAL~1\{2B359~1\Setup.exe

AddRemove-{16ED46D0-EF3C-C3AD-D468-77F505C98203} - c:\progra~3\INSTAL~1\{EF9E6~1\Setup.exe

AddRemove-{18267028-7522-C8A2-DCE0-01127F53EDB4} - c:\progra~3\INSTAL~1\{B1B9F~1\Setup.exe

AddRemove-{26241040-5ED3-14D8-CDCE-49D43752DCAB} - c:\progra~3\INSTAL~1\{FC20C~1\Setup.exe

AddRemove-{2F09E17C-947A-DE23-5A04-4342801486E4} - c:\progra~3\INSTAL~1\{A44D9~1\Setup.exe

AddRemove-{4B163043-CC8A-147E-3197-DA508F4FA2DE} - c:\progra~3\INSTAL~1\{28D9E~1\Setup.exe

AddRemove-{4C3EDE29-88E7-E1EB-2289-E36E9732453E} - c:\progra~3\INSTAL~1\{02299~1\Setup.exe

AddRemove-{51B8D190-8C9D-67B9-BBBA-B3A54CC45322} - c:\progra~3\INSTAL~1\{C5662~1\Setup.exe

AddRemove-{57695C90-8DB1-45C5-ECEC-44165360478A} - c:\progra~3\INSTAL~1\{9C79A~1\Setup.exe

AddRemove-{577F9A6C-BB87-3AF6-AA2C-D03BF49B3DCA} - c:\progra~3\INSTAL~1\{2AD64~1\Setup.exe

AddRemove-{5FAEB08B-7EAB-0781-7EEB-31D3AC0B1ADA} - c:\progra~3\INSTAL~1\{67BF8~1\Setup.exe

AddRemove-{6890042F-2A66-3684-6E27-D5F86BBDB77F} - c:\progra~3\INSTAL~1\{92CAC~1\Setup.exe

AddRemove-{69331FFB-FE47-9BD9-C679-CE7FFDEF5D56} - c:\progra~3\INSTAL~1\{7EBC9~1\Setup.exe

AddRemove-{7FC77E0A-BE31-FADA-A999-03CD68157009} - c:\progra~3\INSTAL~1\{94616~1\Setup.exe

AddRemove-{9BEA2784-CBC6-AC80-E740-0175DFEE0BA9} - c:\progra~3\INSTAL~1\{85517~1\Setup.exe

AddRemove-{A2BAE8B9-9018-94AA-33A5-C3F6BA37BCC0} - c:\progra~3\INSTAL~1\{B3A54~1\Setup.exe

AddRemove-{A35747C3-1C97-9368-A69D-A384AB0CF8A5} - c:\progra~3\INSTAL~1\{4919C~1\Setup.exe

AddRemove-{ABD30C90-91D2-CE97-9006-AB90E1B4B02D} - c:\progra~3\INSTAL~1\{AF88D~1\Setup.exe

AddRemove-{AED7E0DA-B57E-C384-E268-0E38B5720DB1} - c:\progra~3\INSTAL~1\{617F5~1\Setup.exe

AddRemove-{B0AA2343-F71D-041B-F547-07F2B85DC689} - c:\progra~3\INSTAL~1\{32E4E~1\Setup.exe

AddRemove-{B313B61D-B5BF-C87D-C723-BAA7CABE2820} - c:\progra~3\INSTAL~1\{10FB9~1\Setup.exe

AddRemove-{BD61A047-21E0-A9B8-0219-6D115DECEE10} - c:\progra~3\INSTAL~1\{7F22E~1\Setup.exe

AddRemove-{BF2DB609-8FCA-D798-3A36-4C2F26474C5A} - c:\progra~3\INSTAL~1\{74111~1\Setup.exe

AddRemove-{C1CA0B98-3977-6AD6-007E-8E380FA21BA8} - c:\progra~3\INSTAL~1\{E8A73~1\Setup.exe

AddRemove-{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} - c:\programdata\SearchNewTab\uninstall.exe

AddRemove-{D5DF7465-5DE1-8672-BB6A-E95E9C0447E7} - c:\progra~3\INSTAL~1\{9517F~1\Setup.exe

AddRemove-{D880A1A1-747F-0AFC-36DF-6AB80B28EC54} - c:\progra~3\INSTAL~1\{B3B4C~1\Setup.exe

AddRemove-{E018BAA9-6A36-2F84-1605-C91871F10091} - c:\progra~3\INSTAL~1\{5A7C2~1\Setup.exe

AddRemove-{E0272288-5372-FDA8-5A93-8A1306F65621} - c:\progra~3\INSTAL~1\{15922~1\Setup.exe

AddRemove-{E88BDC13-4175-1DA5-128C-41F1900A9D1E} - c:\progra~3\INSTAL~1\{9EF08~1\Setup.exe

AddRemove-{EB9B3528-EA62-6D75-6716-BC4953A9DAF8} - c:\progra~3\INSTAL~1\{6231D~1\Setup.exe

AddRemove-{ED5F85F7-9926-D783-94AB-1CF7F05657F4} - c:\progra~3\INSTAL~1\{A2ECF~1\Setup.exe

AddRemove-{F1AF3311-0293-825A-3C1A-B7FD0106FFC4} - c:\progra~3\INSTAL~1\{50366~1\Setup.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1635193343-2580408697-3417977720-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-1635193343-2580408697-3417977720-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2013-08-23 13:10:30

ComboFix-quarantined-files.txt 2013-08-23 11:10

ComboFix2.txt 2013-08-18 15:24

ComboFix3.txt 2013-08-18 10:55

.

Pre-Run: 384.851.353.600 bytes beschikbaar

Post-Run: 386.062.139.392 bytes beschikbaar

.

- - End Of File - - BAB566BEB479EEFE7D082DD3078DC7D2

A36C5E4F47E84449FF07ED3517B43A31

Link naar reactie
Delen op andere sites

Download en installeer Speccy.

Speccy is er ook in Nederlandstalige versie, bij de installatie (of update) kan je de taal wijzigen van Engels naar Nederlands ... als je op het driehoekje klikt, krijg je een uitrolmenu waarin je Nederlands kan selecteren.

Wanneer, tijdens het installeren van Speccy, de optie aangeboden wordt om Google Chrome of Google Toolbar "gratis" mee te installeren dien je de vinkjes weg te halen, tenzij dit een bewuste keuze is.

Speccysetup_zps67a9e41f.png

Start nu het programma en er zal een overzicht gemaakt worden van je hardware.

Als dit gereed is selecteer je bovenaan " Bestand - Publiceer Snapshot " en vervolgens bevestig je die keuze met " Ja ".

In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht. Zo krijgen we een gedetailleerd overzicht van je hardware.

Meer info over deze procedure lees je HIER.

Link naar reactie
Delen op andere sites


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.