Hoi,
Ik heb hier een Acer X53S laptop met win7 64bit, die allerlei mankementen had.
Ik heb al malware kunnen verwijderen met MWB, het geluid hersteld met sfc/scannow, er zijn enkele virussen verwijderd en windows is up to date.
maar één probleem krijg ik niet opgelost:
na enkele seconden in windows verkenner te zijn krijg ik de melding: windows verkenner werkt niet meer en windows verkenner wordt opnieuw gestart
Daarna kom ik op een leeg bureaublad terecht, zijn alle vensters gesloten, en hoor ik de DVD-speler zelfs even zoeken.
In veilige modus heb ik hetzelfde probleem voor.
Is het mogelijk om onderstaande logjes na te kijken op fouten?
Alvast bedankt voor de hulp!
Gmer:
GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2014-01-08 21:21:09
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JEDO 596,17GB
Running: wp40gbwi.exe; Driver: C:\Users\GEBRUI~1\AppData\Local\Temp\pxdyyuog.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\AsScrPro.exe[3124] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075471465 2 bytes [47, 75]
.text C:\Windows\AsScrPro.exe[3124] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754714bb 2 bytes [47, 75]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4680] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075471465 2 bytes [47, 75]
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4680] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754714bb 2 bytes [47, 75]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4552] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075471465 2 bytes [47, 75]
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4552] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754714bb 2 bytes [47, 75]
.text ... * 2
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Par ameters\Keys\0025d3b2962e
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Paramet ers\Keys\0025d3b2962e (not active ControlSet)
---- EOF - GMER 2.1 ----
DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428
Run by gebruiker at 21:24:22 on 2014-01-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.6055.4319 [GMT 1:00]
.
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://asus.msn.com
mWinlogon: Userinit = userinit.exe
BHO: {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} - <orphaned>
BHO: Bcool Class: {127A91D3-22D4-9E89-1A74-CA10067FD089} - C:\ProgramData\Bcool\bhoclass.dll
BHO: Bcool Class: {55B7E040-F6A9-707E-4890-A1D0FDDF9826} - C:\ProgramData\Bcool\bhoclass.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
uRun: [Spotify] "C:\Users\gebruiker\AppData\Roaming\Spotify\Spotif y.exe" /uri spotify:autostart
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMen u.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu. exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
StartupFolder: C:\Users\GEBRUI~1\AppData\Roaming\MICROS~1\Windows \STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Sta rtup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Sta rtup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files (x86)\PokerStars.BE\PokerStarsUpdate.exe
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: NameServer = 195.130.130.1 195.130.131.1
TCP: Interfaces\{0B0B77D1-775A-42CF-9FCA-0EBCD5BE43B9} : DHCPNameServer = 195.130.130.1 195.130.131.1
TCP: Interfaces\{0B0B77D1-775A-42CF-9FCA-0EBCD5BE43B9}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.141 195.130.131.141
TCP: Interfaces\{0B0B77D1-775A-42CF-9FCA-0EBCD5BE43B9}\659405F54544 : DHCPNameServer = 195.130.130.131 195.130.131.131
TCP: Interfaces\{91ED8B3D-B3C1-4C52-9801-C3EABCD24965} : DHCPNameServer = 195.130.130.1 195.130.131.1
TCP: Interfaces\{EBCF3409-6E3D-4B8E-93BF-4F84A1E99D97} : NameServer = 0.0.0.0
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Insta ller\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpc iflt.sys [2013-4-8 30496]
R1 appdrv01;Application Driver (01);C:\Windows\System32\drivers\appdrv01.sys [2011-9-11 3854000]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-26 17536]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.s ys [2014-1-6 28600]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-8-18 379520]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-1-6 440376]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-1-6 440376]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgn tflt.sys [2014-1-6 108440]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-17 13832]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-2-21 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-2-21 396776]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-7-7 142632]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-18 413800]
S2 appdrvrem01;Application Driver Auto Removal Service (01);C:\Windows\System32\appdrvrem01.exe svc --> C:\Windows\System32\appdrvrem01.exe svc [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssflt r.sys [2011-4-13 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 GDPkIcpt;GDPkIcpt;C:\Windows\System32\drivers\PktI cpt.sys [2011-9-8 62368]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-7-7 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2011-8-18 290920]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUs bFlt.sys [2011-2-18 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-9 1255736]
S4 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-1-6 1011768]
.
=============== Created Last 30 ================
.
2014-01-08 15:47:59 -------- d-----w- C:\Users\gebruiker\AppData\Local\DriverTuner
2014-01-07 14:32:27 84720 ----a-w- C:\Windows\System32\drivers\avnetflt.sys
2014-01-07 14:18:52 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-01-07 14:18:52 366592 ----a-w- C:\Windows\System32\qdvd.dll
2014-01-07 13:28:59 693352 ----a-w- C:\Windows\System32\DTSVoiceClarityDLL64.dll
2014-01-07 08:35:14 -------- d-----w- C:\Users\gebruiker\AppData\Local\{D5AF0D04-D9C7-46A7-8C77-7433E4EDAFE7}
2014-01-06 20:06:10 -------- d-----w- C:\Program Files\CCleaner
2014-01-06 19:53:45 -------- d-----w- C:\Users\gebruiker\AppData\Roaming\Malwarebytes
2014-01-06 19:53:37 -------- d-----w- C:\ProgramData\Malwarebytes
2014-01-06 19:53:36 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-01-06 19:53:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-06 19:53:27 -------- d-----w- C:\Users\gebruiker\AppData\Local\Programs
2014-01-06 19:44:14 -------- d-----w- C:\Users\gebruiker\AppData\Local\{03205361-C7F4-49AB-8DE6-423A6A03318E}
2014-01-06 19:17:31 -------- d-----w- C:\Users\gebruiker\AppData\Local\{2094A92A-483C-4C81-82FE-7A89CBFE919A}
2014-01-06 16:57:28 -------- d-----w- C:\Users\gebruiker\AppData\Roaming\Avira
2014-01-06 16:51:14 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2014-01-06 16:51:14 108440 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2014-01-06 16:49:40 -------- d-----w- C:\ProgramData\Avira
2014-01-06 16:49:40 -------- d-----w- C:\Program Files (x86)\Avira
2014-01-06 13:05:27 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5C054734-A793-49CD-9F09-B8DFAC2876BB}\mpengine.dll
2014-01-06 13:00:00 -------- d-----w- C:\Windows\Migration
2014-01-06 12:52:55 -------- d-----w- C:\Users\gebruiker\AppData\Local\GameCenter
2013-12-12 21:05:04 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-12 21:05:04 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-12 21:05:03 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2013-12-12 21:05:03 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2013-12-12 20:18:17 335360 ----a-w- C:\Windows\System32\msieftp.dll
.
==================== Find3M ====================
.
2014-01-08 20:09:47 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-19 02:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-11-05 18:47:54 3707864 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2013-11-05 17:54:54 38385664 ----a-w- C:\Windows\System32\RCoRes64.dat
2013-11-04 18:26:24 153304 ----a-w- C:\Windows\System32\RCoInstII64.dll
2013-11-04 10:11:44 2587864 ----a-w- C:\Windows\System32\RtkAPO64.dll
2013-10-30 15:31:04 929080 ----a-w- C:\Windows\System32\NAHIMICAPOSettingsIPC.dll
2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-10-28 16:29:50 1021656 ----a-w- C:\Windows\System32\RtkApi64.dll
2013-10-25 09:49:08 5751576 ----a-w- C:\Windows\System32\NAHIMICAPOlfx.dll
2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-10-18 15:41:34 1286360 ----a-w- C:\Windows\System32\RTCOM64.dll
2013-10-16 02:43:50 209096 ----a-w- C:\Windows\System32\AERTAC64.dll
2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx
2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe
2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe
2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-10-11 11:47:14 113576 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2013-10-11 10:31:16 947760 ----a-w- C:\Windows\System32\SFSS_APO.dll
.
============= FINISH: 21:24:45,17 ===============
Weergegeven resultaten: 1 t/m 10 van 21
Discussie: windows verkenner werkt niet meer
-
8 January 2014, 22:34 #1Gevorderd
- Geregistreerd
- 11 May 2005
- Locatie
- limburg
- Berichten
- 157
- Bedankjes
- 20
- Bedankt
- 7 keer in 6 posts
windows verkenner werkt niet meer
-
8 January 2014, 23:13 #2Spyware Slayer
- Geregistreerd
- 19 May 2005
- Locatie
- Zandvliet/ Ledegem
- Berichten
- 4.212
- Bedankjes
- 1.207
- Bedankt
- 2.706 keer in 1.759 posts
Download
AdwCleaner by Xplode naar het bureaublad.
- Sluit alle openstaande vensters.
- Dubbelklik op AdwCleaner om hem te starten.
- Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
- Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
- Klik vervolgens op Scan.
