Computer loopt om de seconde vast en hapert constant

[kape]

Dubbelklik op Zoek.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

 
 C:\Windows\system32\tasks\0;fs
 C:\Windows\system32\tasks\4392;fs
 [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions];r
"quick_start@gmail.com"=-;r
 autoclean;

• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

[handlocker]

Zoek.exe v5.0.0.0 Updated 19-08-2014

Tool run by pc on wo 20-08-2014 at 18:28:55,74.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\pc\Downloads\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-08-20-103505.log 47277 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"quick_start@gmail.com"=-

==== Deleting Files \ Folders ======================

C:\Windows\system32\tasks\0 deleted

C:\Windows\system32\tasks\4392 deleted

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default

0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

99407FF47487D59D749545B93CDCE4D3 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll - Java Platform SE 8 U11

F42962C2257294BE4AB0CB6038D9E477 - C:\Program Files\Java\jre8\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.110.12

4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash

FB5621842FDABF9F8359775573498FBC - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update

B5269A90EB2C747C4802E2FE0527C5D2 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa

893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In

14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat

14365399E83D7BC15760E8676E890C87 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat

5596E40701BE8A4AEC399F57DBCE289E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.5

5596E40701BE8A4AEC399F57DBCE289E - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.5

87FCE1D38F135B923EEC502825B5C7F6 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.5

87FCE1D38F135B923EEC502825B5C7F6 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.5

5A2AF08FEF626D3825AA7923B0A9DFF5 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.5

5A2AF08FEF626D3825AA7923B0A9DFF5 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.5

B033D1486EAD65BE7857114DFAFD8429 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.5

B033D1486EAD65BE7857114DFAFD8429 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.5

DA632EC5CCC16F0B0FAC9BB21C10B2C3 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.5

DA632EC5CCC16F0B0FAC9BB21C10B2C3 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.5

4B12052DEA1DEA28FFADBC27C6D5CB20 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision

B573EFC0DAD162E35FC11258C0496E70 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION

D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013

68BCBB241EF254BC5100D9E6C06ECC71 - C:\Users\pc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator

99FE6AFE80EB7FE3EEB75DC504A326A3 - C:\Users\pc\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer

AF42019A3B0EDBFA6878F75B9377A792 - C:\Users\pc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin

B674373AED09BDC9C4150B5762FD4360 - C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll - Harmony Firefox Plugin

99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

omaonpoimgkmbllpdihbnmgphjoipdhf - C:\Program Files\Logitech\Harmony Remote Driver\harmony_chrome.crx[01-05-2012 21:45]

==== Chromium Startpages ======================

C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Preferences

"homepage": "Google",

"startup_urls": [ "Google" ],

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="{searchTerms - Google Search}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

==== Empty IE Cache ======================

C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01X4GUS6 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2118 folders=319 372492899 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\pc\AppData\Local\Temp will be emptied at reboot

C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully

C:\Users\UpdatusUser.pc-PC\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\pc\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01X4GUS6" not found

==== EOF on wo 20-08-2014 at 18:51:54,77 ======================

[kape]

Mooi zo ... hoe gedraagt de PC zich nu ?

[handlocker]

PC hapert nog steeds. Alleen gebeurd het niet meer om de seconde maar om de vijf seconden ongeveer.

[kape]

Download ComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

• Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  
• Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  
• Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  
• Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  
• Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  
• Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  
• Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  
• Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  

Logbestand plaatsen

• Voeg het logbestand met de naam ComboFix.txt als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map "C:\ComboFix.txt")
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

• Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  
• Illegal operation attempted on a registry key that has been marked for deletion.
  

[handlocker]

ComboFix 14-08-19.01 - pc 21-08-2014 12:12:23.1.2 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2047.757 [GMT 2:00]

Gestart vanuit: c:\users\pc\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2014-07-21 to 2014-08-21 ))))))))))))))))))))))))))))))

.

.

