Laptop hapert constant eventjes

Tellie 27 mei 2012, 14:00

Ik zie trouwens in "CCleaner" een optie staan, 'wis alle vrije ruimte harde schijf'. Is het misschien nuttig om dit eens uit te voeren, of heeft dit totaal geen zin en kan het zelfs schadelijk zijn?

Antwoord niet gevonden? Stel hier je vraag:

Abraham54 27 mei 2012, 14:20

Lege ruimte wissen.
Wat moet er dan gewist worden vraag ik mij af.
Ik denke dat een betere optie Windows defragmenteren is.
Maar eerst maar eens goed opschonen!
Welk programma: TFC.
Waarvoor/waarom:grondige reiniging van Windows.
Moeilijkheidsgraad: geen.
Download: [color=#0000FF:c9fe40b27c]Download TFC naar je bureaublad (klick)[/color:c9fe40b27c]
TFC opstarten:
Windows 2000 en Windows XP: dubbelklik op TFC.exe[/b.
Windows Vista en Windows 7: rechtsklik op [b]TFC.exe
en kies "Als Administrator uitvoeren".
[list:c9fe40b27c][*:c9fe40b27c] Niet schrikken - het tool sluit alle lopende programma's - ergo: verzeker je dus ervan, dat je werk al is opgeslagen!
[*:c9fe40b27c] Vervolgens klik je op de knop Start om de scan te starten. Deze scan kan kort of langer duren, wees geduldig en laat TFC zijn taak doen en wacht to TFC klaaar is.
[*:c9fe40b27c] Indien TFC klaar is, dan komt de melding dat de computer opnieuw opgestart wordt.
[*:c9fe40b27c] Gebeurt het afsluiten niet automatisch, start dan zelf de computer opnieuw op.
[*:c9fe40b27c] Noot: TFC vertoont geen log![/list:u:c9fe40b27c]
Download en installeer O&O Defrag Free: http://www.oo-software.com/en/free
Jij kan de 64-bit versie gebruiken, die is sneller.
Start na installatie O&O Defrag Free Edition, deze gratis defragmenteerder werkt efficiënter dan het Windows tool.
Standaard is "Smart defrag" al ingesteld, dit houdt in dat veel gebruikte bestanden naar voren worden geplaatst waardoor alles sneller gaat!

Tellie 20 mei 2012, 21:03

Hallo ik ben nieuw op dit forum, mijn naam is Jordy en ik ben 23 jaar oud. Ik ben hier terecht gekomen omdat ik last heb van een enorm vervelend probleem, namelijk dat mijn laptop constant even hapert. Dat doet die bijvoorbeeld al bij het intikken van deze tekst, bij het typen in een Word bestand of bij het intikken van een tekstje op Facebook, maar ook tijdens het spelen van spellen, ook bij spellen die voorheen goed gewerkt hebben.
Nou heb ik gezien dat de gebruiker 'roobin' een soortgelijk probleem heeft gehad als ik, maar ondanks dat ik enkele van de tips die ik heb gelezen tijdens het oplossen van zijn probleem heb uitgevoerd blijft mijn probleem bestaan en verbetert het ook niet.
Ik hoop dat iemand mij hier kan helpen. Heb helaas vrij weinig verstand van computers en ben dus absoluut afhankelijk van de kenners hier.

Obi-wan-kenobi 21 mei 2012, 11:38

Heb je wel eens de melding dat Explorer.exe niet reageert?

Tellie 21 mei 2012, 15:28

Nee, nooit. Ik weet niet of het er wat mee te maken heeft, maar ik maak eigenlijk nooit gebruik van Internet Explorer, maar altijd van Google Chrome.
Wat overigens ook wel makkelijk is om te weten is het model laptop dat ik heb. Het gaat hier om een Acer Aspire 5750G met een Intel Core i7-2630QM (2.0GHz, 6MB L3 cache) processor. Met een NVIDIA GeForce GT540M. Met 4 GB DDR3 Memory en 640 GB HDD.

Obi-wan-kenobi 21 mei 2012, 15:39

Explorer.exe (Windows generiek) niet verwarren met IExplore.exe (Internet Explorer). Maar blijkbaar is dat het probleem niet.
Welke beveiligingssoftware gebruik je?

Tellie 21 mei 2012, 15:48

Uhm.., 'Avast!', 'Hitman Pro' en 'Malwarebytes' heb ik erop staan. Deze heb ik er gisteren allemaal overheen gegooid en de enkele fouten/virussen die Hitman Pro vond heb ik verwijderd.

Tellie 21 mei 2012, 16:30

Het bekijken van filmpjes in Full HD gaat overigens ook niet meer zo soepel als voorheen. Voorheen was het geen enkel probleem, nu moet ik vaak genoeg de kwaliteit verlagen om vlekkeloos te kunnen streamen..

Abraham54 21 mei 2012, 20:10

Deïnstalleer weer HitmanPro.
En doe nu het volgende eerst:
Welk programma: sUbs dds
Waarvoor/waarom: DDS is een diagnosetool en maakt gebruik van scripts.
Moeilijkheidsgraad: Lees eerst goed wat te doen.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen!
Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:
DDS - Bleeping Computer download.
DDS - Bleeping Computer download.
DDS - Infospyware.



sUBs dds. gebruiken:
[list:5dc0776652][*:5dc0776652][color=#0000FF:5dc0776652]Sluit vervolgens eerst alle nog openstaande programmavensters![/color:5dc0776652]
[*:5dc0776652] [color=#008000:5dc0776652]Deaktiveer vervolgens de actieve beveiligingssoftware[/color:5dc0776652]
[list:5dc0776652][*:5dc0776652][color=#0000FF:5dc0776652]Windows 2000[/color:5dc0776652] en [color=#0000FF:5dc0776652]Windows XP[/color:5dc0776652]: start sUBs dds. middels dubbelklik op de snelkoppeling.
[*:5dc0776652][color=#0000FF:5dc0776652]Windows Vista[/color:5dc0776652] en [color=#0000FF:5dc0776652]Windows 7[/color:5dc0776652]: start sUBs dds. rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:5dc0776652][/list:u:5dc0776652]
Na de scan
[list:5dc0776652][*:5dc0776652] [color=#FF0000:5dc0776652]Heraktiveer nu de actieve beveiligingssoftware[/color:5dc0776652]
[*:5dc0776652]Er worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt - let even op het volgende!
[*:5dc0776652]Kopieer en plak de gehele inhoud van de DDS-logfile in jouw volgende bericht.
[*:5dc0776652]De inhoud van Attach.txt post je wanneer ik daarom vraag.[/list:u:5dc0776652]