- Klik vervolgens op Clean als er items zijn gevonden.
- Klik bij Herstarten Noodzakelijk op OK
Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[S0].txt
PS: is die laptop van U?
-
8 January 2014, 23:45 #3Gevorderd
- Geregistreerd
- 11 May 2005
- Locatie
- limburg
- Berichten
- 157
- Bedankjes
- 20
- Bedankt
- 7 keer in 6 posts
hoi,
laptop is van een kameraad, hij had gevraagd om eens te kijken wat er allemaal mis was...
AdwCleaner:
# AdwCleaner v3.016 - Report created 08/01/2014 at 22:41:22
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : gebruiker - GEBRUIKER-PC
# Running from : C:\Users\gebruiker\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Bcool
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\StartSearch plugin
Folder Deleted : C:\Program Files\Babylon
Folder Deleted : C:\Users\gebruiker\AppData\Local\Conduit
Folder Deleted : C:\Users\gebruiker\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\gebruiker\AppData\LocalLow\iac
Folder Deleted : C:\Users\gebruiker\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\gebruiker\AppData\LocalLow\Bcool
Folder Deleted : C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox \Profiles\extensions\Extensions\ffxtlbr@funmoods.c om
File Deleted : C:\Users\gebruiker\AppData\Local\funmoods-speeddial.crx
File Deleted : C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox \Profiles\extensions\user.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkiceno llcignonpgiafdgfeehoj
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlko blmigdofommgnheckmaki
Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1. 0
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install _RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install _RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_ RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_ RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI 32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMAN CS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C2178B36-2955-479B-818C-A2AE8E500454}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{55B7E040-F6A9-707E-4890-A1D0FDDF9826}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{0C9F4179-6CE2-4C6A-A3E5-67FF3592A12E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{55B7E040-F6A9-707E-4890-A1D0FDDF9826}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{0C9F4179-6CE2-4C6A-A3E5-67FF3592A12E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{55B7E040-F6A9-707E-4890-A1D0FDDF9826}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{55B7E040-F6A9-707E-4890-A1D0FDDF9826}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\vShare.tv
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\facemoods
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\facemoods
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\gebruiker\AppData\Local\Google\Chrome\Use r Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [7878 octets] - [08/01/2014 22:20:02]
AdwCleaner[S0].txt - [7720 octets] - [08/01/2014 22:41:22]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7780 octets] ##########
-
9 January 2014, 09:58 #4Spyware Slayer
- Geregistreerd
- 19 May 2005
- Locatie
- Zandvliet/ Ledegem
- Berichten
- 4.212
- Bedankjes
- 1.207
- Bedankt
- 2.706 keer in 1.759 posts
Hey spike,
als je vriend zijn surfgedrag niet gaat aanpassen of niet gaat kijken wat hij aanklikt heeft hij in de kortste keren weer prijs.
Er is la heel wat opgeruimd, laten we nog eens verder kijken.
Download
Zoek.zip naar het bureaublad.
- Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
- Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
- Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
- Dubbelklik vervolgens op Zoek.exe om de tool te starten.
- Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
- Kopieer nu onderstaande code en plak die in het grote invulvenster:
- Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
Code:torpigcheck; emptyclsid; emptyfolderscheck;delete autoclean; iedefaults; filesrcm;
- Klik nu op de knop "Run script".
- Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
- Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
- Post het geopende logje in het volgende bericht als bijlage.
-
9 January 2014, 14:43 #5Gevorderd
- Geregistreerd
- 11 May 2005
- Locatie
- limburg
- Berichten
- 157
- Bedankjes
- 20
- Bedankt
- 7 keer in 6 posts
Hoi,
Als MWB (gratis versie) en de virusscanner regelmatig gedraaid worden, is dit voldoende bescherming, of heb je nog andere voorstellen wat het best regelmatig uitgevoerd wordt?
hieronder het gevraagde logje.
Zoek.exe v5.0.0.0 Updated 05-Januari-2014
Tool run by gebruiker on do 09/01/2014 at 11:48:01,28.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\gebruiker\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
9/01/2014 11:55:18 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandle rs\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandle rs\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
2012-02-08 23:05:17 d-----w- C:\ProgramData\100
==== Empty Folders Check ======================
C:\PROGRA~2\PokerStars.BE deleted successfully
C:\Program Files\Google deleted successfully
C:\ProgramData\Oracle deleted successfully
C:\Users\gebruiker\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\gebruiker\AppData\Local\DriverTuner deleted successfully
C:\Users\gebruiker\AppData\Local\PokerStars.BE deleted successfully
C:\Users\gebruiker\AppData\Local\Unity deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3652248619-1828221240-2316474575-1000\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{127A91D3-22D4-9E89-1A74-CA10067FD089} deleted successfully
HKEY_USERS\S-1-5-21-3652248619-1828221240-2316474575-1001\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{127A91D3-22D4-9E89-1A74-CA10067FD089} deleted successfully
HKEY_USERS\S-1-5-21-3652248619-1828221240-2316474575-1000\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{127A91D3-22D4-9E89-1A74-CA10067FD089} deleted successfully
HKEY_USERS\S-1-5-21-3652248619-1828221240-2316474575-1001\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{127A91D3-22D4-9E89-1A74-CA10067FD089} deleted successfully
HKEY_USERS\S-1-5-21-3652248619-1828221240-2316474575-1000\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{55B7E040-F6A9-707E-4890-A1D0FDDF9826} deleted successfully
HKEY_USERS\S-1-5-21-3652248619-1828221240-2316474575-1000\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{55B7E040-F6A9-707E-4890-A1D0FDDF9826} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{127A91D3-22D4-9E89-1A74-CA10067FD089} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Explorer\Browser Helper Objects\{127A91D3-22D4-9E89-1A74-CA10067FD089} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3652248619-1828221240-2316474575-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{127A91D3-22D4-9E89-1A74-CA10067FD089} deleted successfully
HKEY_USERS\S-1-5-21-3652248619-1828221240-2316474575-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{55B7E040-F6A9-707E-4890-A1D0FDDF9826} deleted successfully
HKEY_USERS\S-1-5-21-3652248619-1828221240-2316474575-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-3652248619-1828221240-2316474575-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox \Profiles\extensions
prefs.js not found
user.js not found
---- FireFox user.js and prefs.js backups ----
==== Deleting Files \ Folders ======================
C:\extensions deleted
C:\ProgramData\OberonGameConsole deleted
C:\ProgramData\InstallMate deleted
C:\user.js deleted
C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox \Profiles\extensions\OneClickDownload@OneClickDown load.com deleted
"C:\Users\gebruiker\AppData\Local\{3A4942CF-0653-4573-8529-F2251C974C62}" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2014-01-07 13:28:50 ED42C02A7A7DCA88758606274D3A0A0D 2080472 ----a-w- C:\Windows\RtlExUpd.dll
