Ga naar inhoud

Laptop Medion Akoya p6612 valt steeds sneller uit door warmte


timd

Aanbevolen berichten

Beste leden

Ik heb een akoya p6612 van +- 5 jaar oud. Zoals gebruikelijk voor medion laptops wordt hij veel te warm, vooral bij het spelen van grafische spelletjes. Ik heb daarom een laptop cooling tafel gekocht en heb de laptop stofvrij proberen te maken. Ook heb ik de maximale processorstatus op 50% gezet (eventjes geleden lukte 75% ook nog om vb Neverwinter Nights 2 te draaien).

Bij het stofvrij maken van mijn laptop haal ik de bodemplaat van de laptop, borstel ik het stof van mijn ventilator met een fijn penseeltje en blaas wat door het moederbord en de ventilator (blokkeer em wel eerst) bij gebrek aan perslucht. Moet ik grondiger te werk gaan, vb door het koelsysteem er af te nemen en mss de koelpasta te vervangen aangezien hij al 5 jaar oud is? Ik heb de thread over het stofvrij maken van laptops al gelezen maar daar staat niets specifiek hierover.

Weten jullie een manier om het uitvallen van mijn pc (deels) te verhelpen?

Alvast bedankt!

Hieronder heb ik een specci en hijackthis raportje staan.

Specci snapshot wanneer enkel firefox open staat: (bij het spelen van spelletjes wordt de processor en grafische kaart +80°)

http://speccy.piriform.com/results/Tt8WntsyyGKAM2HMTJ3gCs7

Hijack this raport

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:27:47, on 11/05/2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16476)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe

C:\Windows\tsnp2uvc.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Users\Tim\Desktop\Antivirus en pc applicaties\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\YouCam" update "Software\CyberLink\YouCam\2.0"

O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe

O4 - HKLM\..\Run: [tsnp2uvc] C:\Windows\tsnp2uvc.exe

O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe

O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon

O4 - HKLM\..\Run: [smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Tim\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Afdrukken - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html

O8 - Extra context menu item: Easy-WebPrint Afdrukvoorbeeld - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Toevoegen aan afdruklijst - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint Versneld afdrukken - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\EgisTec\VITAKEY\PwdBank.exe

O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\EgisTec\VITAKEY\PwdBank.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: EgisTec Service (IGBASVC) - Unknown owner - C:\Program Files\EgisTec\VITAKEY\BASVC.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--

End of file - 9684 bytes

Link naar reactie
Delen op andere sites

  • Reacties 23
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Je HJT logje geeft geen malware weer.

Download zoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
    startupall;
    filesrcm;
    emptyclsid;
    firefoxlook;
    FFdefaults;  
    autoclean; 
    iedefaults; 
    
    
    
    
    


  • Klik daarna op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Mijn pc kreeg wel ff een blue screen even na het opstarten, dus het eerste logje ben ik kwijt. Na zoek.exe een tweede keer uitgevoerd te hebben, is hier de tweede log:

Zoek.exe Version 4.0.0.2 Updated 06-May-2013

Tool run by Tim on za 11/05/2013 at 18:58:29,45.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== FireFox Fix ======================

Deleted from C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\zq0rxb6r.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\zq0rxb6r.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-05-11 16:55:42 8525C9EAF1A607EEE6F8AC60F63E3D76 336162283 ----a-w- C:\Windows\MEMORY.DMP

====== C:\Users\Tim\AppData\Local\Temp ====

====== C:\Windows\system32 =====

2013-05-11 16:29:54 D0F47BFDDE810912F65E079B5956D6C7 94112 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll

====== C:\Windows\system32\drivers =====

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-05-02 15:28:41 -------- d-----w- C:\Program Files\Common Files\DVDVideoSoft