Tellie 22 mei 2012, 12:34

Hallo Abraham54, bedankt voor uw hulp in ieder geval. Hierbij het gevraagde bestand:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514
Run by Jordy at 12:30:26 on 2012-05-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3948.2656 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uDefault_Page_URL = hxxp://acer.msn.com
uSearch Page = hxxp://nl.woofi.info
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://nl.woofi.info
mSearch Page = hxxp://nl.woofi.info
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Chatvibes Browser Helper: {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Chatvibes Browser Helper Verifier: {963b125b-8b21-49a2-a3a8-e37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {51FCF544-34E1-47E6-B661-FBC5280C2E74} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
uRun: [Google Update] "C:\Users\Jordy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Spotify Web Helper] "C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [MDS_Menu] "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1"
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxps://webmail.saxion.nl/dwa85W.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
TCP: Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA} : DhcpNameServer = 213.46.228.196 62.179.104.196
TCP: Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}\4556C65623D2D6F64656D6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}\64F4E4F564255454F594E4455425E45445 : DhcpNameServer = 192.168.182.1 192.168.182.1
TCP: Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}\7516E61646F6F6F566534613 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}\B6F6C6B6D616E6 : DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}\C496371662A41637D696E6 : DhcpNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
{00cbb66b-1d3b-46d3-9577-323a336acb50}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{2EECD738-5844-4a99-B4B6-146BF802613B}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{963B125B-8B21-49A2-A3A8-E37092276531}
{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
{98889811-442D-49dd-99D7-DC866BE87DBC}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
TB-X64: {51FCF544-34E1-47E6-B661-FBC5280C2E74} - No File
TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [MDS_Menu] "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1"
mRun-x64: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-5-20 44768]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-12-10 311376]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-12-6 868224]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-6 13336]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2012-2-23 103440]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-12-29 1993320]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-8-12 87040]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-29 2655768]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-12-6 243232]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\system32\DRIVERS\b57xdbd.sys --> C:\Windows\system32\DRIVERS\b57xdbd.sys [?]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\system32\DRIVERS\b57xdmp.sys --> C:\Windows\system32\DRIVERS\b57xdmp.sys [?]
R3 bScsiMSa;bScsiMSa;C:\Windows\system32\DRIVERS\bScsiMSa.sys --> C:\Windows\system32\DRIVERS\bScsiMSa.sys [?]
R3 bScsiSDa;bScsiSDa;C:\Windows\system32\DRIVERS\bScsiSDa.sys --> C:\Windows\system32\DRIVERS\bScsiSDa.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 cphs;Intel(R) Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-9-28 172912]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-8 150016]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S3 WSDScan;Ondersteuning voor WSD-scan via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys --> C:\Windows\system32\DRIVERS\WSDScan.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-05-20 16:29:42 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-05-20 16:29:42 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-05-20 16:29:42 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-05-20 16:29:25 41184 ----a-w- C:\Windows\avastSS.scr
2012-05-20 16:29:15 -------- d-----w- C:\ProgramData\AVAST Software
2012-05-20 16:29:15 -------- d-----w- C:\Program Files\AVAST Software
2012-05-20 16:22:25 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2012-05-20 15:53:09 -------- d-----w- C:\Users\Jordy\AppData\Roaming\Malwarebytes
2012-05-20 15:53:04 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-20 15:52:57 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-20 15:52:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-20 12:07:25 -------- d-----w- C:\Windows\pss
2012-05-20 11:25:51 8802128 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-05-20 11:25:36 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{67DE3638-979D-4CC5-8198-EA94F2CB9A56}\mpengine.dll
2012-05-20 10:51:14 121344 ----a-w- C:\Windows\System32\IntelOpenCL64.dll
2012-05-20 10:51:09 86528 ----a-w- C:\Windows\SysWow64\IntelOpenCL32.dll
2012-05-20 10:01:21 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2012-05-20 09:53:57 -------- d-----w- C:\ProgramData\HitmanPro
2012-05-20 09:16:00 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-05-20 09:16:00 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
.
==================== Find3M ====================
.
2012-03-31 06:05:57 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-31 04:39:37 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39:37 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10:03 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-19 21:44:20 5888792 ----a-w- C:\Windows\System32\GfxUI.exe
2012-03-19 21:44:20 509720 ----a-w- C:\Windows\System32\igfxsrvc.exe
2012-03-19 21:44:20 439064 ----a-w- C:\Windows\System32\igfxpers.exe
2012-03-19 21:44:20 398616 ----a-w- C:\Windows\System32\hkcmd.exe
2012-03-19 21:44:20 276248 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe
2012-03-19 21:44:20 250136 ----a-w- C:\Windows\System32\igfxext.exe
2012-03-19 21:44:20 184600 ----a-w- C:\Windows\System32\difx64.exe
2012-03-19 21:44:20 170264 ----a-w- C:\Windows\System32\igfxtray.exe
2012-03-19 21:42:08 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2696.dll
2012-03-19 21:32:04 14745600 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
2012-03-19 21:31:56 8087040 ----a-w- C:\Windows\System32\igdumd64.dll
2012-03-19 21:31:16 963912 ----a-w- C:\Windows\SysWow64\igkrng600.bin
2012-03-19 21:31:16 963912 ----a-w- C:\Windows\System32\igkrng600.bin
2012-03-19 21:31:16 261208 ----a-w- C:\Windows\SysWow64\igfcg600m.bin
2012-03-19 21:31:16 261208 ----a-w- C:\Windows\System32\igfcg600m.bin
2012-03-19 21:31:14 79360 ----a-w- C:\Windows\System32\igdde64.dll
2012-03-19 21:26:56 6120960 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2012-03-19 21:25:58 58880 ----a-w- C:\Windows\SysWow64\igdde32.dll
2012-03-19 21:22:10 9605632 ----a-w- C:\Windows\System32\igd10umd64.dll
2012-03-19 21:11:38 7795200 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2012-03-19 20:31:14 18137088 ----a-w- C:\Windows\System32\ig4icd64.dll
2012-03-19 20:21:14 13212672 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2012-03-19 20:17:56 28672 ----a-w- C:\Windows\System32\igfxexps.dll
2012-03-19 20:17:46 63488 ----a-w- C:\Windows\System32\igfxsrvc.dll
2012-03-19 20:17:22 110592 ----a-w- C:\Windows\System32\hccutils.dll
2012-03-19 20:17:14 9216 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2012-03-19 20:17:14 434688 ----a-w- C:\Windows\System32\igfxdev.dll
2012-03-19 20:17:14 172032 ----a-w- C:\Windows\System32\gfxSrvc.dll
2012-03-19 20:16:40 286208 ----a-w- C:\Windows\System32\igfxrenu.lrc
2012-03-19 20:16:38 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2012-03-19 20:16:36 9007616 ----a-w- C:\Windows\System32\igfxress.dll
2012-03-19 20:12:06 25088 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2012-03-19 20:11:22 325120 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2012-03-19 20:09:08 524800 ----a-w- C:\Windows\System32\iglhsip64.dll
2012-03-19 20:09:08 519680 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
2012-03-19 20:09:08 2967040 ----a-w- C:\Windows\System32\igfxcmjit64.dll
2012-03-19 20:09:08 237056 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll
2012-03-19 20:09:08 2321408 ----a-w- C:\Windows\SysWow64\igfxcmjit32.dll
2012-03-19 20:09:08 213504 ----a-w- C:\Windows\System32\iglhcp64.dll
2012-03-19 20:09:08 193024 ----a-w- C:\Windows\System32\igfxcmrt64.dll
2012-03-19 20:09:08 177152 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
2012-03-17 07:58:57 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-03-11 00:17:18 20992 ----a-w- C:\Windows\System32\OpenCL.dll
2012-03-11 00:09:46 17920 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-03-03 06:35:38 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-03 05:31:19 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-02-28 12:44:19 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-02-28 06:39:37 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 05:38:52 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 04:31:38 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 03:52:27 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 12:32:01,54 ===============

Abraham54 22 mei 2012, 13:55

Hallo Jordy,
navigeer nu eerst naar C:\Program Files (x86)
en verwijder daa de volgende mappen:
BrowserCompanion
en
BabylonToolbar\BabylonToolbar
Leeg aansluitend de prullnbak en start daarna je PC opnieuw op.
Doe daarna het volgende:
Welk programma: [color=#008000:740b8460c1]Emsisoft Emergency Kit 1.0[/color:740b8460c1]
Waarvoor/waarom: Detecteert en verwijdert malware
Moeilijkheidsgraad: geen.
Download: [color=#FF0000:740b8460c1]Emsisoft Emergency Kit[/color:740b8460c1]
Opmerkingen:[list:740b8460c1][*:740b8460c1]de download is gecomprimeerd, pak EmsisoftEmergencyKit.zip uit en plaats de nieuwe map op het bureaublad.
[*:740b8460c1]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:740b8460c1]
Emsisoft Emergency Kit opstarten door de map "EmsisoftEmergencyKit" te openen
[list:740b8460c1][list:740b8460c1][*:740b8460c1][color=#0000FF:740b8460c1]Windows 2000[/color:740b8460c1] en [color=#0000FF:740b8460c1]Windows XP[/color:740b8460c1]: dubbelklik op "Start.exe".
[*:740b8460c1][color=#0000FF:740b8460c1]Windows Vista[/color:740b8460c1] en [color=#0000FF:740b8460c1]Windows 7[/color:740b8460c1]: via rechtsklik op "Start.exe" en kies voor "Als Administrator uitvoeren".[/list:u:740b8460c1][/list:u:740b8460c1]
Scannen:
[list:740b8460c1][*:740b8460c1] Klik nu in het keuzescherm op "Emergency Kit Scanner" en aansluitend komt dan de melding,
dat het is aanbevolen om eerst te updaten.

[*:740b8460c1]Doe dit dan ook door te klikken op "Ja"
[*:740b8460c1]Wanneer het updaten gereed is volgt de melding "Update proces is succesvol afgerond"
[*:740b8460c1]Klik nu op"Menu" en dan op "Scan PC"
[*:740b8460c1] Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
[*:740b8460c1] Klik aansluitend op de knop "Scan"
[list:740b8460c1][*:740b8460c1]Wees geduldig en doe verder niets met de computer gedurende de scan,
daar de scan geruime tijd kan duren.[/list:u:740b8460c1]
[*:740b8460c1] Het venster met de waarschuwing over een verhoogd risico kan gesloten worden, wanneer de scan gereed is.
[*:740b8460c1] Zorg ervoor dat alle gevonden items zijn aangevinkt en klik dan op de knop "Verwijder geselecteerde" - dan zal de volgende melding komen:

[*:740b8460c1]Klik aansluitend dus op "Ja"
[*:740b8460c1] Wanneer het verwijderen klaar is, klik dan op de knop "View report" en selecteer het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
[*:740b8460c1] Plaats de inhoud van dat LOG bestand straks in het nieuwe bericht.[/list:u:740b8460c1]
[color=#008000:740b8460c1]Notabene:[/color:740b8460c1] Herstart nu de computer.

Tellie 22 mei 2012, 14:47

De map browsercompanion kan ik niet verwijderen omdat het mapje BCHelper nog actief is.
Ik zal de volgende stappen vast uit gaan voeren.

Tellie 22 mei 2012, 18:16

De scan duurde even.., maar hier de resultaten:
Emsisoft Emergency Kit - Versie 1.0
Laatste Update: 5/22/2012 3:25:44 PM
Scaninstellingen:
Scantype: Diepe Scan
Objecten: Geheugen, Sporen, Cookies, C:\, Q:\
Scan archieven: Aan
Heuristieken: Uit
ADS Scan: Aan
Scan gestart: 5/22/2012 3:27:00 PM
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com\Installer --> id Ontdekt: Trace.Registry.EZ Game Cheats!A2
Key: HKEY_LOCAL_MACHINE\software\Freeze.com\ Ontdekt: Trace.Registry.Freeze!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F} Ontdekt: Trace.Registry.StylishProfile!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\tdataprotocol.DLL Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\updatebho.DLL Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\wit4ie.DLL Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C} Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511} Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\InprocServer32 Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\ProgID Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\TypeLib Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\VersionIndependentProgID Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\InprocServer32 Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\ProgID Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\Programmable Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\TypeLib Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\VersionIndependentProgID Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}\ProxyStubClsid32 Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}\TypeLib Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData\CLSID Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData\CurVer Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData.1 Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData.1\CLSID Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0 Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\0 Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\0\win32 Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\FLAGS Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\HELPDIR Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0 Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\0 Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\0\win32 Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\FLAGS Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\HELPDIR Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO\CLSID Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO\CurVer Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO.1 Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO.1\CLSID Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO\CLSID Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO\CurVer Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO.2 Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO.2\CLSID Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}\iexplore Ontdekt: Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\WhiteSmoke Ontdekt: Trace.Registry.WhiteSmoke!A2
Key: HKEY_CURRENT_USER\software\WhiteSmoke Ontdekt: Trace.Registry.WhiteSmoke!A2
Gescand
Bestanden: 240811
Sporen: 447427
Cookies: 56
Processen: 84
Gevonden
Bestanden: 0
Sporen: 53
Cookies: 0
Processen: 0
Registersleutels: 0
Scan Geëindigd: 5/22/2012 6:04:56 PM
Scantijd: 2:37:56
Key: HKEY_LOCAL_MACHINE\software\WhiteSmoke Verwijderd Trace.Registry.WhiteSmoke!A2
Key: HKEY_CURRENT_USER\software\WhiteSmoke Verwijderd Trace.Registry.WhiteSmoke!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\tdataprotocol.DLL Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\updatebho.DLL Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\wit4ie.DLL Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C} Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511} Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\InprocServer32 Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\ProgID Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\TypeLib Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}\VersionIndependentProgID Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\InprocServer32 Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\ProgID Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\Programmable Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\TypeLib Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\VersionIndependentProgID Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}\ProxyStubClsid32 Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}\TypeLib Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData\CLSID Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData\CurVer Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData.1 Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\tdataprotocol.CTData.1\CLSID Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0 Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\0 Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\0\win32 Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\FLAGS Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}\1.0\HELPDIR Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0 Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\0 Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\0\win32 Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\FLAGS Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}\1.0\HELPDIR Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO\CLSID Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO\CurVer Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO.1 Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\updatebho.TimerBHO.1\CLSID Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO\CLSID Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO\CurVer Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO.2 Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\wit4ie.WitBHO.2\CLSID Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}\iexplore Verwijderd Trace.Registry.GetStyles!A2
Key: HKEY_LOCAL_MACHINE\software\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F} Verwijderd Trace.Registry.StylishProfile!A2
Key: HKEY_LOCAL_MACHINE\software\Freeze.com\ Verwijderd Trace.Registry.Freeze!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Freeze.com\Installer --> id Verwijderd Trace.Registry.EZ Game Cheats!A2
Verwijderd
Bestanden: 0
Sporen: 53
Cookies: 0

Tellie 22 mei 2012, 18:50

Heb het overigens ook voor elkaar gekregen om het mapje BrowserCompanion te verwijderen.