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
2014-01-06 16:52:12 FCF35E1C0A7DDC52FE2A738600773C68 12344 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\avgnt.exe\Av ira.OE.Communicator.Interface.dll
2014-01-06 16:52:12 9B88C214FC43E13D627862F8B0E8F89F 39480 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\avgnt.exe\Av ira.OE.ExtApi.dll
2014-01-06 16:52:12 8166E0A1348922A61AF1765755061A00 285240 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\avgnt.exe\Av ira.OE.NativeCore.dll
2014-01-06 16:52:12 74B324BDE763615318490FE1DF9DC32A 119352 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\avgnt.exe\Av ira.OE.Wincore.dll
2014-01-06 16:52:12 610C86FBC0483579DC35AA73DDADCE66 42040 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\avgnt.exe\Av ira.OE.Wincore.Interface.dll
2014-01-06 16:33:45 D3B8519380A78DFFCD566774D079A7BA 337216 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\{0B14D660-3122-4BFD-9EFB-DCC5768C56F1}\_isres_0x0413.dll
2014-01-06 16:33:44 0EC6B3D99D56F9FB9078B24D3B5EC4EB 261424 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\{0B14D660-3122-4BFD-9EFB-DCC5768C56F1}\ISRT.dll
====== Java Cache =====
2014-01-08 21:08:44 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\gebruiker\AppData\LocalLow\Sun\Java\Deplo yment\cache\6.0\12\eef218c-212a29ad
2014-01-08 21:08:37 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\gebruiker\AppData\LocalLow\Sun\Java\Deplo yment\cache\6.0\17\49a00451-485a7ae2
2014-01-08 21:08:37 E71B6FC410727D0096A878E87E8FAEAA 99 ----a-w- C:\Users\gebruiker\AppData\LocalLow\Sun\Java\Deplo yment\cache\6.0\17\49a00451-6.0.lap
2014-01-08 21:08:36 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\gebruiker\AppData\LocalLow\Sun\Java\Deplo yment\cache\6.0\18\3cb32f52-5ab56656
2014-01-08 21:08:37 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\gebruiker\AppData\LocalLow\Sun\Java\Deplo yment\cache\6.0\43\1ca2666b-7f3ca99f
2014-01-08 21:47:54 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\gebruiker\AppData\LocalLow\Sun\Java\Deplo yment\SystemCache\6.0\32\6c34baa0-2d2faa2d
====== C:\Windows\SysWOW64 =====
2014-01-08 21:12:11 52FA726F8D37412122EC4EF1DF09D80F 692616 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-08 21:12:10 EBE768B199EB3E741AB64BE55CCF0F66 71048 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-08 21:06:35 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe
2014-01-08 21:06:28 9B0B14B405E0EDF76B5F5E31A49EB753 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-07 14:18:52 33B26FA5DBEB69FFAB703EDCB4E6DE4A 514560 ----a-w- C:\Windows\SysWOW64\qdvd.dll
2014-01-07 13:29:01 99DE7F0838685CE9F4C39E58FEE6F48B 790272 ----a-w- C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-01-06 13:02:20 6A11929413F4B86F361D91B16B53AB97 1704848 ----a-w- C:\Windows\SysWOW64\PerfStringBackup.INI
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-01-07 14:18:52 973131EB99BE1E19DAC502CB724E72A5 366592 ----a-w- C:\Windows\Sysnative\qdvd.dll
2014-01-07 13:29:08 C082B23A77E89D5AA0329777FF34A0DE 65944 ----a-w- C:\Windows\Sysnative\tepeqapo64.dll
2014-01-07 13:29:08 A58E46E776CFAD5DCBC8C2D9A920E7B4 582056 ----a-w- C:\Windows\Sysnative\tosasfapo64.dll
2014-01-07 13:29:08 95F25E2D41AACCB8956F8E3C6740E377 148416 ----a-w- C:\Windows\Sysnative\tadefxapo.dll
2014-01-07 13:29:08 771536F10F1A419622787FB5D27A8E6B 871856 ----a-w- C:\Windows\Sysnative\tossaeapo64.dll
2014-01-07 13:29:08 7380AE45CFA24369A7305520897142B8 1361336 ----a-w- C:\Windows\Sysnative\tosade.dll
2014-01-07 13:29:08 68C8E504065F3724D873DE7942D5F72C 2103040 ----a-w- C:\Windows\Sysnative\WavesGUILib64.dll
2014-01-07 13:29:08 3D30D3B2776C1A24F6498F569466E8D7 162224 ----a-w- C:\Windows\Sysnative\toseaeapo64.dll
2014-01-07 13:29:08 1A3586235C5DEF0C05F2F0C711E94376 836544 ----a-w- C:\Windows\Sysnative\tadefxapo264.dll
2014-01-07 13:29:07 D29D34D0AF33EDD9D604816154CBFE6A 244480 ----a-w- C:\Windows\Sysnative\slprp64.dll
2014-01-07 13:29:07 D1A3064BD95D337804EFCF6D8C03B406 897792 ----a-w- C:\Windows\Sysnative\sl3apo64.dll
2014-01-07 13:29:07 CC0434CBB00ECF7B4FDD072A4101AC60 1014016 ----a-w- C:\Windows\Sysnative\slcnt64.dll
2014-01-07 13:29:07 B4D7A07098508A3BCC3C57612F890F98 947760 ----a-w- C:\Windows\Sysnative\SFSS_APO.dll
2014-01-07 13:29:07 7B3E9344FB43D799C6462227A0E65877 221024 ----a-w- C:\Windows\Sysnative\SFNHK64.dll
2014-01-07 13:29:07 43B0E62B728A04A73FE6FAE3274FFEE7 722688 ----a-w- C:\Windows\Sysnative\sltech64.dll
2014-01-07 13:29:07 3F8A63EDF6E0E6827D5494CD8720F7CC 1662024 ----a-w- C:\Windows\Sysnative\RTSnMg64.cpl
2014-01-07 13:29:07 2C25AF115BDDC05D9A84D26227A08E63 81248 ----a-w- C:\Windows\Sysnative\SFCOM64.dll
2014-01-07 13:29:07 17ABCAD44A75C635583A238ED6333357 78688 ----a-w- C:\Windows\Sysnative\SFAPO64.dll
2014-01-07 13:29:07 027D50CF8F4A9FAFF61B49958CFED1ED 2810072 ----a-w- C:\Windows\Sysnative\RtPgEx64.dll
2014-01-07 13:29:06 CA1D7D09854D305A64B100DC1400BA21 331880 ----a-w- C:\Windows\Sysnative\RtlCPAPI64.dll
2014-01-07 13:29:06 8814A281406553A2640D6A04702C63BD 14952 ----a-w- C:\Windows\Sysnative\RtkCoLDR64.dll
2014-01-07 13:29:05 C08DE9FE49B8DE126EE7A42C7C80450E 1021656 ----a-w- C:\Windows\Sysnative\RtkApi64.dll
2014-01-07 13:29:05 8BFA2E598156C9224545DD3317856D9B 2587864 ----a-w- C:\Windows\Sysnative\RtkAPO64.dll
2014-01-07 13:29:04 20B2E41DAA40B18444C19C1CCE9577DE 617176 ----a-w- C:\Windows\Sysnative\RtDataProc64.dll
2014-01-07 13:29:03 D0EB28022A91A5C084E8A7DEBB08D8D2 141584 ----a-w- C:\Windows\Sysnative\R4EEL64A.dll
2014-01-07 13:29:03 CA2F732F51BB609265DDC9A851ECDB27 929080 ----a-w- C:\Windows\Sysnative\NAHIMICAPOSettingsIPC.dll
2014-01-07 13:29:03 B6FB3F1D359FA0D293E952FD1550BB41 153304 ----a-w- C:\Windows\Sysnative\RCoInstII64.dll
2014-01-07 13:29:03 A0DC2F4C3A743339B3941BAFA39FDC0A 38385664 ----a-w- C:\Windows\Sysnative\RCoRes64.dat
2014-01-07 13:29:03 8882AD10853E45402CABD3BAF48A7EFC 124176 ----a-w- C:\Windows\Sysnative\R4EEA64A.dll
2014-01-07 13:29:03 6294EB69AE8907495D3F69C19676DBC0 1286360 ----a-w- C:\Windows\Sysnative\RTCOM64.dll
2014-01-07 13:29:03 0B5EF50E26CFD1E7BF01E32E053532B2 434960 ----a-w- C:\Windows\Sysnative\R4EED64A.dll
2014-01-07 13:29:03 03625A179B27362D3A90E3331AEBE95E 7164176 ----a-w- C:\Windows\Sysnative\R4EEP64A.dll
2014-01-07 13:29:03 01096663377134C41D618AF0E53A953E 75024 ----a-w- C:\Windows\Sysnative\R4EEG64A.dll
2014-01-07 13:29:02 DF1C73C391BD249E400B017ECEBF2BB8 3714304 ----a-w- C:\Windows\Sysnative\MaxxAudioVnN64.dll
2014-01-07 13:29:02 B6DBCBB878A3BE0B48E8F5045CB9CA9D 906800 ----a-w- C:\Windows\Sysnative\MISS_APO.dll
2014-01-07 13:29:02 8C3D0711219078FB6601C39387EB7B30 1286400 ----a-w- C:\Windows\Sysnative\MaxxSpeechAPO64.dll
2014-01-07 13:29:02 68E48600A04EF184B42B52634D703856 5751576 ----a-w- C:\Windows\Sysnative\NAHIMICAPOlfx.dll
2014-01-07 13:29:02 587A8CF457604D84266FF858CEB60223 662784 ----a-w- C:\Windows\Sysnative\MaxxVolumeSDAPO.dll
2014-01-07 13:29:02 32E91908A319CF4FDDE18C6F5699E0E0 907008 ----a-w- C:\Windows\Sysnative\MaxxVoiceAPO2064.dll
2014-01-07 13:29:01 A0E82776B44BA5A89755D872B003887F 1921792 ----a-w- C:\Windows\Sysnative\MaxxAudioRealtek264.dll
2014-01-07 13:29:01 932271059AE180C436D5CA7AF2B0637C 14152960 ----a-w- C:\Windows\Sysnative\MaxxAudioRealtek64.dll
2014-01-07 13:29:01 7C29CDA779E9CEA80075F45E34E55A8E 1345280 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO5064.dll
2014-01-07 13:29:01 3829AF61A8442CC4F63D908E82A09705 1012992 ----a-w- C:\Windows\Sysnative\MaxxAudioAPOShell64.dll
2014-01-07 13:29:01 315AEF22E309E724AD0575C75E7EF5F3 1084160 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO4064.dll
2014-01-07 13:29:01 20F371119BB00A073BDBAEC5BFBD1C30 2036992 ----a-w- C:\Windows\Sysnative\MaxxAudioEQ64.dll