2014-08-21 10:20 . 2014-08-21 10:20 -------- d-----w- c:\users\pc\AppData\Local\temp

2014-08-21 10:08 . 2014-08-21 10:08 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C36008B3-C7FE-42D3-9A00-EDBB6540C353}\MpKsl62603063.sys

2014-08-21 08:30 . 2014-08-21 08:30 -------- d-----w- c:\users\pc\AppData\Roaming\PopcornTime

2014-08-20 20:22 . 2014-08-20 20:22 -------- d-----w- c:\program files\Common Files\Java

2014-08-20 20:19 . 2014-08-20 20:22 -------- d-----w- c:\programdata\Oracle

2014-08-20 18:49 . 2014-08-20 18:58 -------- d-----w- c:\program files\Popcorn Time

2014-08-20 18:47 . 2014-08-19 18:10 893248 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{23F2340B-BA90-4AF2-9C1A-BC3D2A5BA5B5}\gapaengine.dll

2014-08-20 18:45 . 2014-08-07 09:05 8581864 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C36008B3-C7FE-42D3-9A00-EDBB6540C353}\mpengine.dll

2014-08-20 16:43 . 2014-08-20 16:28 24064 ----a-w- c:\windows\zoek-delete.exe

2014-08-20 10:04 . 2014-08-20 16:41 -------- d-----w- C:\zoek_backup

2014-08-20 06:38 . 2014-08-20 07:57 -------- d-----w- c:\program files\trend micro

2014-08-20 06:38 . 2014-08-20 06:38 -------- d-----w- C:\rsit

2014-08-19 18:10 . 2014-08-07 09:05 8581864 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2014-08-13 06:21 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll

2014-08-13 06:20 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll

2014-08-13 06:20 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe

2014-08-13 06:20 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe

2014-08-13 00:03 . 2014-07-14 01:42 654336 ----a-w- c:\windows\system32\rpcrt4.dll

2014-08-13 00:03 . 2014-06-16 01:44 730048 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2014-08-13 00:03 . 2014-06-16 01:44 219072 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2014-08-13 00:03 . 2014-06-16 01:40 107520 ----a-w- c:\windows\system32\cdd.dll

2014-08-13 00:01 . 2014-06-03 09:30 101824 ----a-w- c:\windows\system32\consent.exe

2014-08-13 00:01 . 2014-06-03 09:29 337408 ----a-w- c:\windows\system32\msihnd.dll

2014-08-13 00:01 . 2014-06-03 09:29 2363392 ----a-w- c:\windows\system32\msi.dll

2014-08-13 00:01 . 2014-06-03 09:29 1805824 ----a-w- c:\windows\system32\authui.dll

2014-08-13 00:01 . 2014-08-07 01:43 412160 ----a-w- c:\windows\system32\aepdu.dll

2014-08-13 00:01 . 2014-08-07 01:39 302592 ----a-w- c:\windows\system32\aeinv.dll

2014-08-13 00:01 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDYAK.DLL

2014-08-13 00:01 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDBASH.DLL

2014-08-09 17:51 . 2014-08-09 19:00 -------- d-----w- c:\users\pc\AppData\Roaming\TeamViewer

2014-08-09 17:51 . 2014-08-09 17:51 -------- d-----w- c:\program files\TeamViewer

2014-08-07 18:33 . 2014-08-07 18:33 -------- d-----w- c:\program files\Common Files\Skype

2014-08-02 13:27 . 2014-05-14 16:23 45536 ----a-w- c:\windows\system32\wups2.dll

2014-08-02 13:27 . 2014-05-14 16:23 54240 ----a-w- c:\windows\system32\wuauclt.exe

2014-08-02 13:27 . 2014-05-14 16:17 2425856 ----a-w- c:\windows\system32\wucltux.dll

2014-08-02 13:27 . 2014-05-14 16:23 1973728 ----a-w- c:\windows\system32\wuaueng.dll