2013-05-02 15:28:40 -------- d-----w- C:\Program Files\DVDVideoSoft

2013-04-24 09:50:29 -------- d-----w- C:\Program Files\NVIDIA Corporation

======= C: =====

====== C:\Users\Tim\AppData\Roaming ======

2013-05-11 16:52:20 -------- d-----w- C:\users\Tim\AppData\Local\Temp

====== C:\Users\Tim ======

====== C: exe-files ==

=== C: other files ==

2013-05-10 22:21:59 C8E7806276E5FA2AB3ACE36101EC3FEC 331694 ----a-w- C:\Users\Tim\Videos\Suits.2011.Complete.Season 1\suits-first-season_english-478712.zip

2013-05-06 20:39:59 B69B777F7945F7B67CB9CB63613003F9 32883 ----a-w- C:\Users\Tim\Videos\A Good Year (2006)\c9c9ff4f2ef5bb332ff3299b01aec0e8.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-130634854-2026271814-2091516676-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"RegistryBooster"="C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000 "

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"Facebook Update"="C:\Users\Tim\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RtHDVCpl.exe"

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"RemoteControl"="C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe"

"LanguageShortcut"="C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe"

"UCam_Menu"="C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files\HomeCinema\YouCam update Software\CyberLink\YouCam\2.0"

"snp2uvc"="C:\Windows\vsnp2uvc.exe"

"tsnp2uvc"="C:\Windows\tsnp2uvc.exe"

"toolbar_eula_launcher"="C:\Program Files\GoogleEULA\EULALauncher.exe"

"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon"

"Smart File Advisor"="C:\Program Files\Smart File Advisor\sfa.exe /checkassoc"

"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"

"Skytel"="Skytel.exe"

"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"

"NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit"

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"RegistryBooster"="C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000 "

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"Facebook Update"="C:\Users\Tim\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Pro Agent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DAEMON Tools Pro Agent"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\DAEMON Tools Pro\\DTAgent.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Common Files\\Nero\\Lib\\NMIndexStoreSvr.exe\" ASO-616B5711-6DAE-4795-A05F-39A1E5104020"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mwlDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="mwlDaemon"

"hkey"="HKLM"

"command"="C:\\Program Files\\EgisTec\\MyWinLocker 3\\x86\\mwlDaemon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NBKeyScan"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VitaKeyPdtWzd]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="VitaKeyPdtWzd"

"hkey"="HKLM"

"command"="C:\\Program Files\\EgisTec\\VITAKEY\\PdtWzd.exe"

==== Startup Folders ======================

2009-01-09 11:45:48 1119 ----a-w- C:\users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [17/03/2013 15:48]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-130634854-2026271814-2091516676-1000Core.job --a------ C:\Users\Tim\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 00:58]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-130634854-2026271814-2091516676-1000UA.job --a------ C:\Users\Tim\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 00:58]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [05/02/2010 13:38]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [05/02/2010 13:38]

C:\Windows\tasks\OGALogon.job --a------ C:\C:\Windows\system32\OGAVerify.exe []

C:\Windows\tasks\RegistryBooster.job --a------ C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\zq0rxb6r.default

- avast WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF

- Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

- Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi

- DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\zq0rxb6r.default

8F24103AB984847AA2939F58F19CCC98 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U21

ADC539F67D3198679F480974EE203678 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.210.11

47299371607DC2FB234444EEACB1639E - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash

E0FF893763BA82BAABB869A351F0C455 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update

ECD88CDFC178E6A84DB1346EABF9F03F - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat

ECD88CDFC178E6A84DB1346EABF9F03F - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

ECD88CDFC178E6A84DB1346EABF9F03F - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat

A5C14075B571AF1C9592595BE724D9D2 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.1.0.30716.0.dll - Silverlight Plug-In

A5C14075B571AF1C9592595BE724D9D2 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In

0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Tim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

ACEF2CBC1032BC14D112EB4494537DA5 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

2AA3703D87E1327A2290C9D416D89A28 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[31/10/2012 00:48]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[30/04/2013 17:53]

avast WebRep - Tim - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.be/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_nl"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Tim\AppData\Local\Mozilla\Firefox\Profiles\zq0rxb6r.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\Tim\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Tim\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

Link naar reactie
Delen op andere sites

Hey juisterr

Nee ik heb niet de indruk dat er iets is veranderd. Hij is gisteren toch weer uitgevallen.

