Ga naar inhoud

Welkom op PC Helpforum!
PC Helpforum helpt GRATIS computergebruikers sinds 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!


Log in om dit te volgen  
jeffrey0

laptop plots zeer traag

    Aanbevolen berichten

    Download "Delfix by Xplode"

    delfix.jpg

    Start de tool middels dubbelklik.

    Zet nu vinkjes voor de volgende items:

    • Activate UAC
    • Remove disinfection tools
    • Create registry backup
    • Purge System Restore
    • Reset system settings

    Klik nu op "Run" en wacht geduldig tot de tool gereed is.

    Deel dit bericht


    Link naar bericht
    Delen op andere sites

  • Topicstarter
  •    0

    ik heb de tool gebruikt, ik denk niet dat het nodig is om het logbestand te uploaden maar voor de zekerheid:

    # DelFix v10.2 - Logfile created 28/05/2013 at 20:07:57

    # Updated 02/04/2013 by Xplode

    # Username : user - USER-MSI

    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

    ~ Activating UAC ... OK

    ~ Removing disinfection tools ...

    Deleted : C:\Program Files (x86)\Trend Micro\Hijackthis

    Deleted : C:\zoek-results.log

    Deleted : C:\Users\user\Desktop\HiJackThis.lnk

    Deleted : C:\Users\user\Desktop\zoek.exe

    Deleted : C:\Users\user\Downloads\HiJackThis.msi

    Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

    ~ Creating registry backup ... OK

    ~ Cleaning system restore ...

    Deleted : RP #293 [Windows Update | 05/25/2013 09:09:28]

    Deleted : RP #294 [installed HiJackThis | 05/25/2013 19:10:43]

    Deleted : RP #295 [Windows Update | 05/26/2013 11:28:22]

    Deleted : RP #296 [Windows Update | 05/28/2013 15:08:59]

    New restore point created !

    ~ Resetting system settings ... OK

    ########## - EOF - ##########

    Deel dit bericht


    Link naar bericht
    Delen op andere sites

  • Topicstarter
  •    0

    Nee hij deed het daarnet weer, net alsof de processor gewoon 5 minuten stopt en daarna opnieuw start. Na 5 à 10 min werkt hij terug normaal.

    Deel dit bericht


    Link naar bericht
    Delen op andere sites

    Download ComboFix van één van deze locaties:

    Link 1

    Link 2

    * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

    Hier kan je lezen hoe je Combofix moet gebruiken.

    1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: klik hier of hier

    2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

    3. Dubbelklik op "Combofix.exe" om de tool te starten.

    4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

    Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registry key that has been marked for deletion", herstart dan de computer.

    5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

    Deel dit bericht


    Link naar bericht
    Delen op andere sites
  • Topicstarter
  •    0

    ComboFix 13-05-31.02 - user 31/05/2013 21:16:38.1.4 - x64

    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3886.2248 [GMT 2:00]

    Gestart vanuit: c:\users\user\Desktop\ComboFix.exe

    AV: Kaspersky Anti-Virus *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}

    SP: Kaspersky Anti-Virus *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}

    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    C:\install.exe

    c:\windows\SysWow64\System32\MASetupCleaner.exe

    c:\windows\SysWow64\System32\muzapp.exe

    .

    .

    (((((((((((((((((((( Bestanden Gemaakt van 2013-04-28 to 2013-05-31 ))))))))))))))))))))))))))))))

    .

    .

    2013-05-31 19:23 . 2013-05-31 19:23 -------- d-----w- c:\users\user_2\AppData\Local\temp

    2013-05-31 19:23 . 2013-05-31 19:23 -------- d-----w- c:\users\Gast\AppData\Local\temp

    2013-05-31 19:23 . 2013-05-31 19:23 -------- d-----w- c:\users\Default\AppData\Local\temp

    2013-05-31 18:27 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{69EBB1B5-170D-4BB4-BC40-46F4187D11C2}\mpengine.dll

    2013-05-28 18:07 . 2013-05-28 18:07 -------- d-----w- c:\windows\ERUNT

    2013-05-26 11:38 . 2013-05-26 11:33 24064 ----a-w- c:\windows\zoek-delete.exe

    2013-05-26 11:38 . 2013-05-31 19:23 -------- d-----w- c:\users\user\AppData\Local\Temp