2014-08-02 13:27 . 2014-05-14 16:23 36320 ----a-w- c:\windows\system32\wups.dll

2014-08-02 13:27 . 2014-05-14 16:23 581600 ----a-w- c:\windows\system32\wuapi.dll

2014-08-02 13:27 . 2014-05-14 16:17 92672 ----a-w- c:\windows\system32\wudriver.dll

2014-08-02 13:26 . 2014-05-14 07:23 179656 ----a-w- c:\windows\system32\wuwebv.dll

2014-08-02 13:26 . 2014-05-14 07:17 33792 ----a-w- c:\windows\system32\wuapp.exe

2014-07-29 22:37 . 2014-07-29 22:37 -------- d-----w- C:\SUPERDelete

2014-07-28 10:16 . 2014-07-28 10:16 2895040 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1043\MSOINTL.DLL

2014-07-27 09:41 . 2014-07-27 09:41 5532368 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe

2014-07-27 09:41 . 2014-07-27 09:41 550072 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSOSQM.EXE

2014-07-27 09:41 . 2014-07-27 09:41 5233848 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\Csi.dll

2014-07-27 09:41 . 2014-07-27 09:41 26273464 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL

2014-07-27 09:41 . 2014-07-27 09:41 189128 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\LICLUA.EXE

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-08-20 20:20 . 2014-03-13 01:13 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2014-08-19 18:10 . 2013-07-17 15:06 893248 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2014-08-14 15:18 . 2013-07-12 18:31 699568 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-08-14 15:18 . 2013-07-12 18:31 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-06-18 01:51 . 2014-07-09 02:40 646144 ----a-w- c:\windows\system32\osk.exe

2014-06-06 10:47 . 2014-06-06 10:47 4558848 ----a-w- c:\windows\system32\GPhotos.scr

2014-06-06 09:44 . 2014-07-09 02:40 509440 ----a-w- c:\windows\system32\qedit.dll

2014-06-05 14:26 . 2014-07-09 02:38 1059840 ----a-w- c:\windows\system32\lsasrv.dll

2014-05-30 07:52 . 2014-07-09 02:40 172032 ----a-w- c:\windows\system32\wdigest.dll

2014-05-30 07:52 . 2014-07-09 02:40 65536 ----a-w- c:\windows\system32\TSpkg.dll

2014-05-30 07:52 . 2014-07-09 02:40 247808 ----a-w- c:\windows\system32\schannel.dll

2014-05-30 07:52 . 2014-07-09 02:40 220160 ----a-w- c:\windows\system32\ncrypt.dll

2014-05-30 07:52 . 2014-07-09 02:40 259584 ----a-w- c:\windows\system32\msv1_0.dll

2014-05-30 07:52 . 2014-07-09 02:40 550912 ----a-w- c:\windows\system32\kerberos.dll

2014-05-30 07:52 . 2014-07-09 02:40 17408 ----a-w- c:\windows\system32\credssp.dll

2014-05-30 06:36 . 2014-07-09 02:41 338944 ----a-w- c:\windows\system32\drivers\afd.sys

2010-01-26 07:11 . 2013-07-14 02:54 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]

@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"

[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]

2014-07-27 09:41 1730256 ----a-w- c:\progra~1\MICROS~4\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]

@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"

[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]

2014-07-27 09:41 1730256 ----a-w- c:\progra~1\MICROS~4\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]

@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"

[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]

2014-07-27 09:41 1730256 ----a-w- c:\progra~1\MICROS~4\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-07-30 507776]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-07-13 280576]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RocketDock.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk

backup=c:\windows\pss\RocketDock.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SkinPackMenu.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SkinPackMenu.lnk

backup=c:\windows\pss\SkinPackMenu.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^pc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk]

path=c:\users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

backup=c:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2013-09-13 18:51 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

2012-11-05 14:27 89184 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]

2014-03-06 11:49 819984 ----a-w- c:\program files\BlueStacks\HD-Agent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4]

2014-08-07 03:20 860488 ----a-w- c:\program files\Google\Chrome\Application\chrome.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]

2014-03-20 21:03 1797064 ----a-w- c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2014-01-17 15:24 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remote Control Server]

2013-11-09 08:53 1988608 ----a-w- c:\program files\Remote Control Server\Remote Control Server.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

2014-04-08 01:56 1268816 ----a-w- c:\users\pc\AppData\Roaming\uTorrent\uTorrent.exe

.