Abraham54 22 mei 2012, 23:14

Goed zo.
We gaan dieper kijken.
Welk programma: [color=#008000:c130081936]TDSSStarter.exe[/color:c130081936]
Waarvoor/waarom: Rootkitscanner
Moeilijkheidsgraad: geen
Download TDSSStarter naar het bureaublad.
"TDSSSStarter.exe" gebruiken:
[list:c130081936][*:c130081936] [color=#0000FF:c130081936]Sluit nu eerst alle nog openstaande programmavensters![/color:c130081936]
[list:c130081936][*:c130081936][color=#0000FF:c130081936]Windows 2000[/color:c130081936] en [color=#0000FF:c130081936]Windows XP[/color:c130081936]: start het tool middels dubbelklik op " TDSSStarter .exe".
[*:c130081936][color=#0000FF:c130081936]Windows Vista[/color:c130081936] en [color=#0000FF:c130081936]Windows 7[/color:c130081936]: start het tool middels rechtsklik op "TDSSStarter.exe" en dan kiezen voor Als Administrator uitvoeren.[/list:u:c130081936]
[*:c130081936]Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten.
[*:c130081936]Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.[/list:u:c130081936]

Tellie 23 mei 2012, 08:06

Hier het rapport:
08:03:23.0815 3536 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
08:03:23.0815 3536 ============================================================
08:03:23.0815 3536 Current date / time: 2012/05/23 08:03:23.0815
08:03:23.0815 3536 SystemInfo:
08:03:23.0815 3536
08:03:23.0815 3536 OS Version: 6.1.7601 ServicePack: 1.0
08:03:23.0815 3536 Product type: Workstation
08:03:23.0815 3536 ComputerName: JORDY-PC
08:03:23.0815 3536 UserName: Jordy
08:03:23.0815 3536 Windows directory: C:\Windows
08:03:23.0815 3536 System windows directory: C:\Windows
08:03:23.0815 3536 Running under WOW64
08:03:23.0815 3536 Processor architecture: Intel x64
08:03:23.0815 3536 Number of processors: 8
08:03:23.0815 3536 Page size: 0x1000
08:03:23.0815 3536 Boot type: Normal boot
08:03:23.0815 3536 ============================================================
08:03:24.0314 3536 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:03:24.0314 3536 ============================================================
08:03:24.0314 3536 \Device\Harddisk0\DR0:
08:03:24.0314 3536 MBR partitions:
08:03:24.0314 3536 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
08:03:24.0314 3536 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x48A25000
08:03:24.0314 3536 ============================================================
08:03:24.0346 3536 C: <-> \Device\Harddisk0\DR0\Partition1
08:03:24.0346 3536 ============================================================
08:03:24.0346 3536 Initialize success
08:03:24.0346 3536 ============================================================
08:03:24.0377 3744 ============================================================
08:03:24.0377 3744 Scan started
08:03:24.0377 3744 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
08:03:24.0377 3744 ============================================================
08:03:25.0703 3744 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:03:25.0859 3744 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:03:25.0937 3744 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:03:26.0046 3744 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
08:03:26.0108 3744 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
08:03:26.0140 3744 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
08:03:26.0218 3744 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
08:03:26.0405 3744 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
08:03:26.0530 3744 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:03:26.0608 3744 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
08:03:26.0701 3744 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:03:26.0764 3744 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:03:26.0842 3744 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
08:03:26.0966 3744 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
08:03:27.0091 3744 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:03:27.0200 3744 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
08:03:27.0263 3744 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:03:27.0325 3744 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:03:27.0466 3744 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
08:03:27.0622 3744 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
08:03:27.0762 3744 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
08:03:27.0793 3744 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
08:03:27.0902 3744 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
08:03:28.0136 3744 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
08:03:28.0199 3744 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
08:03:28.0292 3744 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
08:03:28.0386 3744 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
08:03:28.0464 3744 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
08:03:28.0495 3744 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:03:28.0589 3744 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:03:28.0823 3744 athr (c8679a07267f030704168e45e27c3d43) C:\Windows\system32\DRIVERS\athrx.sys
08:03:29.0150 3744 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:03:29.0322 3744 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:03:29.0494 3744 avast\Program Files\AVAST Software\Avast\AvastSvc.exe
08:03:29.0572 3744 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
08:03:29.0868 3744 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
08:03:29.0962 3744 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:03:30.0086 3744 b57xdbd (2618e15514736fb469b105ce729b6d9d) C:\Windows\system32\DRIVERS\b57xdbd.sys
08:03:30.0133 3744 b57xdmp (baba4f0e2978b69b4e0b260ef7150dd6) C:\Windows\system32\DRIVERS\b57xdmp.sys
08:03:30.0227 3744 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
08:03:30.0320 3744 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:03:30.0539 3744 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
08:03:30.0726 3744 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
08:03:30.0944 3744 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
08:03:31.0054 3744 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:03:31.0132 3744 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:03:31.0225 3744 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:03:31.0334 3744 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
08:03:31.0553 3744 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
08:03:31.0646 3744 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:03:31.0724 3744 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:03:31.0818 3744 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
08:03:31.0912 3744 bScsiMSa (ff7aa31bffdc6c6870f64eaf8defe930) C:\Windows\system32\DRIVERS\bScsiMSa.sys
08:03:31.0958 3744 bScsiSDa (e6cc56662f6c6b787a1fbea4cd247ae0) C:\Windows\system32\DRIVERS\bScsiSDa.sys
08:03:32.0005 3744 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
08:03:32.0099 3744 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
08:03:32.0270 3744 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:03:32.0442 3744 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
08:03:32.0536 3744 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:03:32.0676 3744 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
08:03:32.0801 3744 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:03:32.0941 3744 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:03:33.0035 3744 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:03:33.0160 3744 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:03:33.0269 3744 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:03:33.0331 3744 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
08:03:33.0425 3744 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:03:33.0518 3744 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
08:03:33.0643 3744 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
08:03:33.0737 3744 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:03:33.0955 3744 cphs (f08c6020e57f5e5bf2fd034db10bedfb) C:\Windows\SysWow64\IntelCpHeciSvc.exe
08:03:34.0049 3744 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
08:03:34.0142 3744 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
08:03:34.0517 3744 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
08:03:34.0657 3744 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:03:34.0829 3744 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
08:03:35.0000 3744 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:03:35.0156 3744 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
08:03:35.0328 3744 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:03:35.0453 3744 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
08:03:35.0531 3744 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
08:03:35.0640 3744 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
08:03:35.0890 3744 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
08:03:36.0046 3744 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:03:36.0233 3744 DsiWMIService (470f7f19188ab45463f8b612d6dde7c8) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
08:03:36.0436 3744 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:03:36.0576 3744 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
08:03:37.0606 3744 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
08:03:38.0027 3744 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
08:03:38.0230 3744 EgisTec Ticket Service (03e6888da1a85acf14ac2a3c328a9e62) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
08:03:38.0386 3744 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
08:03:38.0526 3744 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
08:03:38.0698 3744 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
08:03:38.0869 3744 ePowerSvc (5da1e8b9c5d896ac86189b62fecb23f6) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
08:03:39.0212 3744 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:03:39.0337 3744 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
08:03:39.0509 3744 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:03:39.0634 3744 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:03:39.0852 3744 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
08:03:39.0977 3744 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
08:03:40.0055 3744 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
08:03:40.0180 3744 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
08:03:40.0273 3744 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:03:40.0304 3744 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:03:40.0585 3744 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:03:40.0679 3744 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
08:03:40.0788 3744 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:03:40.0991 3744 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
08:03:41.0225 3744 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:03:41.0412 3744 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:03:41.0506 3744 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
08:03:41.0615 3744 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:03:41.0708 3744 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:03:41.0896 3744 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
08:03:42.0098 3744 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
08:03:42.0161 3744 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:03:42.0270 3744 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
08:03:42.0379 3744 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
08:03:42.0457 3744 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
08:03:42.0520 3744 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
08:03:42.0613 3744 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
08:03:42.0707 3744 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
08:03:42.0863 3744 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
08:03:42.0941 3744 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
08:03:43.0144 3744 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
08:03:43.0346 3744 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
08:03:43.0627 3744 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:03:43.0705 3744 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
08:03:43.0830 3744 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
08:03:43.0955 3744 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:03:44.0111 3744 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:03:44.0204 3744 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:03:44.0329 3744 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
08:03:44.0532 3744 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
08:03:44.0657 3744 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:03:44.0922 3744 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:03:47.0558 3744 igfx (371d7f91c0d2314eb984a4a6cbeabc92) C:\Windows\system32\DRIVERS\igdkmd64.sys
08:03:48.0276 3744 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
08:03:48.0557 3744 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
08:03:49.0228 3744 IntcAzAudAddService (f4c031439501f6c1d336a36d7cb58f4f) C:\Windows\system32\drivers\RTKVHD64.sys
08:03:49.0774 3744 IntcDAud (6c9fffeca9fed31347d211c5d1ffbd2d) C:\Windows\system32\DRIVERS\IntcDAud.sys
08:03:49.0930 3744 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:03:50.0008 3744 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:03:50.0117 3744 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
08:03:50.0242 3744 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:03:50.0398 3744 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
08:03:50.0569 3744 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:03:50.0678 3744 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:03:50.0850 3744 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:03:50.0975 3744 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:03:51.0068 3744 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:03:51.0209 3744 k57nd60a (81458a917f8cc7a5171759218d64fa3a) C:\Windows\system32\DRIVERS\k57nd60a.sys
08:03:51.0318 3744 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
08:03:51.0380 3744 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
08:03:51.0505 3744 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:03:51.0568 3744 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
08:03:51.0630 3744 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
08:03:51.0708 3744 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:03:51.0848 3744 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
08:03:52.0067 3744 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
08:03:52.0223 3744 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
08:03:52.0379 3744 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:03:52.0597 3744 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
08:03:52.0972 3744 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
08:03:53.0237 3744 LMS (926eba26a8b49d1597751ced06b50862) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:03:53.0393 3744 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:03:53.0471 3744 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:03:53.0533 3744 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:03:53.0580 3744 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:03:53.0658 3744 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:03:53.0830 3744 McAfee SiteAdvisor Service (be8c524313db75fa26fb2b0c0aaff88e) c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
08:03:53.0892 3744 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
08:03:53.0986 3744 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
08:03:54.0095 3744 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
08:03:54.0220 3744 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
08:03:54.0376 3744 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:03:54.0485 3744 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:03:54.0594 3744 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:03:54.0703 3744 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
08:03:54.0781 3744 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:03:54.0906 3744 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:03:55.0000 3744 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:03:55.0062 3744 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:03:55.0312 3744 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
08:03:55.0530 3744 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:03:55.0624 3744 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:03:55.0733 3744 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:03:55.0842 3744 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:03:55.0920 3744 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:03:56.0060 3744 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:03:56.0248 3744 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
08:04:34.0265 3744 MSDTC ( UnsignedFile.Multi.Generic ) - warning
08:04:34.0265 3744 MSDTC - detected UnsignedFile.Multi.Generic (1)
08:04:34.0358 3744 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:04:34.0483 3744 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:04:34.0608 3744 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:04:34.0639 3744 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