2014-01-07 13:29:01 1B89185D5D7AB3A10B4309E16C62CC30 27644160 ----a-w- C:\Windows\Sysnative\MaxxAudioVnA64.dll
2014-01-07 13:29:01 06080807E61471A18AD99F3E6FF3C9B5 663296 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO30.dll
2014-01-07 13:29:00 6F7D1601DA55BBE5C7A79E01E236D7B9 603984 ----a-w- C:\Windows\Sysnative\KAAPORT64.dll
2014-01-07 13:28:59 DE32448E6B40141C80DAABFF6FBE1744 693352 ----a-w- C:\Windows\Sysnative\DTSVoiceClarityDLL64.dll
2014-01-07 13:28:59 A9B98F96FBE514ADEABD20B2BD132172 415680 ----a-w- C:\Windows\Sysnative\DTSU2PREC64.dll
2014-01-07 13:28:59 922CDA544EB5C5A57795B38ED5871B69 2743328 ----a-w- C:\Windows\Sysnative\FMAPO64.dll
2014-01-07 13:28:58 FF31A2F57AAAB58DB78FCC961A58B206 428648 ----a-w- C:\Windows\Sysnative\DTSGainCompensatorDLL64.dll
2014-01-07 13:28:58 FAC24F4CC63235D9533DD6605E5EE6F0 1938608 ----a-w- C:\Windows\Sysnative\DDPD64A.dll
2014-01-07 13:28:58 F7C357462077156DC211AC2112FC8C53 1568360 ----a-w- C:\Windows\Sysnative\DTSS2HeadphoneDLL64.dll
2014-01-07 13:28:58 F132C08BD8C58579B400DFAA71F34CFB 1756264 ----a-w- C:\Windows\Sysnative\DTSS2SpeakerDLL64.dll
2014-01-07 13:28:58 BC0474E5476E5EA0D0E1AA5AC41E2061 242792 ----a-w- C:\Windows\Sysnative\DTSGFXAPO64.dll
2014-01-07 13:28:58 B827E0AE582ACD641F0B2B052773A5CA 6217904 ----a-w- C:\Windows\Sysnative\DDPP64A.dll
2014-01-07 13:28:58 B3977C8BA77559F4F8752AE8EB724C87 242792 ----a-w- C:\Windows\Sysnative\DTSLFXAPO64.dll
2014-01-07 13:28:58 A1C8F811777EFA1B6BD82B226016CF2D 313520 ----a-w- C:\Windows\Sysnative\DDPO64A.dll
2014-01-07 13:28:58 9948969B2C1987B1D64789EFEB284A84 712296 ----a-w- C:\Windows\Sysnative\DTSSymmetryDLL64.dll
2014-01-07 13:28:58 8B5A737AD11EF45D9B1AEB4ED6884968 728680 ----a-w- C:\Windows\Sysnative\DTSBassEnhancementDLL64.dll
2014-01-07 13:28:58 8AE860D92752CFA136979B1FF797FFDC 501184 ----a-w- C:\Windows\Sysnative\DTSU2PLFX64.dll
2014-01-07 13:28:58 82DF29C6D5571BFA69429563F0AED677 260272 ----a-w- C:\Windows\Sysnative\DDPA64.dll
2014-01-07 13:28:58 6E14F444A2506049EEC25CB5EDFE0905 113576 ----a-w- C:\Windows\Sysnative\CONEQMSAPOGUILibrary.dll
2014-01-07 13:28:58 3B8FB5376F5431C0101747D5138BCB9B 241768 ----a-w- C:\Windows\Sysnative\DTSGFXAPONS64.dll
2014-01-07 13:28:58 37B8A8089ECED77F6CEAF74917C5D12B 487360 ----a-w- C:\Windows\Sysnative\DTSU2PGFX64.dll
2014-01-07 13:28:58 2EF5442E8E7ED20F7634EEFB09640C8F 491112 ----a-w- C:\Windows\Sysnative\DTSNeoPCDLL64.dll
2014-01-07 13:28:58 21B38D4D86A87909491F690883AE6D1E 1486952 ----a-w- C:\Windows\Sysnative\DTSBoostDLL64.dll
2014-01-07 13:28:58 192A03A21636D3775CEE4C049C3BEB2A 432744 ----a-w- C:\Windows\Sysnative\DTSLimiterDLL64.dll
2014-01-07 13:28:57 F2CF417EF502555B139EDCD9FEBF9CD3 109848 ----a-w- C:\Windows\Sysnative\AcpiServiceVnA64.dll
2014-01-07 13:28:57 B3E9EA31E37EDCC1D54CE20504549ABE 108640 ----a-w- C:\Windows\Sysnative\AERTAR64.dll
2014-01-07 13:28:57 2D0895BED270D1A8CADD981A5BFC0AE5 605496 ----a-w- C:\Windows\Sysnative\audioLibVc.dll
2014-01-07 13:28:57 2CBDC11690656A1A2D03EC65AE2BCE68 209096 ----a-w- C:\Windows\Sysnative\AERTAC64.dll
====== C:\Windows\Sysnative\drivers =====
2014-01-07 14:32:27 3DE0EBA0BF4771C897F544CBF7CB8973 84720 ----a-w- C:\Windows\Sysnative\drivers\avnetflt.sys
2014-01-07 13:29:07 1EF2A77F3F4951CC25EEEA882376A769 5681192 ----a-w- C:\Windows\Sysnative\drivers\rtvienna.dat
2014-01-07 13:29:06 FA2B7507CD49908B2260949E52F8B9FE 3707864 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys
2014-01-07 13:29:03 C8C7EAD8098EA7468D651F3459657240 681905 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT
2014-01-06 19:53:36 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
2014-01-06 16:51:14 C3A58DBD18786C338126D30BF8C33D72 131576 ----a-w- C:\Windows\Sysnative\drivers\avipbb.sys
2014-01-06 16:51:14 7806BFCD1D7FA5EC23F7324D4EAFD25B 108440 ----a-w- C:\Windows\Sysnative\drivers\avgntflt.sys
2014-01-06 16:51:14 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Windows\Sysnative\drivers\avkmgr.sys
2013-12-12 20:18:12 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys
2013-12-12 20:18:12 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys
====== C:\Windows\Tasks ======
2014-01-08 21:12:11 542FD130A76581A48DC2AB27609DB337 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-08 21:12:11 3074FB8F241540AF0142063D34B9F96F 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
2014-01-06 19:34:47 A47C415251FC1966C0B4297821BAA330 3318 ----a-w- C:\Windows\Sysnative\Tasks\4802
2014-01-06 19:34:39 CAF5D3EFF959AA538100B175E6F0D4C5 3216 ----a-w- C:\Windows\Sysnative\Tasks\0
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-01-08 21:07:01 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2014-01-07 13:28:42 -------- d-----w- C:\PROGRA~2\COMMON~1\InstallShield
2014-01-06 16:49:40 -------- d-----w- C:\PROGRA~2\Avira
======= C: =====
====== C:\Users\gebruiker\AppData\Roaming ======
2014-01-06 19:53:27 -------- d-----w- C:\Users\gebruiker\AppData\Local\Programs
2014-01-06 16:57:28 -------- d-----w- C:\Users\gebruiker\AppData\Roaming\Avira
2014-01-06 16:52:13 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\R oaming\Avira
2014-01-06 12:52:55 -------- d-----w- C:\Users\gebruiker\AppData\Local\GameCenter
====== C:\Users\gebruiker ======
2014-01-08 21:19:22 AF5C84446657B48C9B9B870C46438261 1233962 ----a-w- C:\Users\gebruiker\Desktop\adwcleaner.exe
2014-01-08 21:18:48 AF5C84446657B48C9B9B870C46438261 1233962 ----a-w- C:\Users\gebruiker\Downloads\adwcleaner.exe
2014-01-08 21:06:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-01-08 19:24:55 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\gebruiker\Desktop\dds.com
2014-01-08 19:23:28 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\gebruiker\Desktop\wp40gbwi.exe
2014-01-08 16:06:21 AB3ADA6637B288371093B16BFBC9651A 266633424 ----a-w- C:\Users\gebruiker\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-07 13:30:33 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl
2014-01-06 19:16:30 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Document s
2014-01-06 16:49:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-01-06 16:49:40 -------- d-----w- C:\ProgramData\Avira
====== C: exe-files ==
2014-01-08 21:19:22 AF5C84446657B48C9B9B870C46438261 1233962 ----a-w- C:\Users\gebruiker\Desktop\adwcleaner.exe
2014-01-08 21:18:48 AF5C84446657B48C9B9B870C46438261 1233962 ----a-w- C:\Users\gebruiker\Downloads\adwcleaner.exe
2014-01-08 21:12:11 52FA726F8D37412122EC4EF1DF09D80F 692616 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-08 21:06:35 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe
2014-01-08 21:06:20 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe
2014-01-08 21:06:20 CE10E75E10EB6952A7D813FA587EC632 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe
2014-01-08 21:06:20 CC27986F45EF9FD700BC347355B002B3 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe
2014-01-08 21:06:20 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe
2014-01-08 21:06:20 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe
2014-01-08 21:06:20 83D790AA563347A026771D50E3D07A9B 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
2014-01-08 21:06:20 80A79264302910C7C24BA7E44267EFEF 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe
2014-01-08 21:06:20 7F55715977ECF32633857F16980F008E 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
2014-01-08 21:06:20 7814B0A3E6FE8FFF31B7108D16FC4591 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe
2014-01-08 21:06:20 738AF811C60870FB218D47C628D350AA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
2014-01-08 21:06:20 707BFE32E04720B9D50562669A30F86C 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
2014-01-08 21:06:20 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe
2014-01-08 21:06:20 5721DA732075E01569A287767CBCFA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe