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-07-25 108032]

S2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]

S2 BstHdDrv;BlueStacks Hypervisor;c:\program files\BlueStacks\HD-Hypervisor-x86.sys [2014-03-06 113424]

S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files\BlueStacks\HD-LogRotatorService.exe [2014-03-06 385808]

S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files\BlueStacks\HD-UpdaterService.exe [2014-03-06 770832]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - MPKSL62603063

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-08-15 02:11 1104200 ----a-w- c:\program files\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2014-08-21 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-12 15:18]

.

2014-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-13 00:30]

.

2014-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-13 00:30]

.

2014-08-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1577482832-1229427741-2884412449-1000Core.job

- c:\users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-09 01:41]

.

2014-08-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1577482832-1229427741-2884412449-1000UA.job

- c:\users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-09 01:41]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~4\Office15\ONBttnIE.dll/105

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office15\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

FF - ProfilePath - c:\users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\d1b8qf9x.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-10 - (no file)

MSConfigStartUp-NextLive - c:\users\pc\AppData\Roaming\newnext.me\nengine.dll

AddRemove-Freecorder extension - c:\program files\Freecorder extension\uninstall.exe

AddRemove-Freecorder extension for Chrome - c:\program files\Freecorder extension\UninstallChromeToolbar.exe

AddRemove-Freecorder extension for Firefox - c:\program files\Freecorder extension\UninstallFirefoxToolbar.exe

AddRemove-{8e70e4e1-06d7-470b-9f74-a51bef21088e} - c:\programdata\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe

AddRemove-{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1 - c:\program files\VDownloader\unins000.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1577482832-1229427741-2884412449-1000\Software\SecuROM\License information*]

"datasecu"=hex:1f,36,61,5f,bb,98,a3,6d,93,61,d8,f5,98,ba,49,fe,91,ce,e3,c7,b8,

a9,ca,bd,4e,87,61,86,f6,91,d1,e5,a6,fe,a5,8f,29,bc,7b,08,86,c1,7c,65,31,1b,\

"rkeysecu"=hex:6f,15,e0,7c,1f,7e,79,73,36,88,b0,0c,ef,11,3c,34

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2014-08-21 12:23:13

ComboFix-quarantined-files.txt 2014-08-21 10:23

.

Pre-Run: 284.683.833.344 bytes beschikbaar

Post-Run: 284.588.851.200 bytes beschikbaar

.

- - End Of File - - 6FF0DD51F9236098141E785ED49C42AD

8E734BD7AA1D4F7E9AF58DF495F6CF9E

[kape]

Heb je dit probleem al lang ? Of nog maar net ?

[handlocker]

Ongeveer een weekje. Alles hapert dan. Met het muis bewegen lukt al dan niet meer. Wanneer ik me PC opnieuw start (soms 2 x) doet die het weer helemaal normaal.

[kape]

Ga naar de site van ESET Online Scanner.

Klik op de knop “Run ESET Online Scanner”

In een apart scherm krijg je de vraag om EsetSmartInstaller te downloaden

Klik op de link van esetsmartinstaller_enu.exe en dan start de download automatisch op.

Kies voor “Download” van dit bestand.