08:04:34.0764 3744 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:04:34.0873 3744 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:04:34.0998 3744 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:04:35.0185 3744 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:04:35.0248 3744 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:04:35.0326 3744 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:04:35.0450 3744 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
08:04:35.0466 3744 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:04:35.0497 3744 mwlPSDFilter (9b1eac6faf6f37305e822f5588dc8056) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
08:04:35.0528 3744 mwlPSDNServ (ad55c1524b296280ed9c6e0d730d35da) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
08:04:35.0560 3744 mwlPSDVDisk (2b599e6ec8843637bdd62e7f8f3ba201) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
08:04:35.0638 3744 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
08:04:35.0794 3744 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:04:36.0028 3744 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:04:36.0137 3744 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:04:36.0262 3744 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:04:36.0371 3744 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:04:36.0496 3744 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:04:36.0652 3744 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:04:36.0776 3744 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:04:36.0932 3744 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:04:37.0057 3744 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:04:37.0166 3744 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
08:04:37.0338 3744 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
08:04:37.0525 3744 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:04:37.0619 3744 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
08:04:37.0712 3744 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
08:04:37.0868 3744 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:04:38.0024 3744 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
08:04:38.0165 3744 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:04:38.0570 3744 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:04:38.0867 3744 NTI IScheduleSvc (8f59a2506af43f96f5397b3c79938ae9) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
08:04:39.0101 3744 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
08:04:39.0148 3744 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:04:39.0272 3744 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
08:04:39.0366 3744 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
08:04:41.0597 3744 nvlddmkm (62d394e6991837b53e105da141b4c273) C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:04:42.0299 3744 nvpciflt (812ca89b7bb1ef99ab521064d51b5481) C:\Windows\system32\DRIVERS\nvpciflt.sys
08:04:42.0377 3744 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:04:42.0517 3744 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:04:42.0720 3744 NVSvc (69af9c14c0c4d7637a0bd556b156ea59) C:\Windows\system32\nvvsvc.exe
08:04:43.0328 3744 nvUpdatusService (8be807a9d14f10a411d12e6af1561180) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
08:04:43.0812 3744 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:04:47.0837 3744 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:04:48.0009 3744 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:04:48.0414 3744 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:04:48.0695 3744 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:04:48.0820 3744 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
08:04:48.0929 3744 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
08:04:48.0991 3744 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
08:04:49.0147 3744 PassThru Service (68139940b5ac84affb7eb1b713be66e7) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
08:04:49.0147 3744 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
08:04:49.0163 3744 PassThru Service - detected UnsignedFile.Multi.Generic (1)
08:04:49.0194 3744 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
08:04:49.0303 3744 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:04:49.0366 3744 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:04:49.0444 3744 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
08:04:49.0491 3744 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:04:49.0569 3744 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:04:49.0771 3744 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
08:04:49.0959 3744 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
08:04:50.0161 3744 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
08:04:50.0255 3744 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
08:04:50.0333 3744 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:04:50.0427 3744 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
08:04:50.0551 3744 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
08:04:50.0723 3744 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:04:50.0848 3744 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
08:04:50.0957 3744 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
08:04:51.0066 3744 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:04:51.0129 3744 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:04:51.0300 3744 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
08:04:51.0519 3744 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
08:04:51.0597 3744 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
08:04:51.0659 3744 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:04:51.0737 3744 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:04:51.0862 3744 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:04:51.0955 3744 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
08:04:52.0080 3744 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:04:52.0221 3744 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
08:04:52.0345 3744 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:04:52.0455 3744 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:04:52.0579 3744 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:04:52.0735 3744 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
08:04:52.0813 3744 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:04:52.0923 3744 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:04:52.0985 3744 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:04:53.0063 3744 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
08:04:53.0172 3744 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:04:53.0235 3744 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
08:04:53.0375 3744 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
08:04:53.0500 3744 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
08:04:53.0593 3744 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
08:04:53.0703 3744 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:04:53.0812 3744 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:04:53.0874 3744 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:04:53.0921 3744 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:04:53.0983 3744 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
08:04:54.0108 3744 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:04:54.0295 3744 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
08:04:54.0436 3744 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:04:54.0545 3744 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
08:04:54.0623 3744 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
08:04:54.0685 3744 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:04:54.0795 3744 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
08:04:54.0919 3744 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
08:04:55.0029 3744 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
08:04:55.0091 3744 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
08:04:55.0169 3744 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
08:04:55.0263 3744 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
08:04:55.0372 3744 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
08:04:55.0497 3744 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:04:55.0559 3744 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:04:55.0653 3744 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:04:55.0731 3744 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
08:04:55.0871 3744 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
08:04:56.0027 3744 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
08:04:56.0105 3744 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
08:04:56.0136 3744 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
08:04:56.0183 3744 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
08:04:56.0245 3744 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
08:04:56.0339 3744 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
08:04:56.0479 3744 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
08:04:56.0589 3744 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:04:56.0651 3744 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
08:04:56.0698 3744 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:04:56.0823 3744 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
08:04:56.0901 3744 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:04:56.0994 3744 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
08:04:57.0244 3744 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
08:04:57.0462 3744 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
08:04:57.0634 3744 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:04:57.0743 3744 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:04:57.0899 3744 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:04:57.0993 3744 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
08:04:58.0133 3744 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
08:04:58.0305 3744 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
08:04:58.0429 3744 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
08:04:58.0523 3744 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:04:58.0632 3744 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
08:04:58.0851 3744 SynTP (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
08:04:59.0085 3744 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
08:04:59.0287 3744 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
08:04:59.0381 3744 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
08:04:59.0490 3744 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
08:04:59.0740 3744 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
08:05:00.0114 3744 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
08:05:00.0317 3744 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:05:00.0442 3744 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:05:00.0489 3744 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
08:05:00.0551 3744 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:05:00.0645 3744 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:05:00.0723 3744 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
08:05:00.0832 3744 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
08:05:00.0910 3744 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:05:01.0019 3744 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
08:05:01.0144 3744 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
08:05:01.0269 3744 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:05:01.0347 3744 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:05:01.0456 3744 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:05:01.0612 3744 TurboB (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys
08:05:01.0690 3744 TurboBoost (759f59e3ea3802ff23f93dcdb6fe9171) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
08:05:01.0752 3744 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
08:05:01.0815 3744 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
08:05:01.0877 3744 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:05:01.0986 3744 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
08:05:02.0064 3744 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:05:02.0127 3744 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
08:05:02.0205 3744 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
08:05:02.0532 3744 UNS (fdf92ec84fecee834fb10a2a0a19bcda) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:05:02.0673 3744 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
08:05:02.0813 3744 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
08:05:03.0000 3744 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:05:03.0078 3744 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:05:03.0156 3744 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
08:05:03.0265 3744 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:05:03.0359 3744 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
08:05:03.0609 3744 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:05:03.0687 3744 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:05:03.0765 3744 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
08:05:03.0874 3744 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
08:05:03.0952 3744 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
08:05:04.0077 3744 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:05:04.0155 3744 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:05:04.0248 3744 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
08:05:04.0389 3744 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:05:04.0435 3744 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:05:04.0545 3744 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:05:04.0623 3744 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:05:04.0685 3744 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:05:04.0779 3744 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:05:04.0888 3744 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:05:04.0966 3744 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:05:05.0169 3744 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
08:05:05.0403 3744 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
08:05:05.0481 3744 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
08:05:05.0590 3744 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
08:05:05.0699 3744 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:05:05.0793 3744 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:05:05.0902 3744 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:05:06.0089 3744 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
08:05:06.0261 3744 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
08:05:06.0448 3744 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
08:05:06.0573 3744 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
08:05:06.0666 3744 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
08:05:06.0775 3744 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:05:06.0869 3744 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:05:06.0931 3744 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:05:06.0994 3744 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:05:07.0087 3744 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
08:05:07.0197 3744 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
08:05:09.0505 3744 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
08:05:09.0630 3744 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
08:05:09.0755 3744 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:05:09.0864 3744 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:05:09.0989 3744 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
08:05:10.0176 3744 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
08:05:10.0457 3744 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
08:05:10.0629 3744 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:05:10.0816 3744 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:05:11.0034 3744 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:05:11.0159 3744 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
08:05:11.0315 3744 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
08:05:11.0393 3744 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
08:05:11.0471 3744 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:05:11.0596 3744 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
08:05:11.0689 3744 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
08:05:11.0767 3744 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
08:05:11.0939 3744 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
08:05:12.0173 3744 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:05:12.0298 3744 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:05:12.0423 3744 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
08:05:12.0547 3744 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
08:05:12.0657 3744 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:05:13.0109 3744 Boot (0x1200) (bdc92e9f05932336b6a097497de84725) \Device\Harddisk0\DR0\Partition0
08:05:13.0125 3744 Boot (0x1200) (864752e34d5630300ebba2dd6ccb9efb) \Device\Harddisk0\DR0\Partition1
08:05:13.0125 3744 ============================================================
08:05:13.0125 3744 Scan finished
08:05:13.0125 3744 ============================================================
08:05:13.0671 5416 Deinitialize success
.
==============================================
System Restore Point Check:
.
TDSSKiller Starter Restore Point Created Succesfully
==============================================
Registry Export
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
==============================================
EOF