    2013-05-25 19:11 . 2013-05-28 18:07 -------- d-----w- c:\program files (x86)\Trend Micro

    2013-05-25 19:11 . 2013-05-25 19:11 388096 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

    2013-05-25 11:25 . 2013-05-25 11:25 -------- d-----w- c:\users\user\AppData\Local\Diagnostics

    2013-05-21 15:39 . 2013-05-21 15:39 -------- d-----w- c:\users\user\AppData\Roaming\QuickScan

    2013-05-20 16:30 . 2013-05-31 10:48 -------- d---a-r- c:\users\user\Dropbox

    2013-05-20 16:27 . 2013-05-31 10:49 -------- d-----w- c:\users\user\AppData\Roaming\Dropbox

    2013-05-20 11:44 . 2013-05-20 11:45 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

    2013-05-20 11:44 . 2013-05-20 11:45 -------- d-----w- c:\program files\iTunes

    2013-05-20 11:44 . 2013-05-20 11:45 -------- d-----w- c:\program files (x86)\iTunes

    2013-05-20 11:44 . 2013-05-20 11:44 -------- d-----w- c:\program files\iPod

    2013-05-15 20:23 . 2013-05-15 20:23 -------- d-----w- C:\eef74dd57a2c0bbd9490a930bc533e

    2013-05-15 20:21 . 2013-04-05 06:52 1365504 ----a-w- c:\windows\system32\urlmon.dll

    2013-05-15 16:22 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

    2013-05-15 16:22 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

    2013-05-15 16:22 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll

    2013-05-15 16:22 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys

    2013-05-15 16:22 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll

    2013-05-15 16:22 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll

    2013-05-15 16:22 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll

    2013-05-15 16:21 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe

    2013-05-15 16:21 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll

    2013-05-15 16:21 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll

    2013-05-15 16:21 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll

    2013-05-15 16:21 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll

    .

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2013-05-16 16:01 . 2011-12-24 21:52 75016696 ----a-w- c:\windows\system32\MRT.exe

    2013-05-10 22:26 . 2011-12-28 20:09 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

    2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe

    2013-04-13 05:49 . 2013-05-15 16:22 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

    2013-04-13 05:49 . 2013-05-15 16:22 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

    2013-04-13 05:49 . 2013-05-15 16:22 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll

    2013-04-13 05:49 . 2013-05-15 16:22 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll

    2013-04-13 04:45 . 2013-05-15 16:22 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll

    2013-04-13 04:45 . 2013-05-15 16:22 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

    2013-04-12 14:45 . 2013-04-23 17:46 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys

    2013-04-04 12:50 . 2012-09-09 15:38 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

    2013-03-19 06:04 . 2013-04-10 20:17 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe

    2013-03-19 05:46 . 2013-04-10 20:17 43520 ----a-w- c:\windows\system32\csrsrv.dll

    2013-03-19 05:04 . 2013-04-10 20:17 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

    2013-03-19 05:04 . 2013-04-10 20:17 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

    2013-03-19 04:47 . 2013-04-10 20:17 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll

    2013-03-19 03:06 . 2013-04-10 20:17 112640 ----a-w- c:\windows\system32\smss.exe

    .

    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    REGEDIT4

    .

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

    2013-05-17 14:45 130736 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

    .

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

    2013-05-17 14:45 130736 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

    .

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

    2013-05-17 14:45 130736 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

    .

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]

    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

    "iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-04-05 59720]

    "ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-04-05 59720]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

    "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]

    "MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2009-08-05 2072576]

    "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe" [2012-10-24 206448]

    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]

    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-15 152392]

    .

    c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

    Dropbox.lnk - c:\users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-5-17 28711576]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "ConsentPromptBehaviorAdmin"= 5 (0x5)

    "ConsentPromptBehaviorUser"= 3 (0x3)

    "EnableUIADesktopToggle"= 0 (0x0)

    "EnableLinkedConnections"= 1 (0x1)

    "EnableSecureUIAPath"= 1 (0x1)

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

    "DisableMonitoring"=dword:00000001

    .