Zoek.exe verwijdert cache geheugen en overbodige bestanden, of zie ik dit verkeerd?

In elk geval al bedankt voor jullie hulp

Link naar reactie
Delen op andere sites

Onder andere, zoek.exe verwijderd nog veel meer.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Hier kan je lezen hoe je Combofix moet gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: klik hier of hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registry key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

Sorry voor de late reactie maar ik heb combofix uitgevoerd, de pc is zelfs niet moeten herstarten.

Hier is het logbestand van combofix na uitvoering

ComboFix 13-05-15.01 - Tim 15/05/2013 21:15:00.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3066.1930 [GMT 2:00]

Gestart vanuit: c:\users\Tim\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\install.exe

c:\windows\IsUn0413.exe

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\regtlib.exe

.

c:\windows\System32\wpcumi.exe . . . is geïnfecteerd!!

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-04-15 to 2013-05-15 ))))))))))))))))))))))))))))))

.

.

2013-05-15 09:44 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2013-05-15 09:26 . 2013-05-13 06:19 7016152 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{39592380-6178-4ABF-B5E7-EC4A88FCB6A2}\mpengine.dll ERROR(0x00000005)

2013-05-15 09:25 . 2013-04-15 14:20 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-05-15 09:25 . 2013-04-13 10:56 37376 ----a-w- c:\windows\system32\cdd.dll

2013-05-15 09:25 . 2013-04-09 01:36 2049024 ----a-w- c:\windows\system32\win32k.sys

2013-05-11 17:10 . 2013-05-11 16:58 24064 ----a-w- c:\windows\zoek-delete.exe

2013-05-11 16:29 . 2013-05-11 16:29 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-05-10 09:03 . 2013-05-10 09:03 -------- d-----w- c:\program files\CCleaner

2013-05-02 15:28 . 2013-05-11 16:44 -------- d-----w- c:\program files\Common Files\DVDVideoSoft

2013-05-02 15:28 . 2013-05-02 15:29 -------- d-----w- c:\program files\DVDVideoSoft

2013-04-24 09:50 . 2013-04-24 09:50 -------- d-----w- c:\program files\NVIDIA Corporation

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-15 13:48 . 2012-03-29 07:41 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-15 13:48 . 2011-09-06 07:29 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-12 16:54 . 2010-06-24 10:33 22240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll ERROR(0x00000005)

2013-05-11 16:28 . 2012-05-16 17:54 866720 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-05-11 16:28 . 2012-05-16 17:54 788896 ----a-w- c:\windows\system32\deployJava1.dll

2013-05-02 00:06 . 2009-10-04 21:36 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-04-10 03:08 . 2008-08-24 10:40 6906960 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll ERROR(0x00000005)

2013-04-04 12:50 . 2012-10-09 08:23 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-11 13:25 . 2013-04-10 07:11 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-11 13:25 . 2013-04-10 07:11 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-09 03:45 . 2013-04-10 07:11 49152 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-09 01:28 . 2013-04-10 07:11 64000 ----a-w- c:\windows\system32\smss.exe

2013-03-08 03:53 . 2013-04-10 07:11 376320 ----a-w- c:\windows\system32\winsrv.dll

2013-03-08 03:52 . 2013-04-10 07:11 2067968 ----a-w- c:\windows\system32\mstscax.dll

2013-03-03 19:07 . 2013-04-10 07:11 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-02-18 07:22 . 2013-02-18 07:22 884072 ----a-w- c:\windows\system32\nvhdagenco3220103.dll

2013-02-18 07:22 . 2013-02-18 07:22 67432 ----a-w- c:\windows\system32\nvapo32v.dll

2013-02-18 07:22 . 2013-02-18 07:22 28008 ----a-w- c:\windows\system32\nvhdap32.dll

2013-02-18 07:22 . 2013-02-18 07:22 149352 ----a-w- c:\windows\system32\drivers\nvhda32v.sys