Tellie 23 mei 2012, 08:27

Mijn volgende reactie zal pas na 18:00 uur zijn, i.v.m. werk.

Abraham54 23 mei 2012, 09:05

Prima hoor.

Tellie 23 mei 2012, 12:30

Het probleem is trouwens nog niet verholpen, hoewel ik het idee heb dat hij wel wat sneller is geworden, blijft hij toch nog geregeld hangen..

Abraham54 23 mei 2012, 12:46

Graag alsnog het log van ComboFix posten.
Want anders wordt het lastig jou verder te helpen.

Tellie 23 mei 2012, 13:20

Ik heb nog geen 'combofix' uitgevoerd toch? of is dat, dat bestandje 'attach.txt' van sUbs DSS?

Abraham54 23 mei 2012, 14:21

Oei, foutje van mij.
Welk programma: [color=#008000:01717d15c1]ComboFix[/color:01717d15c1]
Waarvoor/waarom: Zeer specialistische scanner om Windows diepgaand te onderzoeken
en zo mogelijk op te schonen.
Moeilijkheidsgraad: Lees alles eerst goed vanwege de voorbereidingsfase.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden!
Download ComboFix via één van deze locaties:
[list:01717d15c1][*:01717d15c1]Bleepingcomputer
[*:01717d15c1]ForoSpyware
[*:01717d15c1]Geekstogo[/list:u:01717d15c1]
Hier zie je hoe je ComboFix moet gebruiken.
Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
Voor alle duidelijkheid nogmaals: ComboFix dient vanaf het bureaublad gestart te worden.
Opmerkingen:
[list:01717d15c1][*:01717d15c1]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
[*:01717d15c1]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:01717d15c1]
ComboFix is opgestart:
[list:01717d15c1][*:01717d15c1]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
[*:01717d15c1]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
[*:01717d15c1]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
[*:01717d15c1]Wanneer ComboFix gereed is, zal het een logbestand voor je maken.
[*:01717d15c1]Post de inhoud van dit logbestand in je volgende bericht.
[*:01717d15c1]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:01717d15c1]
Belangrijke opmerking:
[list:01717d15c1][*:01717d15c1][color=#0000FF:01717d15c1]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:01717d15c1]
[*:01717d15c1][color=#FF0000:01717d15c1]Illegal operation attempted on a registery key that has been marked for deletion.[/color:01717d15c1]
[*:01717d15c1][color=#008000:01717d15c1]Start dan de computer opnieuw op.[/color:01717d15c1][/list:u:01717d15c1]

Tellie 23 mei 2012, 18:45

Hierbij het ComboFix log bestand:
ComboFix 12-05-23.05 - Jordy 23-05-2012 18:24:34.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3948.2396 [GMT 2:00]
Gestart vanuit: c:\users\Jordy\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-04-23 to 2012-05-23 ))))))))))))))))))))))))))))))
.
.
2012-05-23 16:30 . 2012-05-23 16:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-05-23 16:30 . 2012-05-23 16:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-23 16:17 . 2012-05-23 16:17 0 ----a-w- c:\windows\SysWow64\sho52AA.tmp
2012-05-23 06:03 . 2012-05-23 06:05 -------- d-----w- C:\TDSSStarter
2012-05-22 10:33 . 2012-05-14 23:41 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A3340F4-0DE2-4EAB-865E-702FA2DF1F7D}\mpengine.dll
2012-05-20 16:29 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-05-20 16:29 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-05-20 16:29 . 2012-03-06 23:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-05-20 16:29 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-05-20 16:29 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-05-20 16:29 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-05-20 16:29 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-05-20 16:29 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-05-20 16:29 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-05-20 16:29 . 2012-05-20 16:29 -------- d-----w- c:\programdata\AVAST Software
2012-05-20 16:29 . 2012-05-20 16:29 -------- d-----w- c:\program files\AVAST Software
2012-05-20 16:22 . 2012-05-20 16:22 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-05-20 15:53 . 2012-05-20 15:53 -------- d-----w- c:\users\Jordy\AppData\Roaming\Malwarebytes
2012-05-20 15:53 . 2012-05-20 15:53 -------- d-----w- c:\programdata\Malwarebytes
2012-05-20 10:51 . 2012-03-11 00:17 121344 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2012-05-20 10:51 . 2012-03-11 00:09 86528 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2012-05-20 10:39 . 2012-05-20 10:39 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-20 10:39 . 2012-05-20 10:39 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-05-20 10:01 . 2012-05-20 10:01 12872 ----a-w- c:\windows\system32\bootdelete.exe
2012-05-20 09:53 . 2012-05-20 10:01 -------- d-----w- c:\programdata\HitmanPro
2012-05-20 09:16 . 2012-05-20 11:26 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-05-20 09:16 . 2012-05-20 11:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-19 21:44 . 2012-03-19 21:44 5888792 ----a-w- c:\windows\system32\GfxUI.exe
2012-03-19 21:44 . 2012-03-19 21:44 509720 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-03-19 21:44 . 2012-03-19 21:44 439064 ----a-w- c:\windows\system32\igfxpers.exe
2012-03-19 21:44 . 2012-03-19 21:44 398616 ----a-w- c:\windows\system32\hkcmd.exe
2012-03-19 21:44 . 2012-03-19 21:44 276248 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-03-19 21:44 . 2012-03-19 21:44 250136 ----a-w- c:\windows\system32\igfxext.exe
2012-03-19 21:44 . 2012-03-19 21:44 184600 ----a-w- c:\windows\system32\difx64.exe
2012-03-19 21:44 . 2012-03-19 21:44 170264 ----a-w- c:\windows\system32\igfxtray.exe
2012-03-19 21:42 . 2012-03-19 21:42 90112 ----a-w- c:\windows\system32\igfxCoIn_v2696.dll
2012-03-19 21:32 . 2012-03-19 21:32 14745600 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-03-19 21:31 . 2012-03-19 21:31 8087040 ----a-w- c:\windows\system32\igdumd64.dll
2012-03-19 21:31 . 2012-03-19 21:31 963912 ----a-w- c:\windows\system32\igkrng600.bin
2012-03-19 21:31 . 2012-03-19 21:31 261208 ----a-w- c:\windows\system32\igfcg600m.bin
2012-03-19 21:31 . 2012-03-19 21:31 79360 ----a-w- c:\windows\system32\igdde64.dll
2012-03-19 21:26 . 2010-12-09 05:50 6120960 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-03-19 21:25 . 2012-03-19 21:25 58880 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-03-19 21:22 . 2010-12-09 05:50 9605632 ----a-w- c:\windows\system32\igd10umd64.dll
2012-03-19 21:11 . 2012-03-19 21:11 7795200 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-03-19 20:31 . 2012-03-19 20:31 18137088 ----a-w- c:\windows\system32\ig4icd64.dll
2012-03-19 20:21 . 2012-03-19 20:21 13212672 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2012-03-19 20:18 . 2012-03-19 20:18 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-03-19 20:18 . 2012-03-19 20:18 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-03-19 20:18 . 2012-03-19 20:18 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-03-19 20:18 . 2012-03-19 20:18 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-03-19 20:18 . 2012-03-19 20:18 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-03-19 20:18 . 2012-03-19 20:18 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-03-19 20:18 . 2012-03-19 20:18 430592 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-03-19 20:18 . 2012-03-19 20:18 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-03-19 20:18 . 2012-03-19 20:18 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-03-19 20:18 . 2012-03-19 20:18 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-03-19 20:18 . 2012-03-19 20:18 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-03-19 20:18 . 2012-03-19 20:18 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-03-19 20:18 . 2012-03-19 20:18 386560 ----a-w- c:\windows\system32\igfxpph.dll
2012-03-19 20:18 . 2012-03-19 20:18 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-03-19 20:17 . 2010-12-09 05:50 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-03-19 20:17 . 2010-12-09 05:50 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-03-19 20:17 . 2010-12-09 05:50 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-03-19 20:17 . 2012-03-19 20:17 9216 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-03-19 20:17 . 2012-03-19 20:17 172032 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-03-19 20:17 . 2010-12-09 05:50 434688 ----a-w- c:\windows\system32\igfxdev.dll
2012-03-19 20:16 . 2012-03-19 20:16 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-03-19 20:16 . 2012-03-19 20:16 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-03-19 20:16 . 2010-12-09 05:50 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-03-19 20:12 . 2012-03-19 20:12 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-03-19 20:11 . 2012-03-19 20:11 325120 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-03-19 20:09 . 2012-03-19 20:09 524800 ----a-w- c:\windows\system32\iglhsip64.dll
2012-03-19 20:09 . 2012-03-19 20:09 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2012-03-19 20:09 . 2012-03-19 20:09 2967040 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-03-19 20:09 . 2012-03-19 20:09 237056 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2012-03-19 20:09 . 2012-03-19 20:09 2321408 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2012-03-19 20:09 . 2012-03-19 20:09 213504 ----a-w- c:\windows\system32\iglhcp64.dll
2012-03-19 20:09 . 2012-03-19 20:09 193024 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-03-19 20:09 . 2012-03-19 20:09 177152 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-03-11 00:17 . 2010-12-29 08:19 20992 ----a-w- c:\windows\system32\OpenCL.dll
2012-03-11 00:09 . 2010-12-29 08:19 17920 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-03-01 06:46 . 2012-04-14 10:49 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-14 10:49 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-14 10:49 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-14 10:49 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-14 10:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-14 10:49 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-14 10:49 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 12:44 . 2011-12-04 13:26 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-28 06:39 . 2012-04-11 16:32 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 05:38 . 2012-04-11 16:32 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 04:31 . 2012-04-11 16:32 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 03:52 . 2012-04-11 16:32 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-08 932528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-18 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-18 201584]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2010-11-12 296768]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-12-09 1025616]
"MDS_Menu"="c:\program files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2010-11-27 177448]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-14 868224]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2012-01-13 103440]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-11-22 1993320]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - WS2IFSL
.
Inhoud van de 'Gedeelde Taken' map
.
2012-05-23 c:\windows\Tasks\FinalTorrent Update Checker.job
- c:\program files (x86)\FinalTorrent\FTCheckForUpdates.exe [2011-03-17 15:50]
.
2012-05-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002Core.job
- c:\users\Jordy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-16 16:55]
.
2012-05-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002UA.job
- c:\users\Jordy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-16 16:55]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-26 11619432]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-11-26 2185832]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-10-14 860040]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Bijkomende Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://nl.woofi.info
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxps://webmail.saxion.nl/dwa85W.cab
.
- - - - ORPHANS VERWIJDERD - - - -
.
URLSearchHooks-{51fcf544-34e1-47e6-b661-fbc5280c2e74} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Browser companion helper - c:\program files (x86)\BrowserCompanion\BCHelper.exe
Toolbar-Locked - (no file)
WebBrowser-{51FCF544-34E1-47E6-B661-FBC5280C2E74} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-FreeFileViewer_is1 - c:\program files (x86)\FreeFileViewer\unins000.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Trusted Software Assistant_is1 - c:\program files (x86)\File Type Assistant\unins000.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1781743323-2443383540-730848164-1002\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\rundll32.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Voltooingstijd: 2012-05-23 18:38:12 - machine werd herstart
ComboFix-quarantined-files.txt 2012-05-23 16:38
.
Pre-Run: 499.295.760.384 bytes beschikbaar
Post-Run: 498.958.819.328 bytes beschikbaar
.
- - End Of File - - 0CDDA06218A847E3861306F28A29D1CE