    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]

    R3 DIRECTIO;DIRECTIO;c:\program files\PerformanceTest\DirectIo64.sys [x]

    R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2012-12-21 17480]

    R3 EUCR;EUCR;c:\windows\system32\DRIVERS\EUCR6SK.SYS [2010-08-09 88912]

    R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2012-12-21 9800]

    R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys [2009-12-17 53248]

    R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]

    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

    R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2011-12-08 127488]

    R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2011-12-08 18944]

    R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2011-12-08 161280]

    R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2011-12-08 128000]

    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]

    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-24 1255736]

    R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]

    R3 WsAudio_Device(1);WsAudio_Device(1);c:\windows\system32\drivers\VirtualAudio1.sys [2013-01-25 31080]

    R3 WsAudio_Device(2);WsAudio_Device(2);c:\windows\system32\drivers\VirtualAudio2.sys [2013-01-25 31080]

    R3 WsAudio_Device(3);WsAudio_Device(3);c:\windows\system32\drivers\VirtualAudio3.sys [2013-01-25 31080]

    R3 WsAudio_Device(4);WsAudio_Device(4);c:\windows\system32\drivers\VirtualAudio4.sys [2013-01-25 31080]

    R3 WsAudio_Device(5);WsAudio_Device(5);c:\windows\system32\drivers\VirtualAudio5.sys [2013-01-25 31080]

    R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]

    R4 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe [2012-10-24 390672]

    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

    S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]

    S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]

    S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11864]

    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488]

    S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2011-11-22 78208]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

    S2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run [x]

    S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]

    S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]

    S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]

    S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]

    S3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]

    S3 csr_a2dp;Bluetooth AV-profiel;c:\windows\system32\drivers\bthav.sys [2009-12-21 78848]

    S3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys [2009-12-17 53248]

    S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-09-17 56344]

    S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-26 158976]

    S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]

    S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544]

    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

    .

    .

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

    2013-05-23 17:31 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe

    .

    Inhoud van de 'Gedeelde Taken' map

    .

    2013-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24 15:07]

    .

    2013-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24 15:07]

    .

    .

    --------- X64 Entries -----------

    .

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

    2013-05-17 14:45 164016 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

    2013-05-17 14:45 164016 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

    2013-05-17 14:45 164016 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

    2013-05-17 14:45 164016 ----a-w- c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-11-20 9608224]

    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]

    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]

    "Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]

    .

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService

    FontCache

    .

    ------- Bijkomende Scan -------

    .

    uLocal Page = c:\windows\system32\blank.htm

    uStart Page = hxxp://www.google.be/

    mLocal Page = c:\windows\SysWOW64\blank.htm

    uInternet Settings,ProxyOverride = *.local

    IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

    IE: Free YouTube to MP3 Converter - c:\users\user\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

    TCP: DhcpNameServer = 192.168.1.1

    .

    - - - - ORPHANS VERWIJDERD - - - -

    .

    Toolbar-Locked - (no file)

    HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

    Toolbar-Locked - (no file)

    HKLM-Run-fspuip - c:\program files (x86)\FSP\fspuip.exe

    .

    .

    "ImagePath"="\"c:\program files\CyberLink\Shared files\RichVideo64.exe\"\00Z

    [\]^_¹\00\00¹\00\00\00\00HIJKLMNO\00\00\00\00\00\00\00\00\03\00\00\00|}~¹\00\00¹\00\00\00\00p\00\00\00\00\00\00\00\00‘’“"

    .

    .

    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="FlashBroker"

    "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

    "Enabled"=dword:00000001

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

    @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker5"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="FlashBroker"

    "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

    "Enabled"=dword:00000001

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

    @Denied: (A 2) (Everyone)

    @="Shockwave Flash Object"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"

    "ThreadingModel"="Apartment"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

    @="0"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

    @="ShockwaveFlash.ShockwaveFlash.11"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

    @="1.0"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

    @="ShockwaveFlash.ShockwaveFlash"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

    @Denied: (A 2) (Everyone)

    @="Macromedia Flash Factory Object"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"

    "ThreadingModel"="Apartment"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

    @="FlashFactory.FlashFactory.1"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

    @="1.0"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

    @="FlashFactory.FlashFactory"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker5"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

    @Denied: (A) (Everyone)

    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

    @Denied: (A) (Everyone)

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

    "Key"="ActionsPane3"

    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

    @Denied: (Full) (Everyone)

    .