2014-01-08 21:06:20 555651269833A415E1F9E594E8DD829F 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
2014-01-08 21:06:20 54A30377949D4984EE72C5510C58B83D 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
2014-01-08 21:06:20 464358DE0429ABB319DFE3F5E5C85F77 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe
2014-01-08 21:06:20 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe
2014-01-08 21:06:20 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe
2014-01-08 21:06:19 A9743D2D69B80800FEA5F24E7C4B02B3 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
2014-01-08 21:06:19 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe
2014-01-08 21:06:19 2F7EBCD8FB6557997F0583508FFFE6B1 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
2014-01-08 19:23:28 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\gebruiker\Desktop\wp40gbwi.exe
2014-01-08 16:06:21 AB3ADA6637B288371093B16BFBC9651A 266633424 ----a-w- C:\Users\gebruiker\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-08 15:47:15 64114D2EEEF70DF310F2EA1FC34C232F 2816072 ----a-w- C:\Users\gebruiker\AppData\Local\Microsoft\Windows \Temporary Internet Files\Content.IE5\V6TMX7FI\setup.exe
2014-01-08 15:41:54 8D2A52D25B67DC623FEB4DDFD54827D7 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3652248619-1828221240-2316474575-1001\$ILE17NB.exe
2014-01-07 21:02:53 FEB829DC06540B0590E186FFCEA3961D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3652248619-1828221240-2316474575-1001\$I7MAEPI.exe
2014-01-07 21:02:47 6373071F3C29941EC23FA90C6249CF42 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3652248619-1828221240-2316474575-1001\$I8DFJXD.exe
2014-01-07 14:26:42 63F09F554D6DBB298C797B20F9FFD29A 362864 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00005679\up datus.17514821_RUNASUSER.exe
2014-01-07 14:26:42 2A6D00DBB26EE5884814A36BF3D24068 49144 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000175b\dr supdate.14225440_RUNASUSER.exe
2014-01-07 14:26:41 63F09F554D6DBB298C797B20F9FFD29A 362864 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000162f\up datus.17514821_RUNASUSER.exe
2014-01-07 14:26:38 58B19F0798ABADF9BFFCECB5B4AB3006 360328 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000015f0\up datus.17446539_RUNASUSER.exe
2014-01-07 14:26:36 A8A5FBD7237B5F1991C5D51F1458EBAD 358656 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000015d5\up datus.17324192_RUNASUSER.exe
2014-01-07 14:26:33 0EEFE140A491CE903A6A9C219A7B64BD 356440 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000159e\up datus.17261478_RUNASUSER.exe
2014-01-07 14:26:30 D011721F8D9BA1C0FA3C4EF0F140EA59 354368 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00001561\up datus.17175618_RUNASUSER.exe
2014-01-07 14:26:27 CFCB849F212497473884D147FB25C8CC 352488 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000014aa\up datus.17130873_RUNASUSER.exe
2014-01-07 14:26:25 8696D950A4ABE7B32BF31EB976080F7E 350320 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000013ef\up datus.17045011_RUNASUSER.exe
2014-01-07 14:26:23 95C726560F078A960EB579E531CAB344 344064 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000126b\up datus.16656409_RUNASUSER.exe
2014-01-07 14:26:20 E0881F1FD2F7BA3610E73136E73C5792 341096 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00001193\up datus.16556676_RUNASUSER.exe
2014-01-07 14:26:18 DE934F930CADD58AF109ECDFA0F1E0C3 340528 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00001139\up datus.16547828_RUNASUSER.exe
2014-01-07 14:26:14 8ED5323276A0DAE9DA7B363516FD8672 340440 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000111b\up datus.16534621_RUNASUSER.exe
2014-01-07 14:26:09 1651E2F4DEAB6371CE65F483488B0F32 339616 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00001066\up datus.16448423_RUNASUSER.exe
2014-01-07 14:26:02 4061B904A0B8D50CE154E1D87BC89314 4171360 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00000f85\up datus.15840555_RUNASUSER.exe
2014-01-07 14:25:59 DAA625403AFE304A86C4462B1A90A238 329496 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00000f3b\up datus.15747965_RUNASUSER.exe
2014-01-07 14:25:56 B9072A2B01ADF2C04CE00D57299BA491 329088 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00000ea2\up datus.15658398_RUNASUSER.exe
2014-01-07 14:25:53 A60551BEFDD3AB4347BC72B2D056D30F 323680 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00000cf6\up datus.15389624_RUNASUSER.exe
2014-01-07 14:25:50 C9883A440D7F736EF4E8DC6180117439 323184 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00000cd8\up datus.15380446_RUNASUSER.exe
2014-01-07 14:25:48 767A8A6E1C2005CD33DC06603023D89D 314544 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00000ad3\up datus.14911432_RUNASUSER.exe
2014-01-07 14:25:45 85345374FF8269A06F105CC73A00D6DF 371976 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00000696\up datus.14199723_RUNASUSER.exe
2014-01-07 14:25:40 5E734065D5C8FD2698C3B3116254CE01 368832 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000005f2\up datus.14091070_RUNASUSER.exe
2014-01-07 14:25:36 883A421976B1FE7B32BC0369C1880872 368504 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000055b\up datus.14015207_RUNASUSER.exe
2014-01-07 14:25:33 9D5844C1B51B45C5E3213B4234165F25 367096 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000004a9\up datus.13930208_RUNASUSER.exe
2014-01-07 14:25:31 5C5004976E28ACEA31B85EAF00CD70BB 283037 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000003e5\up datus.13430387_RUNASUSER.exe
2014-01-07 14:25:28 783D6350DB1BFC99CEB6B73E289B7450 282530 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000036d\up datus.13305313_RUNASUSER.exe
2014-01-07 14:25:26 2A3FA94B93054E665EF55495FDF720CA 282043 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00000307\up datus.13241915_RUNASUSER.exe
2014-01-07 14:25:24 4A21C0214156C3307E51500FCD51FEEE 281413 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000025d\up datus.13187539_RUNASUSER.exe
2014-01-07 14:25:20 6C5C593C30967840BA167BB2583262C0 277101 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000000f6\up datus.12901601_RUNASUSER.exe
2014-01-07 14:25:17 C177DEB140F0ABEF5B23518D69495F55 275313 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000009d\up datus.12835478_RUNASUSER.exe
2014-01-07 14:25:13 B9A70746C67A932135445E0BBF703B4B 274237 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000003a\up datus.12707410_RUNASUSER.exe
2014-01-07 14:25:11 4BF3B0AB01EB86C901D518B81AC7396D 246227 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00000000\up datus.10797622_RUNASUSER.exe
2014-01-07 14:25:06 CEA3A0FBE6B86EF7A85B62EB41ED5DCB 1260320 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
2014-01-07 14:25:06 94CE4FF08F389FDAE62E99EA33F67E42 190752 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\WLMerger.exe
2014-01-07 14:25:06 1E49D4D75CCF4323314F1E794DBBBA25 1031968 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
2014-01-07 14:24:36 EBCB266D0C3EB5691925E283890733F9 60704 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp64.exe
2014-01-07 14:24:36 527A2AA63EC0569BDF0329EF225D2894 56096 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe
2014-01-07 14:24:22 EBCB266D0C3EB5691925E283890733F9 60704 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{10BF0 E01-452E-4826-B91A-71A1BBF6D9EF}\nvSmartMaxapp64.exe
2014-01-07 14:24:22 BB7C20A2C491E6C1F3CAFC935A5CD0DD 2450208 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{10BF0 E01-452E-4826-B91A-71A1BBF6D9EF}\NVTray.exe
2014-01-07 14:24:22 708547B06809A454B953803CBC449BC0 884512 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{10BF0 E01-452E-4826-B91A-71A1BBF6D9EF}\nvvsvc.exe
2014-01-07 14:24:22 527A2AA63EC0569BDF0329EF225D2894 56096 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{10BF0 E01-452E-4826-B91A-71A1BBF6D9EF}\nvSmartMaxapp.exe