Abraham54 23 mei 2012, 19:23

We gebruiken ComboFix opnieuw - maar nu met script.
Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\Kladblok (of Notepad)".
Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster
[color=#0000FF:2f7fd46159]ClearJavaCache::
File::
c:\windows\SysWow64\sho52AA.tmp
DDS::
mStart Page = hxxp://nl.woofi.info[/color:2f7fd46159]

Sla dit kladblokbestand op je bureaublad op als CFScript.txt.
[color=#FF0000:2f7fd46159]Nu eerst de antivirus en eventuele spywarescanners deaktiveren![/color:2f7fd46159]
[color=#008000:2f7fd46159]Zorg ook ervoor dat alle andere openstaande vensters gesloten zijn, ook de webbrowser.[/color:2f7fd46159]
Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.
Post het Combofix-log dat na het opnieuw starten wordt getoond.
Ingeval Combofix je computer opnieuw heeft opgestart (of jij dat hebt gedaan), vindt je het log ook in C:\Combofix.txt
Belangrijke opmerking:
[list:2f7fd46159][*:2f7fd46159][color=#FF0000:2f7fd46159]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:2f7fd46159]
[*:2f7fd46159][color=#0000FF:2f7fd46159]Illegal operation attempted on a registery key that has been marked for deletion.[/color:2f7fd46159]
[*:2f7fd46159][color=#FF0000:2f7fd46159]Start dan de computer opnieuw op.[/color:2f7fd46159][/list:u:2f7fd46159]

Tellie 23 mei 2012, 20:17

Hier het log bestandje naar het volgen van de gegeven stappen:
ComboFix 12-05-23.05 - Jordy 23-05-2012 19:54:42.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3948.2400 [GMT 2:00]
Gestart vanuit: c:\users\Jordy\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Jordy\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\SysWow64\sho52AA.tmp"
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-04-23 to 2012-05-23 ))))))))))))))))))))))))))))))
.
.
2012-05-23 18:02 . 2012-05-23 18:02 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-05-23 18:02 . 2012-05-23 18:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-23 18:02 . 2012-05-23 18:02 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-05-23 16:17 . 2012-05-23 16:17 0 ----a-w- c:\windows\SysWow64\sho52AA.tmp
2012-05-23 06:03 . 2012-05-23 06:05 -------- d-----w- C:\TDSSStarter
2012-05-22 10:33 . 2012-05-14 23:41 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A3340F4-0DE2-4EAB-865E-702FA2DF1F7D}\mpengine.dll
2012-05-20 16:29 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-05-20 16:29 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-05-20 16:29 . 2012-03-06 23:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-05-20 16:29 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-05-20 16:29 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-05-20 16:29 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-05-20 16:29 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-05-20 16:29 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-05-20 16:29 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-05-20 16:29 . 2012-05-20 16:29 -------- d-----w- c:\programdata\AVAST Software
2012-05-20 16:29 . 2012-05-20 16:29 -------- d-----w- c:\program files\AVAST Software
2012-05-20 16:22 . 2012-05-20 16:22 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-05-20 15:53 . 2012-05-20 15:53 -------- d-----w- c:\users\Jordy\AppData\Roaming\Malwarebytes
2012-05-20 15:53 . 2012-05-20 15:53 -------- d-----w- c:\programdata\Malwarebytes
2012-05-20 10:51 . 2012-03-11 00:17 121344 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2012-05-20 10:51 . 2012-03-11 00:09 86528 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2012-05-20 10:39 . 2012-05-20 10:39 -------- d-----w- c:\program files\Microsoft Silverlight
2012-05-20 10:39 . 2012-05-20 10:39 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-05-20 10:01 . 2012-05-20 10:01 12872 ----a-w- c:\windows\system32\bootdelete.exe
2012-05-20 09:53 . 2012-05-20 10:01 -------- d-----w- c:\programdata\HitmanPro
2012-05-20 09:16 . 2012-05-20 11:26 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-05-20 09:16 . 2012-05-20 11:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-19 21:44 . 2012-03-19 21:44 5888792 ----a-w- c:\windows\system32\GfxUI.exe
2012-03-19 21:44 . 2012-03-19 21:44 509720 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-03-19 21:44 . 2012-03-19 21:44 439064 ----a-w- c:\windows\system32\igfxpers.exe
2012-03-19 21:44 . 2012-03-19 21:44 398616 ----a-w- c:\windows\system32\hkcmd.exe
2012-03-19 21:44 . 2012-03-19 21:44 276248 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-03-19 21:44 . 2012-03-19 21:44 250136 ----a-w- c:\windows\system32\igfxext.exe
2012-03-19 21:44 . 2012-03-19 21:44 184600 ----a-w- c:\windows\system32\difx64.exe
2012-03-19 21:44 . 2012-03-19 21:44 170264 ----a-w- c:\windows\system32\igfxtray.exe
2012-03-19 21:42 . 2012-03-19 21:42 90112 ----a-w- c:\windows\system32\igfxCoIn_v2696.dll
2012-03-19 21:32 . 2012-03-19 21:32 14745600 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-03-19 21:31 . 2012-03-19 21:31 8087040 ----a-w- c:\windows\system32\igdumd64.dll
2012-03-19 21:31 . 2012-03-19 21:31 963912 ----a-w- c:\windows\system32\igkrng600.bin
2012-03-19 21:31 . 2012-03-19 21:31 261208 ----a-w- c:\windows\system32\igfcg600m.bin
2012-03-19 21:31 . 2012-03-19 21:31 79360 ----a-w- c:\windows\system32\igdde64.dll
2012-03-19 21:26 . 2010-12-09 05:50 6120960 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-03-19 21:25 . 2012-03-19 21:25 58880 ----a-w- c:\windows\SysWow64\igdde32.dll
2012-03-19 21:22 . 2010-12-09 05:50 9605632 ----a-w- c:\windows\system32\igd10umd64.dll
2012-03-19 21:11 . 2012-03-19 21:11 7795200 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-03-19 20:31 . 2012-03-19 20:31 18137088 ----a-w- c:\windows\system32\ig4icd64.dll
2012-03-19 20:21 . 2012-03-19 20:21 13212672 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2012-03-19 20:18 . 2012-03-19 20:18 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-03-19 20:18 . 2012-03-19 20:18 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2012-03-19 20:18 . 2012-03-19 20:18 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-03-19 20:18 . 2012-03-19 20:18 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-03-19 20:18 . 2012-03-19 20:18 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-03-19 20:18 . 2012-03-19 20:18 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-03-19 20:18 . 2012-03-19 20:18 430592 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-03-19 20:18 . 2012-03-19 20:18 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-03-19 20:18 . 2012-03-19 20:18 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-03-19 20:18 . 2012-03-19 20:18 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-03-19 20:18 . 2012-03-19 20:18 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2012-03-19 20:18 . 2012-03-19 20:18 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-03-19 20:18 . 2012-03-19 20:18 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-03-19 20:18 . 2012-03-19 20:18 386560 ----a-w- c:\windows\system32\igfxpph.dll
2012-03-19 20:18 . 2012-03-19 20:18 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2012-03-19 20:17 . 2010-12-09 05:50 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-03-19 20:17 . 2010-12-09 05:50 63488 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-03-19 20:17 . 2010-12-09 05:50 110592 ----a-w- c:\windows\system32\hccutils.dll
2012-03-19 20:17 . 2012-03-19 20:17 9216 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-03-19 20:17 . 2012-03-19 20:17 172032 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-03-19 20:17 . 2010-12-09 05:50 434688 ----a-w- c:\windows\system32\igfxdev.dll
2012-03-19 20:16 . 2012-03-19 20:16 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-03-19 20:16 . 2012-03-19 20:16 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-03-19 20:16 . 2010-12-09 05:50 9007616 ----a-w- c:\windows\system32\igfxress.dll
2012-03-19 20:12 . 2012-03-19 20:12 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-03-19 20:11 . 2012-03-19 20:11 325120 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-03-19 20:09 . 2012-03-19 20:09 524800 ----a-w- c:\windows\system32\iglhsip64.dll
2012-03-19 20:09 . 2012-03-19 20:09 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2012-03-19 20:09 . 2012-03-19 20:09 2967040 ----a-w- c:\windows\system32\igfxcmjit64.dll
2012-03-19 20:09 . 2012-03-19 20:09 237056 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2012-03-19 20:09 . 2012-03-19 20:09 2321408 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2012-03-19 20:09 . 2012-03-19 20:09 213504 ----a-w- c:\windows\system32\iglhcp64.dll
2012-03-19 20:09 . 2012-03-19 20:09 193024 ----a-w- c:\windows\system32\igfxcmrt64.dll
2012-03-19 20:09 . 2012-03-19 20:09 177152 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-03-11 00:17 . 2010-12-29 08:19 20992 ----a-w- c:\windows\system32\OpenCL.dll
2012-03-11 00:09 . 2010-12-29 08:19 17920 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-03-01 06:46 . 2012-04-14 10:49 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-14 10:49 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-14 10:49 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-14 10:49 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-14 10:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-14 10:49 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-14 10:49 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 12:44 . 2011-12-04 13:26 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-28 06:39 . 2012-04-11 16:32 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 05:38 . 2012-04-11 16:32 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 04:31 . 2012-04-11 16:32 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 03:52 . 2012-04-11 16:32 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((( SnapShot@2012-05-23_16.32.22 )))))))))))))))))))))))))))))))))))))))))
.
- 2012-05-23 16:31 . 2012-05-23 16:31 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2012-05-23 18:03 . 2012-05-23 18:03 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2009-07-14 04:54 . 2012-05-23 16:31 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-05-23 18:03 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-05-23 18:03 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-23 16:31 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-23 18:03 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-23 16:31 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-06 09:39 . 2012-05-23 17:51 48220 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-05-23 17:51 32104 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-03-16 16:28 . 2012-05-23 17:51 13008 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1781743323-2443383540-730848164-1002_UserData.bin
+ 2010-12-29 08:45 . 2012-05-23 18:03 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-29 08:45 . 2012-05-23 16:31 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-05-21 07:19 . 2012-05-23 18:03 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-05-21 07:19 . 2012-05-23 16:31 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-05-23 16:31 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-23 18:03 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-03-16 16:25 . 2012-05-23 16:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-03-16 16:25 . 2012-05-23 17:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-03-16 16:25 . 2012-05-23 16:19 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-03-16 16:25 . 2012-05-23 17:50 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-29 08:28 . 2012-05-23 16:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-29 08:28 . 2012-05-23 17:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-29 08:28 . 2012-05-23 16:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 08:28 . 2012-05-23 17:50 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-29 08:28 . 2012-05-23 17:50 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-29 08:28 . 2012-05-23 16:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-05-23 16:31 . 2012-05-23 16:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-23 18:03 . 2012-05-23 18:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-23 18:03 . 2012-05-23 18:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-05-23 16:31 . 2012-05-23 16:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-05-23 16:31 399516 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-05-23 18:03 399516 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-08 932528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-18 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-18 201584]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2010-11-12 296768]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-12-09 1025616]
"MDS_Menu"="c:\program files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2010-11-27 177448]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-14 868224]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2012-01-13 103440]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-11-22 1993320]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2012-05-23 c:\windows\Tasks\FinalTorrent Update Checker.job
- c:\program files (x86)\FinalTorrent\FTCheckForUpdates.exe [2011-03-17 15:50]
.
2012-05-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002Core.job
- c:\users\Jordy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-16 16:55]
.
2012-05-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002UA.job
- c:\users\Jordy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-16 16:55]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-26 11619432]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-11-26 2185832]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-10-14 860040]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Bijkomende Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxps://webmail.saxion.nl/dwa85W.cab
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1781743323-2443383540-730848164-1002\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\rundll32.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Voltooingstijd: 2012-05-23 20:09:34 - machine werd herstart
ComboFix-quarantined-files.txt 2012-05-23 18:09
ComboFix2.txt 2012-05-23 16:38
.
Pre-Run: 499.003.469.824 bytes beschikbaar
Post-Run: 498.911.985.664 bytes beschikbaar
.
- - End Of File - - 223F0F8F6AA8A817413D256BFC718B1A