    Voltooingstijd: 2013-05-31 21:26:01

    ComboFix-quarantined-files.txt 2013-05-31 19:26

    .

    Pre-Run: 167.938.031.616 bytes beschikbaar

    Post-Run: 167.891.804.160 bytes beschikbaar

    .

    - - End Of File - - B6B6F05A62314761DF0FB1FBAF8BE4B3

    Deel dit bericht


    Link naar bericht
    Delen op andere sites

    Probeer dit eens.

    Download de 32 of 64 bit versie van HitmanPro naar het bureaublad.



    • Dubbelklik op "HitmanPro36beta.exe" en klik op "volgende"

    • Vink de optie "Ik accepteer de voorwaarden van de gebruikersovereenkomst aan" en klik op "Volgende"

    • Selecteer de optie "Nee, ik wil deze computer slechts eenmalig controleren" en klik op "Volgende"

    • De scan zal nu gestart worden, doe verder niets op de computer totdat de scan gereed is.

    • Als de scan gereed is klik dan op "Activeer gratis licentie" nu komt de melding "Het product is succesvol geactiveerd"

    • klik nu op "Ok" en daarna op "Volgende"

    • Klik onderin het scherm op "Save log" en sla deze op bijvoorbeeld het bureaublad op.
      500bf1a10837f-hmp.png

    • Plaats de inhoud hiervan in het volgende bericht.

    Deel dit bericht


    Link naar bericht
    Delen op andere sites
  • Topicstarter
  •    0
    HitmanPro 3.7.5.199
    www.hitmanpro.com
    
    
      Computer name . . . . : USER-MSI
      Windows . . . . . . . : 6.1.1.7601.X64/4
      User name . . . . . . : user-MSI\user
      UAC . . . . . . . . . : Enabled
      License . . . . . . . : Free
    
    
      Scan date . . . . . . : 2013-06-02 10:53:33
      Scan mode . . . . . . : Normal
      Scan duration . . . . : 11m 24s
      Disk access mode  . . : Direct disk access (SRB)
      Cloud . . . . . . . . : Internet
      Reboot  . . . . . . . : No
    
    
      Threats . . . . . . . : 0
      Traces  . . . . . . . : 47
    
    
      Objects scanned . . . : 1.455.657
      Files scanned . . . . : 21.418
      Remnants scanned  . . : 350.670 files / 1.083.569 keys
    
    
    Suspicious files ____________________________________________________________
    
    
      C:\windows\system32\hasplms.exe 
         Size . . . . . . . : 4.941.768 bytes
         Age  . . . . . . . : 195.9 days (2012-11-18 14:15:20)
         Entropy  . . . . . : 7.7
         SHA-256  . . . . . : 8661FDD7344A1059B99450BA22C29F70C2DF2D3A381AA47D5B24A514DE8C029F
         Product  . . . . . : LDK License Manager Service
         Publisher  . . . . : SafeNet Inc.
         Description  . . . : Sentinel LDK License Manager Service
         Version  . . . . . : 13.23.1.26482
         Copyright  . . . . : © 2012 SafeNet, Inc. All rights reserved.
         RSA Key Size . . . : 2048
         Service  . . . . . : hasplms
         Authenticode . . . : Valid
         Fuzzy  . . . . . . : 28.0
            The file name extension of this program is not common.
            Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
            The Entry Point of this file lies in a resource section. This is an indication of malware infection.
            Program starts automatically without user intervention.
            The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
            Starts automatically as a service during system bootup.
            Program contains PE structure anomalies. This is not typical for most programs.
            Program is code signed with a valid Authenticode certificate.
         Startup
            HKLM\SYSTEM\CurrentControlSet\Services\hasplms\
    
    
    
    
    Cookies _____________________________________________________________________
    
    
      C:\Users\user_2\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
      C:\Users\user_2\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
      C:\Users\user_2\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
      C:\Users\user_2\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
      C:\Users\user_2\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
    
    
    
    
    

    Deel dit bericht


    Link naar bericht
    Delen op andere sites
    Log in om dit te volgen  

    Logo

    OVER ONS

    PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

    ×
    ×
    • Nieuwe aanmaken...

    Belangrijke informatie

    We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.