2013-04-12 13:24 . 2013-04-12 13:23 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2008-08-04 14:45 40496 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"Facebook Update"="c:\users\Tim\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RtHDVCpl.exe" [2008-07-24 6265376]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-05-08 1111336]

"RemoteControl"="c:\program files\HomeCinema\PowerDVD\PDVDServ.exe" [2007-02-09 71216]

"LanguageShortcut"="c:\program files\HomeCinema\PowerDVD\Language\Language.exe" [2007-01-08 52256]

"UCam_Menu"="c:\program files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]

"tsnp2uvc"="c:\windows\tsnp2uvc.exe" [2008-08-28 233472]

"toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896]

"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]

"Smart File Advisor"="c:\program files\Smart File Advisor\sfa.exe" [2011-04-04 280824]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]

"Skytel"="Skytel.exe" [2008-07-24 1833504]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-10 13605408]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-10 92704]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

.

c:\users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ c:\program files\EgisTec\VITAKEY\PwdFilter

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2008-12-12 06:31 1840424 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]

2008-08-04 14:45 326192 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

2008-12-02 13:29 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VitaKeyPdtWzd]

2008-09-18 11:00 2303784 ----a-w- c:\program files\EgisTec\VITAKEY\PdtWzd.exe

.

R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usbxp.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-12 12:52 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-05-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 13:48]

.

2013-05-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-130634854-2026271814-2091516676-1000Core.job

- c:\users\Tim\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-26 22:58]

.

2013-05-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-130634854-2026271814-2091516676-1000UA.job

- c:\users\Tim\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-26 22:58]

.

2013-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 11:38]

.

2013-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 11:38]

.

2013-05-14 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

2013-05-15 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

2010-12-17 c:\windows\Tasks\User_Feed_Synchronization-{020A7BA1-E7AD-425E-80BB-BE0E8C39F241}.job

- c:\windows\system32\msfeedssync.exe [2013-04-24 09:49]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.com/

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Easy-WebPrint Afdrukken - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html

IE: Easy-WebPrint Afdrukvoorbeeld - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html

IE: Easy-WebPrint Toevoegen aan afdruklijst - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html

IE: Easy-WebPrint Versneld afdrukken - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html

IE: Free YouTube to MP3 Converter - c:\program files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

TCP: DhcpNameServer = 195.130.131.4 195.130.130.132

FF - ProfilePath - c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\zq0rxb6r.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=

FF - ExtSQL: !HIDDEN! 2009-09-02 06:29; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - ExtSQL: !HIDDEN! 2012-12-20 18:04; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; c:\program files\Common Files\DVDVideoSoft\plugins\ff

.

- - - - ORPHANS VERWIJDERD - - - -

.

HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe

HKLM-Run-snp2uvc - c:\windows\vsnp2uvc.exe

SafeBoot-WudfPf

SafeBoot-WudfRd

MSConfigStartUp-DAEMON Tools Pro Agent - c:\program files\DAEMON Tools Pro\DTAgent.exe

AddRemove-Easy-WebPrint - c:\windows\IsUn0413.exe

AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\program files\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4}

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2013-05-15 21:25

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'lsass.exe'(676)

c:\program files\EgisTec\VITAKEY\PwdFilter.dll

.

Voltooingstijd: 2013-05-15 21:29:43

ComboFix-quarantined-files.txt 2013-05-15 19:29

.

Pre-Run: 26.835.877.888 bytes beschikbaar

Post-Run: 27.085.447.168 bytes beschikbaar

.

- - End Of File - - 79B6C9119EEDA84337F92B6C7B7F845E

alvast bedankt!

Link naar reactie
Delen op andere sites

Hey juisterr, dank je voor je snelle reactie

SystemLookup klinkt me niet bekend. Als het geen malware is zal het mss zonder mijn medeweten geïnstalleerd zijn samen met een ander programma. Ik heb het opgezocht maar kan niets specifiek vinden of het schadelijk kan zijn om dit gewoon te deinstalleren. Het lijkt een adviesprogramma te zijn dus ik verwacht van wel, maar misschien kan je me hier uitsluitsel over geven?

Grts

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.