Abraham54 23 mei 2012, 20:25

Mooi zo, goed gedaan.
Hoe gaat het nu?

Tellie 23 mei 2012, 20:37

probleem blijft bestaan, zelfs terwijl ik deze tekst intyp gebeurt het. Telkens blijft hij een paar tellen hangen.

Abraham54 23 mei 2012, 20:40

Vreemd.
Indien je Taakbeheer opstart, hoeveel processen lopen er en wat is het CPU-gebruik.

Tellie 23 mei 2012, 20:44

Processen: 92
Processorgebruik: 0% - 1%
Fysiek geheugen: 38%

Abraham54 23 mei 2012, 20:46

Wow, bijna dubbel zoveel als in mijn Windows 7!
Welk programma: [color=#008000:9f54581c4a]OTL.com[/color:9f54581c4a]
Waarvoor/waarom: multifunktioneel tool - analyse en fix
Moeilijkheidsgraad: geen.
Download: OTL en plaats het bestand op het bureaublad.
[color=#008000:9f54581c4a]OTL.com[/color:9f54581c4a] gebruiken:
[list:9f54581c4a][*:9f54581c4a] [color=#0000FF:9f54581c4a]Sluit nu eerst alle nog openstaande programmavensters![/color:9f54581c4a]
[list:9f54581c4a][*:9f54581c4a]Dubblklik op
[/list:u:9f54581c4a][/list:u:9f54581c4a]
[list:9f54581c4a][*:9f54581c4a]Zet een vinkje bij [color=#0000FF:9f54581c4a]Scan All Users[/color:9f54581c4a].
[*:9f54581c4a]Verander de instelling bij [color=#0000FF:9f54581c4a]File Age[/color:9f54581c4a] naar 60.
[*:9f54581c4a]Klik op .
[*:9f54581c4a]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef.
[*:9f54581c4a]De scan zal niet heel erg lang duren.
[list:9f54581c4a][*:9f54581c4a]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: OTL.Txt en Extras.txt.
[*:9f54581c4a]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:9f54581c4a]
[*:9f54581c4a][color=#008000:9f54581c4a]Notabene:[/color:9f54581c4a] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:9f54581c4a]

Tellie 23 mei 2012, 21:05

Hier de log OTL:
OTL logfile created on: 5/23/2012 8:57:01 PM - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Jordy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

3.86 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 58.80% Memory free
7.71 Gb Paging File | 5.92 Gb Available in Paging File | 76.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.07 Gb Total Space | 464.75 Gb Free Space | 79.98% Space Free | Partition Type: NTFS

Computer Name: JORDY-PC | User Name: Jordy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717:a78e6421fa]========== Processes (SafeList) ==========[/color:a78e6421fa]

PRC - [2012/05/23 20:51:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jordy\Desktop\OTL.com
PRC - [2012/05/08 15:10:45 | 000,932,528 | ---- | M] () -- C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/03/07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2010/12/09 07:27:50 | 001,025,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/12/09 07:27:50 | 000,287,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/11/27 08:34:16 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
PRC - [2010/11/26 08:54:46 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
PRC - [2010/11/26 08:54:40 | 000,181,624 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
PRC - [2010/11/12 03:21:36 | 000,296,768 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010/09/28 05:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2010/09/18 02:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/09/18 02:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/09/14 04:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/04/27 04:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe


[color=#E56717:a78e6421fa]========== Modules (No Company Name) ==========[/color:a78e6421fa]

MOD - [2012/05/20 11:33:15 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6c30b231f838269283ee449bbc98b202\IAStorUtil.ni.dll
MOD - [2012/05/20 11:33:15 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll
MOD - [2012/05/15 18:11:28 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1a690902e9a6293de228c16fab21e2f7\System.Web.ni.dll
MOD - [2012/05/15 18:11:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/15 18:10:35 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
MOD - [2012/05/15 18:10:25 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
MOD - [2012/05/15 18:10:08 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/15 18:10:04 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/15 18:10:01 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/15 18:10:00 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/15 18:09:52 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/09 05:04:52 | 000,441,840 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
MOD - [2012/05/09 05:04:51 | 003,921,904 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll
MOD - [2012/05/09 05:03:36 | 000,553,456 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\libglesv2.dll
MOD - [2012/05/09 05:03:35 | 000,117,744 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\libegl.dll
MOD - [2012/05/09 05:03:25 | 000,134,656 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\avutil-51.dll
MOD - [2012/05/09 05:03:24 | 000,250,368 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\avformat-54.dll
MOD - [2012/05/09 05:03:23 | 002,375,680 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll
MOD - [2012/05/09 04:09:13 | 008,743,584 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
MOD - [2012/05/09 04:09:13 | 008,743,584 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\APPLIC~1\190108~1.46\gcswf32.dll
MOD - [2012/05/08 15:10:45 | 000,932,528 | ---- | M] () -- C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2010/12/29 09:57:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_nl_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/11/26 08:54:40 | 000,210,304 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2010/11/26 08:54:40 | 000,181,624 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
MOD - [2010/11/13 02:34:15 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/12 03:22:22 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll


[color=#E56717:a78e6421fa]========== Win32 Services (SafeList) ==========[/color:a78e6421fa]