2014-01-07 14:24:22 2F1D248E19DEB03CFCCA78E660A8ECE8 404768 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{10BF0 E01-452E-4826-B91A-71A1BBF6D9EF}\Setup.exe
2014-01-07 14:24:22 13F9D08EDAE4902108255EAA51206D3B 1134880 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{10BF0 E01-452E-4826-B91A-71A1BBF6D9EF}\nvxdsync.exe
2014-01-07 14:24:21 FF23C722C3E847DD331250FDAB72057E 6865184 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{10BF0 E01-452E-4826-B91A-71A1BBF6D9EF}\nvcplui.exe
2014-01-07 14:24:08 2F1D248E19DEB03CFCCA78E660A8ECE8 404768 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{23A3FC69-683E-4F74-9FBA-BA3DDC20FD79}\Setup.exe
2014-01-07 14:23:56 CEA3A0FBE6B86EF7A85B62EB41ED5DCB 1260320 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.{DF729D17-55CC-44D9-8899-F7C883302D15}\daemonu.exe
2014-01-07 14:23:56 94CE4FF08F389FDAE62E99EA33F67E42 190752 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.{DF729D17-55CC-44D9-8899-F7C883302D15}\WLMerger.exe
2014-01-07 14:23:56 94CE4FF08F389FDAE62E99EA33F67E42 190752 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\WLMerger.exe
2014-01-07 14:23:56 5317ACB1F902561C23B3D0E0C31CF34E 404768 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\setup.exe
2014-01-07 14:23:56 1E49D4D75CCF4323314F1E794DBBBA25 1031968 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\NVIDIA.Update.{DF729D17-55CC-44D9-8899-F7C883302D15}\ComUpdatus.exe
2014-01-07 14:23:55 EEA5BB739E16E3A22F63C881C51E6478 775456 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\nvAppBar.exe
2014-01-07 14:23:55 E89ECB37F9EB685A88C3380717C95682 73373104 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\NvCplSetupInt.exe
2014-01-07 14:23:55 CEA3A0FBE6B86EF7A85B62EB41ED5DCB 1260320 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\daemonu.exe
2014-01-07 14:23:55 8E27914D21E20C3F17D79DF3FD8404AF 67584 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\nvsetup.exe
2014-01-07 14:23:55 8424BF89C984AFE7AC0F90C875ED4AF5 977184 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\nvWmi64.exe
2014-01-07 14:23:55 76E5E0EF745E613DF4617CFEE89D7329 233760 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\dbInstaller.exe
2014-01-07 14:23:55 5AD4C90633980D922EC87E0670F0CA5E 31941448 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\NvCplSetupEng.exe
2014-01-07 14:23:55 4F9AE9037D9AF1119B99890A219B0F10 2716960 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\nwiz.exe
2014-01-07 14:23:55 488FFDADD96946624A9AAA5EFF1FCCB1 621344 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\nvTaskBar.exe
2014-01-07 14:23:55 43FBD23F4CCF575DF4EBF35EBCBC6CA4 1361696 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\d3dreg.exe
2014-01-07 14:23:55 371494B7448DCB9F64A43F25F61F90F1 361248 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\NvMUP.exe
2014-01-07 14:23:55 1E49D4D75CCF4323314F1E794DBBBA25 1031968 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\ComUpdatus.exe
2014-01-07 14:23:55 11C31B80E7B0305B39FAE463ED061330 1493792 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\drst.exe
2014-01-07 14:23:54 4056821022A77F9221FE61192EE2F45B 22870168 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{FEE5B539-973B-4C19-B0E9-1C340B8D988E}\3DVision_311.44.exe
2014-01-07 14:23:49 5317ACB1F902561C23B3D0E0C31CF34E 404768 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{C669B68C-6152-49BB-B3B8-325F65D30680}\setup.exe
2014-01-07 13:30:42 07622F6D69B93403FC9CBB40450DD842 1719000 ----a-w- C:\Program Files (x86)\Realtek\Audio\InstallShield\Rtkupd64.exe
2014-01-07 13:29:09 07622F6D69B93403FC9CBB40450DD842 1719000 ------w- C:\Program Files (x86)\Realtek\Audio\Drivers\RtlUpd64.exe
2014-01-07 13:29:08 ACA3B1A550ED553028F5FDBFA0398A22 101120 ----a-w- C:\Program Files\Realtek\Audio\HDA\WavesSvc.exe
2014-01-07 13:29:08 A3E3A08C75737EBC84E50816B86F4338 287488 ----a-w- C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
2014-01-07 13:29:08 2A21E75EF80242E0646E7567993E977D 562792 ----a-w- C:\Program Files\Realtek\Audio\HDA\vncutil64.exe
2014-01-07 13:29:07 07622F6D69B93403FC9CBB40450DD842 1719000 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe
2014-01-07 13:29:06 CF161C7C6B23A8827C41292F60E6B078 7204568 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
2014-01-07 13:29:05 DABD4AB3D049ECA6AFFD61B63A997728 289496 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
2014-01-07 13:29:04 54BF6A01D8E2C804612703F878E2BCDC 978648 ----a-w- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
2014-01-07 13:29:03 BAF91E0F5CDE5300D4957859B8893D03 1361112 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2014-01-07 13:29:03 16438B000BF56F2CD7FDB5E6C3B38C7E 13662936 ----a-w- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2014-01-07 13:29:01 AF1BEA73ACEA5C17113D832EECBC74B8 3669248 ----a-w- C:\Program Files\Realtek\Audio\HDA\MaxxAudioControl64.exe
2014-01-07 13:28:59 0C57BAD785EEAD029ABF6CBCF43E9A39 51776 ----a-w- C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-01-07 13:28:58 F9EDCA74B8CB3744159DEF02352F7BD6 58880 ----a-w- C:\Program Files\Realtek\Audio\HDA\CreateRtkToastLnk.exe
2014-01-07 13:28:58 6688B6F74C360CBC366B7AF948D9084D 240576 ----a-w- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
2014-01-07 13:28:58 44BB65B1D3827043978FC8E11CA7C0B4 210024 ----a-w- C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
2014-01-07 13:28:57 D1E343BC00136CE03C4D403194D06A80 98208 ----a-w- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
2014-01-07 13:28:56 49B3D2077199C44C1F3BBB16B4094AE6 121064 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe
2014-01-07 13:28:47 9B7E1DF9722AA964C973425FC449F46D 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Int el32\ISBEW64.exe
2014-01-07 13:28:45 D87A2C80695F22C428BD4A64291D45E3 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Int el32\DotNetInstaller.exe
2014-01-06 20:05:14 90B4989B832A57D261F0AB51F143E97A 4645232 ----a-w- C:\$Recycle.Bin\S-1-5-21-3652248619-1828221240-2316474575-1001\$R8DFJXD.exe
2014-01-06 19:53:17 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\$Recycle.Bin\S-1-5-21-3652248619-1828221240-2316474575-1001\$R7MAEPI.exe
2014-01-06 18:04:11 8BA07EF3E95840A84DAFCCAA82075C53 108956093 ----a-w- C:\$Recycle.Bin\S-1-5-21-3652248619-1828221240-2316474575-1001\$RLE17NB.exe
2014-01-06 16:51:16 FE79366FECD444A16CCA9979134DBEA8 440376 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
2014-01-06 16:51:16 D49A434E4BF69D23291D54164D5D15D6 796728 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\fact.exe
2014-01-06 16:51:16 AFE071E446E1A2ABB75B0B9234AC726E 474680 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe
2014-01-06 16:51:16 A617D7C5CCB4992FD278FED9AD2C7A3B 499256 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\inssda64.exe
2014-01-06 16:51:16 91ECCE87F494816737BD6F1B0B671C2A 934968 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
2014-01-06 16:51:16 849D6BD0357DD1E39B01FFF40659B5ED 401976 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\checkt.exe
2014-01-06 16:51:16 5BC02AC86CB9F875BD91A5D009132FDE 645688 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe
2014-01-06 16:51:16 26731C2F4452C1A2DBDBAE8D201E4CE2 399416 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
2014-01-06 16:51:16 17819ACCC4D21E3C07E80454A40A26EB 466488 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\guardgui.exe
2014-01-06 16:51:16 1305B94364F8F8F80DCD0E22E64E267A 467000 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
2014-01-06 16:51:16 1106B8D42E6614240C03AB76224DAF02 422456 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\setuppending.exe
2014-01-06 16:51:16 039ECAE9617FBC500B891256F139FD79 1315384 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe
2014-01-06 16:51:16 02AC980B23C6539B56DEC7956DE2DA3B 458296 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\licmgr.exe