Klik op “uitvoeren” van dit bestand esetsmartinstaller_enu.exe

Zet een vinkje bij “YES, I accept the Terms of Use”

Klik op “Start”

Klik op "Advanced settings"

Zet een vinkje bij de volgende opties:

• Remove found threats
  
• Scan archives
  
• Scan for potentially unwanted applications
  
• Scan for potentially unsafe applications
  
• Enable Anti-Stealth technology
  

Klik op “Start”

De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.

Je mag het venster sluiten wanneer de scan klaar is.

Post het geopende logje in het volgende bericht als bijlage. Dit logje vind je op de locatie C:\\Program Files\\Eset\\EsetOnlineScanner\\log.txt

[handlocker]

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# product=EOS

# version=8

# iexplore.exe=11.00.9600.16428 (winblue_gdr.131013-1700)

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=fa216936a9e8804797f5c683ff9e8fd6

# engine=19766

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2014-08-21 06:42:37

# local_time=2014-08-21 08:42:37 (+0100, West-Europa (zomertijd))

# country="Netherlands"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1='Microsoft Security Essentials'

# compatibility_mode=5895 16777213 100 100 12259128 49959873 0 0

# scanned=174051

# found=13

# cleaned=13

# scan_time=19472

sh=40C5BC73228FDC726542ED7728E7606AC9584C4F ft=1 fh=20226ff923152af2 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\pc\Documents\SopCast\Setup-SopCast-3.8.3-2013-6-26.exe"

sh=47418AD4698F40CBBD570C6FEAFEEE71BED07F29 ft=0 fh=0000000000000000 vn="Win32/PSWTool.KonBoot.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\pc\Downloads\Software\ubcd528.iso"

sh=CA5FBAEFE7F0923A65CA47B86013D7ED9AEBBF2F ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.AK trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\pc\Downloads\Software\SuperOneClickv2.3.3-ShortFuse\Exploits\psneuter"

sh=A917385340FA5BFD17C2C5E07C64FBC3E4AE28FB ft=1 fh=65ab92f317eeb562 vn="a variant of Win32/Toolbar.Besttoolbars.I potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Freecorder extension\AddonsFramework.Typelib.dll"

sh=AB322BA3029F90646BBF6F28D24AFE1D8C51C6AB ft=1 fh=56353594fd4e9e09 vn="a variant of Win64/Toolbar.Besttoolbars.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Freecorder extension\AddonsFramework.Typelib64.dll"

sh=54EDC074945B870345529CA61C2ED262AD902D01 ft=1 fh=58e308a19e323267 vn="a variant of Win32/Toolbar.Besttoolbars.G potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Freecorder extension\BackgroundHost.exe"

sh=D09B88D85C0C5FABE0E615F56827BE4FAD115CC2 ft=1 fh=a47dd344701284cd vn="a variant of Win64/Toolbar.Besttoolbars.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Freecorder extension\BackgroundHost64.exe"

sh=1F9663D903E03CE091C979FA26D168F5408C8289 ft=1 fh=bebd09d8e4ef60a6 vn="a variant of Win32/Toolbar.Besttoolbars.J potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Freecorder extension\ScriptHost.dll"

sh=0B0809855D8D766CEFAC686726C1D9F4E5E03B2F ft=1 fh=d0629def5ef46c9d vn="a variant of Win32/Toolbar.Besttoolbars.J potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Freecorder extension\ScriptHost64.dll"

sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_pc_AppData_Local_genienext\nengine.dll"

sh=D6CFE89E51D1CF5C0043E538BC26C4477CE3EF3E ft=0 fh=0000000000000000 vn="a variant of Win32/Mobogenie.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_pc_AppData_Local_Mobogenie\Version\NewVersion\Mobogenie2.2.0.zip"

sh=93AD648467F47DC2708810D169F26F4A814778C5 ft=1 fh=e589ccabe231da4b vn="a variant of Win32/Mobogenie.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_pc_AppData_Local_Mobogenie\Version\NewVersion\Mobogenie\UpdateMoboGenie.exe"

sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_pc_AppData_Roaming_newnext.me\nengine.dll"