2014-01-06 16:51:15 F88A5D699B6F6AD080ECD58548EF4D7F 511544 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avrestart.exe
2014-01-06 16:51:15 D8976CD6D0653CB6BBC000950590FBBD 601656 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
2014-01-06 16:51:15 BD64ED04CB32C31F9F6812415405E65E 566328 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
2014-01-06 16:51:15 B1625BA4BB3667C3219F2E2EB34AE0E7 411704 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avupgsvc.exe
2014-01-06 16:51:15 8D69B1551F51E18AE12E01DE6A2050EA 1011768 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
2014-01-06 16:51:15 8A2DEC9995EFD16D97A84E3CB7F09812 759864 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
2014-01-06 16:51:15 782ED0F2DFF01B1556A353E4283F2888 1032760 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
2014-01-06 16:51:15 42AFC20DB8D9D8651E26140E95B6A902 858720 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe
2014-01-06 16:51:15 29D956C8CB67222D678FAF20D485B25B 1011768 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
2014-01-06 16:51:14 FDE9C7030FB1E9E2715E113EE6A10F90 440376 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
2014-01-06 16:51:14 FDA1329BF7F5F92C71C692798B642BAC 661048 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
2014-01-06 16:51:14 F143483EF1FD85495AF9EAD190C55983 441400 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avadmin.exe
2014-01-06 16:51:14 DD231039B13EC2ABDE315D76E658EF0E 684600 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
2014-01-06 16:51:14 72B909F1594FC52D25FC3622B9D80D45 769592 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avconfig.exe
2014-01-06 16:51:14 4E41301AB03814EABE37FCF194B728A6 1326512 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe
=== C: other files ==
2014-01-08 21:06:21 0A35B7026416325DE4A3EEC131F6EE2C 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip
2014-01-08 21:05:40 76C0E995B2F29E55580B8FD3F78CFB4F 915368 ----a-w- C:\Users\gebruiker\AppData\Local\Microsoft\Windows \Temporary Internet Files\Content.IE5\5VFYN9Y7\JavaSetup7u45.com
2014-01-08 19:24:55 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\gebruiker\Desktop\dds.com
2014-01-07 14:32:27 3DE0EBA0BF4771C897F544CBF7CB8973 84720 ----a-w- C:\Windows\System32\drivers\avnetflt.sys
2014-01-07 13:29:06 FA2B7507CD49908B2260949E52F8B9FE 3707864 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2014-01-06 19:53:36 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-01-06 16:51:16 43552F707825F03E84C0FA217DBA3868 42088 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\sweb.zip
2014-01-06 16:51:15 3DE0EBA0BF4771C897F544CBF7CB8973 84720 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avnetflt.sys
2014-01-06 16:51:14 C3A58DBD18786C338126D30BF8C33D72 131576 ----a-w- C:\Windows\System32\drivers\avipbb.sys
2014-01-06 16:51:14 C3A58DBD18786C338126D30BF8C33D72 131576 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avipbb.sys
2014-01-06 16:51:14 7806BFCD1D7FA5EC23F7324D4EAFD25B 108440 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2014-01-06 16:51:14 7806BFCD1D7FA5EC23F7324D4EAFD25B 108440 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avgntflt.sys
2014-01-06 16:51:14 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2014-01-06 16:51:14 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avkmgr.sys
==== Folders in C:\ProgramData 0-6 Months Old ======================
2014-01-06 16:49:40 -------- d-----w- C:\ProgramData\Avira
2014-01-06 19:53:37 -------- d-----w- C:\ProgramData\Malwarebytes
==== Firefox Extensions ======================
==== Firefox Plugins ======================
==== Chrome Look ======================
Chrome In-App Payments service - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3652248619-1828221240-2316474575-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-3652248619-1828221240-2316474575-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Uninstall\{0977D511-F2FB-E75C-0FC9-9AF535EDDBCD} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Uninstall\{1E1D2A76-357D-A1FE-1C75-D37600A6E413} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Uninstall\{66AE99D0-A26F-284C-885B-942CBB890645} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Uninstall\{A5E6BC53-E480-19BA-30E2-642B588E2CF4} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WLSync deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\gebruiker\AppData\Local\Microsoft\Windows \Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\gebruiker\AppData\Local\Microsoft\Windows \Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\ Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\gebruiker\AppData\Local\Google\Chrome\Use r Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=104 folders=26 6059847 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\ Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Lo cal\Temp emptied successfully
C:\Users\gebruiker\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on do 09/01/2014 at 12:08:43,29 ======================
-
9 January 2014, 15:18 #6Spyware Slayer
- Geregistreerd
- 19 May 2005
- Locatie
- Zandvliet/ Ledegem
- Berichten
- 4.212
- Bedankjes
- 1.207
- Bedankt
- 2.706 keer in 1.759 posts
Als deze ook geupdated worden zou ik ze toch 1x per week laten scannen hoor! Er komen voor MWB dagelijks updates uit.Als MWB (gratis versie) en de virusscanner regelmatig gedraaid worden, is dit voldoende bescherming, of heb je nog andere voorstellen wat het best regelmatig uitgevoerd wordt?
Hoe werkt alles nu?
-
9 January 2014, 18:39 #7Gevorderd
- Geregistreerd
- 11 May 2005
- Locatie
- limburg
- Berichten
- 157
- Bedankjes
- 20
- Bedankt
- 7 keer in 6 posts
hoi,
het is spijtig genoeg nog altijd hetzelfde, na enkele klikken in verkenner wordt deze afgesloten.
Heeft het nut om eens een printscreen van de foutmelding te maken? Het is me ook opgevallen dat er enkele symbolen uit het systeemvak rechtsonder verdwijnen na de crash. oa: Nvida instellingen en "wireless console 3"
grt, timLaatst gewijzigd door Spike; 9 January 2014 om 18:46
-
9 January 2014, 23:05 #8Gevorderd
- Geregistreerd
- 11 May 2005
- Locatie
- limburg
- Berichten
- 157
- Bedankjes
- 20
- Bedankt
- 7 keer in 6 posts
ik merk nu ook dat bij de start soms geen bureaublad pictogrammen verschijnen, de icoontjes van nvidia en wireless blijven dan wel staan, dus daar zal het niets mee te maken hebben.
gr,tim
-
10 January 2014, 09:18 #9Spyware Slayer
- Geregistreerd
- 19 May 2005
- Locatie
- Zandvliet/ Ledegem
- Berichten
- 4.212
- Bedankjes
- 1.207
- Bedankt
- 2.706 keer in 1.759 posts
Download ComboFix van één van deze locaties:
Link 1
Link 2
* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op
- Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
Klik hier
Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap. - Dubbeklik op ComboFix.exe en volg de meldingen op het scherm.
- ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.
**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware. - Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.
Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:
Klik op Ja om verder te gaan met het scannen naar malware.
Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
-
10 January 2014, 18:44 #10Gevorderd
- Geregistreerd
- 11 May 2005
- Locatie
- limburg
- Berichten
- 157
- Bedankjes
- 20
- Bedankt
- 7 keer in 6 posts
het logje:
ComboFix 14-01-08.03 - gebruiker 10/01/2014 17:35:04.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.6055.4349 [GMT 1:00]
Gestart vanuit: c:\users\gebruiker\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\100
c:\programdata\Roaming
c:\windows\msvcr71.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-12-10 to 2014-01-10 ))))))))))))))))))))))))))))))
.
.
2014-01-10 16:40 . 2014-01-10 16:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-09 11:06 . 2014-01-09 10:47 24064 ----a-w- c:\windows\zoek-delete.exe
2014-01-09 10:47 . 2014-01-09 11:01 -------- d-----w- C:\zoek_backup
2014-01-08 21:20 . 2014-01-08 21:41 -------- d-----w- C:\AdwCleaner
2014-01-08 21:12 . 2014-01-08 21:12 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-08 21:12 . 2014-01-08 21:12 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-08 21:07 . 2014-01-08 21:07 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-01-08 21:06 . 2014-01-08 21:06 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-07 14:32 . 2014-01-07 14:32 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-01-07 14:18 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2014-01-07 14:18 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-01-07 13:28 . 2013-10-06 23:26 415680 ----a-w- c:\windows\system32\DTSU2PREC64.dll
2014-01-06 20:06 . 2014-01-06 20:06 -------- d-----w- c:\program files\CCleaner
2014-01-06 19:53 . 2014-01-06 19:53 -------- d-----w- c:\users\gebruiker\AppData\Roaming\Malwarebytes
2014-01-06 19:53 . 2014-01-06 19:53 -------- d-----w- c:\programdata\Malwarebytes
2014-01-06 19:53 . 2014-01-06 19:53 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-06 19:53 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-06 19:53 . 2014-01-06 19:53 -------- d-----w- c:\users\gebruiker\AppData\Local\Programs
2014-01-06 16:57 . 2014-01-06 16:57 -------- d-----w- c:\users\gebruiker\AppData\Roaming\Avira
2014-01-06 16:51 . 2013-12-09 10:37 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-01-06 16:51 . 2013-12-09 10:37 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-01-06 16:51 . 2013-12-09 10:37 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-01-06 16:49 . 2014-01-06 16:54 -------- d-----w- c:\programdata\Avira
2014-01-06 16:49 . 2014-01-06 16:54 -------- d-----w- c:\program files (x86)\Avira
2014-01-06 13:05 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5C054734-A793-49CD-9F09-B8DFAC2876BB}\mpengine.dll
2014-01-06 13:00 . 2014-01-06 13:00 -------- d-----w- c:\windows\Migration
2014-01-06 12:52 . 2014-01-06 12:53 -------- d-----w- c:\users\gebruiker\AppData\Local\GameCenter
2013-12-12 21:05 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-12 21:05 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-12 21:05 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-12 21:05 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-12 21:05 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-12 20:18 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2014-01-10 16:29 . 2011-09-08 13:58 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-12-16 13:50 . 2011-09-12 01:51 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-11-28 14:10 . 2013-11-28 14:10 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-28 14:10 . 2013-11-28 14:10 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 14:10 . 2013-11-28 14:10 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-28 14:10 . 2013-11-28 14:10 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-28 14:10 . 2013-11-28 14:10 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-28 14:10 . 2013-11-28 14:10 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-28 14:10 . 2013-11-28 14:10 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-28 14:10 . 2013-11-28 14:10 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-28 14:10 . 2013-11-28 14:10 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-28 14:10 . 2013-11-28 14:10 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-28 14:10 . 2013-11-28 14:10 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-28 14:10 . 2013-11-28 14:10 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-28 14:10 . 2013-11-28 14:10 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-28 14:10 . 2013-11-28 14:10 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-28 14:10 . 2013-11-28 14:10 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-28 14:10 . 2013-11-28 14:10 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-28 14:10 . 2013-11-28 14:10 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-28 14:10 . 2013-11-28 14:10 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-28 14:10 . 2013-11-28 14:10 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-28 14:10 . 2013-11-28 14:10 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-28 14:10 . 2013-11-28 14:10 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-28 14:10 . 2013-11-28 14:10 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-28 14:10 . 2013-11-28 14:10 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-28 14:10 . 2013-11-28 14:10 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 14:10 . 2013-11-28 14:10 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-28 14:10 . 2013-11-28 14:10 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-28 14:10 . 2013-11-28 14:10 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-28 14:10 . 2013-11-28 14:10 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-28 14:10 . 2013-11-28 14:10 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-28 14:10 . 2013-11-28 14:10 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-28 14:10 . 2013-11-28 14:10 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-28 14:10 . 2013-11-28 14:10 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-28 14:10 . 2013-11-28 14:10 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-28 14:10 . 2013-11-28 14:10 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-28 14:10 . 2013-11-28 14:10 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-28 14:10 . 2013-11-28 14:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-28 14:10 . 2013-11-28 14:10 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-28 14:10 . 2013-11-28 14:10 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-28 14:10 . 2013-11-28 14:10 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-28 14:10 . 2013-11-28 14:10 413696 ----a-w- c:\windows\system32\html.iec
2013-11-28 14:10 . 2013-11-28 14:10 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 14:10 . 2013-11-28 14:10 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-28 14:10 . 2013-11-28 14:10 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-28 14:10 . 2013-11-28 14:10 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-28 14:10 . 2013-11-28 14:10 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-28 14:10 . 2013-11-28 14:10 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-28 14:10 . 2013-11-28 14:10 235520 ----a-w- c:\windows\system32\url.dll
2013-11-28 14:10 . 2013-11-28 14:10 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-28 14:10 . 2013-11-28 14:10 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-28 14:10 . 2013-11-28 14:10 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-28 14:10 . 2013-11-28 14:10 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-28 14:10 . 2013-11-28 14:10 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-28 14:10 . 2013-11-28 14:10 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-28 14:10 . 2013-11-28 14:10 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-28 14:10 . 2013-11-28 14:10 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-28 14:10 . 2013-11-28 14:10 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-28 14:10 . 2013-11-28 14:10 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-28 14:10 . 2013-11-28 14:10 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-28 14:10 . 2013-11-28 14:10 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-19 02:33 . 2011-09-08 14:38 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-07 00:52 . 2013-11-07 00:52 279000 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2013-11-07 00:52 . 2013-11-07 00:52 524800 ----a-w- c:\windows\system32\iglhsip64.dll
2013-11-07 00:52 . 2013-11-07 00:52 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2013-11-07 00:52 . 2013-11-07 00:52 515544 ----a-w- c:\windows\system32\igfxsrvc.exe
2013-11-07 00:52 . 2013-11-07 00:52 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2013-11-07 00:52 . 2013-11-07 00:52 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2013-11-07 00:52 . 2013-11-07 00:52 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2013-11-07 00:52 . 2013-11-07 00:52 272928 ----a-w- c:\windows\system32\igvpkrng600.bin
2013-11-07 00:52 . 2013-11-07 00:52 216064 ----a-w- c:\windows\system32\iglhcp64.dll
2013-11-07 00:52 . 2013-11-07 00:52 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2013-11-07 00:52 . 2013-11-07 00:52 171992 ----a-w- c:\windows\system32\igfxtray.exe
2013-11-07 00:52 . 2013-11-07 00:52 116224 ----a-w- c:\windows\system32\igfxCoIn_v3347.dll
2013-11-07 00:52 . 2011-07-07 06:12 64000 ----a-w- c:\windows\system32\igfxsrvc.dll
2013-11-07 00:52 . 2013-11-07 00:52 9007616 ----a-w- c:\windows\system32\igfxress.dll
2013-11-07 00:52 . 2013-11-07 00:52 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2013-11-07 00:52 . 2013-11-07 00:52 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2013-11-07 00:52 . 2013-11-07 00:52 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2013-11-07 00:52 . 2013-11-07 00:52 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2013-11-07 00:52 . 2013-11-07 00:52 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2013-11-07 00:52 . 2013-11-07 00:52 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2013-11-07 00:52 . 2013-11-07 00:52 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Spotify"="c:\users\gebruiker\AppData\Roaming\Spot ify\Spotify.exe" [2012-01-18 6818944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMen u.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu. exe" [2009-05-20 222504]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-09 684600]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\gebruiker\AppData\Roaming\Microsoft\Windo ws\Start Menu\Programs\Startup\
OneNote 2010 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-4-13 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d [2011-8-18 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R1 GLogin;GLogin; [x]
R2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc;c:\windows\SYSNATIVE\appdrvrem01.exe svc [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktI cpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\ windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\ windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\ windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys;c :\windows\SYSNATIVE\Drivers\RTSUVSTOR.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\ windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\w indows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys; c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c: \windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\ windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\ windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c: \windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpc iflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 appdrv01;Application Driver (01);c:\windows\system32\Drivers\appdrv01.sys;c:\w indows\SYSNATIVE\Drivers\appdrv01.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.s ys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe; c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\w indows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c :\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c :\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\wind ows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c: \windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-08 17:47 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Insta ller\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2014-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2014-01-08 21:12]
.
2014-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
2014-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\As usWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\As usWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-07 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-11-07 399832]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2013-11-07 442328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.be/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{878AC5FC-BE78-4bae-896C-7F75B790A71E} - c:\program files (x86)\PokerStars.BE\PokerStarsUpdate.exe
TCP: DhcpNameServer = 195.130.130.1 195.130.131.1
TCP: Interfaces\{EBCF3409-6E3D-4B8E-93BF-4F84A1E99D97}: NameServer = 0.0.0.0
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macrome d\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUt il64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macrome d\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUt il32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2014-01-10 17:42:38
ComboFix-quarantined-files.txt 2014-01-10 16:42
.
Pre-Run: 198.930.731.008 bytes beschikbaar
Post-Run: 198.523.420.672 bytes beschikbaar
.
- - End Of File - - 60CDDF0EEDC84ADA06A21D6AD8FC29B4
Discussie informatie
Users Browsing this Thread
Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)
Soortgelijke discussies
-
Windows verkenner werkt niet meer.
Door italianboy in forum WindowsReacties: 7Laatste bericht: 7 January 2012, 18:11 -
'Windows Verkenner werkt niet meer''
Door ocraM in forum WindowsReacties: 1Laatste bericht: 31 December 2007, 09:44 -
Vista ''Windows Verkenner werkt niet meer''
Door ocraM in forum WindowsReacties: 2Laatste bericht: 23 December 2007, 11:02 -
Windows XP Werkt niet meer (goed)
Door yvansoftware in forum WindowsReacties: 3Laatste bericht: 17 August 2007, 10:39
Regels voor berichten
- Copyright © 2004 - 2019, Minatica.be
-
Powered by vBulletin®, versie 4.2.2
Copyright © 2024 vBulletin Solutions, Inc. - Design door Gert Bangels
Favorieten/bladwijzers