SRV:64bit: - [2012/03/07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/10/14 04:27:30 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/10/08 12:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/01/29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/19 23:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R)
SRV - [2012/01/13 12:21:16 | 000,103,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/12 17:13:26 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011/05/02 12:37:49 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/03/20 17:44:30 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/12/29 10:23:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/09 07:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/11/22 20:23:00 | 001,993,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/11/12 03:21:52 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/10/06 06:08:48 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/10/06 06:08:44 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/09/28 04:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/09/14 04:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717:a78e6421fa]========== Driver Services (SafeList) ==========[/color:a78e6421fa]

DRV:64bit: - [2012/03/19 23:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/06 04:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/12 06:43:54 | 000,085,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2010/12/11 18:12:54 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2010/12/11 18:12:50 | 000,067,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2010/12/11 03:46:56 | 000,035,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2010/12/06 12:14:40 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2010/12/06 12:14:40 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2010/12/06 12:14:40 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2010/12/02 08:36:04 | 000,411,688 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010/11/22 20:23:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/09 12:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/10/08 12:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/09/30 07:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/09/30 07:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/09/14 04:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/07/29 15:30:48 | 001,383,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/07/09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/06/25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010/04/20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/11/01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717:a78e6421fa]========== Standard Registry (SafeList) ==========[/color:a78e6421fa]


[color=#E56717:a78e6421fa]========== Internet Explorer ==========[/color:a78e6421fa]

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6CF1003B-BFD2-4A06-AC83-B3B31130CD60}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6CF1003B-BFD2-4A06-AC83-B3B31130CD60}: "URL" = http://nl.woofi.info
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2880292


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=241e43f500000000000018f46ab7481d
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo.com/search?fr=vmn&type=vmn-ada-vmntbcleaner-1_0-ya-ch-rp&q={searchTerms}
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{69530022-CC23-4D73-B931-641CCC723C0D}: "URL" = http://search.avg.com/?d=4dfc6dc7&i=23&tp=chrome&q={searchTerms}&lng={language}&nt=1
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{6CF1003B-BFD2-4A06-AC83-B3B31130CD60}: "URL" = http://nl.woofi.info
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2880292
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717:a78e6421fa]========== FireFox ==========[/color:a78e6421fa]

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jordy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jordy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/02/23 16:10:45 | 000,000,000 | ---D | M]


[color=#E56717:a78e6421fa]========== Chrome ==========[/color:a78e6421fa]

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=241e43f500000000000018f46ab7481d
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Jordy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Zoeken = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/23 20:04:07 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002..\Run: [Spotify Web Helper] C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [AVG search provider] "C:\Program Files (x86)\AVG\AVG10\SearchProvider.exe" /AFTERINST File not found
O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe ()
O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [spchecker] "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\__avast! sandbox\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://webmail.saxion.nl/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\base64 - No CLSID value found
O18:64bit: - Protocol\Handler\chrome - No CLSID value found
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\prox - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\base64 - No CLSID value found
O18 - Protocol\Handler\chrome - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\prox - No CLSID value found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
O37 - HKLM\...exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717:a78e6421fa]========== Files/Folders - Created Within 30 Days ==========[/color:a78e6421fa]

[2012/05/23 20:51:38 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Jordy\Desktop\OTL.com
[2012/05/23 20:13:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/05/23 18:22:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/05/23 18:22:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/05/23 18:22:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/05/23 18:22:19 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/05/23 18:22:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/23 18:21:34 | 004,525,103 | R--- | C] (Swearware) -- C:\Users\Jordy\Desktop\ComboFix.exe
[2012/05/23 08:03:00 | 000,000,000 | ---D | C] -- C:\TDSSStarter
[2012/05/22 12:24:59 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Jordy\Desktop\dds.com
[2012/05/20 18:32:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012/05/20 18:29:44 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/05/20 18:29:44 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/05/20 18:29:42 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/05/20 18:29:42 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/05/20 18:29:42 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/05/20 18:29:42 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/05/20 18:29:42 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/05/20 18:29:25 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/05/20 18:29:24 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/05/20 18:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/05/20 18:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/05/20 18:22:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012/05/20 17:53:09 | 000,000,000 | ---D | C] -- C:\Users\Jordy\AppData\Roaming\Malwarebytes
[2012/05/20 17:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/20 14:07:25 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/05/20 12:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/20 12:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/05/20 12:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/05/20 12:01:21 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012/05/20 11:53:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/05/20 11:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/05/20 11:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[color=#E56717:a78e6421fa]========== Files - Modified Within 30 Days ==========[/color:a78e6421fa]

[2012/05/23 20:51:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jordy\Desktop\OTL.com
[2012/05/23 20:42:02 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002UA.job
[2012/05/23 20:20:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/23 20:20:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/23 20:12:53 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\FinalTorrent Update Checker.job
[2012/05/23 20:12:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/23 20:11:52 | 3104,624,640 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/23 20:04:07 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/05/23 18:20:59 | 004,525,103 | R--- | M] (Swearware) -- C:\Users\Jordy\Desktop\ComboFix.exe
[2012/05/23 02:21:52 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002Core.job
[2012/05/22 14:39:15 | 001,579,838 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/22 14:39:15 | 000,712,352 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012/05/22 14:39:15 | 000,625,462 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/22 14:39:15 | 000,138,912 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012/05/22 14:39:15 | 000,110,842 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/22 12:25:24 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Jordy\Desktop\dds.com
[2012/05/20 18:33:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/05/20 18:32:21 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/05/20 18:22:25 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2012/05/20 16:45:39 | 000,007,605 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Resmon.ResmonCfg
[2012/05/20 13:03:47 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/05/20 12:55:30 | 000,017,748 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012/05/20 12:01:21 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012/05/15 18:07:21 | 000,427,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[color=#E56717:a78e6421fa]========== Files Created - No Company Name ==========[/color:a78e6421fa]

[2012/05/23 18:22:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/23 18:22:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/23 18:22:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/23 18:22:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/23 18:22:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/05/20 18:32:21 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/05/20 18:29:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/05/20 18:22:25 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2012/05/20 16:45:39 | 000,007,605 | ---- | C] () -- C:\Users\Jordy\AppData\Local\Resmon.ResmonCfg
[2012/03/19 23:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/19 23:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/03/19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/03/20 17:44:37 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/03/20 17:44:30 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/03/20 17:44:30 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/03/16 20:50:19 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/03/16 19:44:40 | 001,607,656 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/29 10:19:13 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010/12/09 07:50:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[color=#E56717:a78e6421fa]========== LOP Check ==========[/color:a78e6421fa]

[2011/04/19 15:05:50 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\com.w3i.FlipToast
[2011/11/14 20:58:30 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\DAEMON Tools Lite
[2011/03/19 00:41:25 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\FinalTorrent
[2011/11/01 13:27:11 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\HTC
[2011/10/25 17:31:47 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011/04/18 20:39:39 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\PowerCinema
[2011/04/19 15:05:02 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\RegistryKeys
[2012/05/21 18:25:25 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\SoftGrid Client
[2012/05/15 14:39:33 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\Spotify
[2012/05/20 12:39:46 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\SystemRequirementsLab
[2011/03/16 19:45:13 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\TP
[2011/03/18 19:15:14 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\WhiteSmoke
[2011/06/09 19:00:39 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\Windows Live Writer
[2012/05/23 20:12:53 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\FinalTorrent Update Checker.job

[color=#E56717:a78e6421fa]========== Purity Check ==========[/color:a78e6421fa]



[color=#E56717:a78e6421fa]========== Alternate Data Streams ==========[/color:a78e6421fa]

@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D
< End of report >

Tellie 23 mei 2012, 21:07

En hier de Extras.. :
OTL logfile created on: 5/23/2012 8:57:01 PM - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Jordy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

3.86 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 58.80% Memory free
7.71 Gb Paging File | 5.92 Gb Available in Paging File | 76.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.07 Gb Total Space | 464.75 Gb Free Space | 79.98% Space Free | Partition Type: NTFS

Computer Name: JORDY-PC | User Name: Jordy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717:271cfb05af]========== Processes (SafeList) ==========[/color:271cfb05af]

PRC - [2012/05/23 20:51:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jordy\Desktop\OTL.com
PRC - [2012/05/08 15:10:45 | 000,932,528 | ---- | M] () -- C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/03/07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2010/12/09 07:27:50 | 001,025,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/12/09 07:27:50 | 000,287,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/11/27 08:34:16 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
PRC - [2010/11/26 08:54:46 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
PRC - [2010/11/26 08:54:40 | 000,181,624 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
PRC - [2010/11/12 03:21:36 | 000,296,768 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010/09/28 05:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2010/09/18 02:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/09/18 02:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/09/14 04:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/04/27 04:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe


[color=#E56717:271cfb05af]========== Modules (No Company Name) ==========[/color:271cfb05af]

MOD - [2012/05/20 11:33:15 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6c30b231f838269283ee449bbc98b202\IAStorUtil.ni.dll
MOD - [2012/05/20 11:33:15 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll
MOD - [2012/05/15 18:11:28 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1a690902e9a6293de228c16fab21e2f7\System.Web.ni.dll
MOD - [2012/05/15 18:11:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/15 18:10:35 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
MOD - [2012/05/15 18:10:25 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
MOD - [2012/05/15 18:10:08 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/15 18:10:04 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/15 18:10:01 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/15 18:10:00 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/15 18:09:52 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/09 05:04:52 | 000,441,840 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
MOD - [2012/05/09 05:04:51 | 003,921,904 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll
MOD - [2012/05/09 05:03:36 | 000,553,456 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\libglesv2.dll
MOD - [2012/05/09 05:03:35 | 000,117,744 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\libegl.dll
MOD - [2012/05/09 05:03:25 | 000,134,656 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\avutil-51.dll
MOD - [2012/05/09 05:03:24 | 000,250,368 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\avformat-54.dll
MOD - [2012/05/09 05:03:23 | 002,375,680 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll
MOD - [2012/05/09 04:09:13 | 008,743,584 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
MOD - [2012/05/09 04:09:13 | 008,743,584 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\APPLIC~1\190108~1.46\gcswf32.dll
MOD - [2012/05/08 15:10:45 | 000,932,528 | ---- | M] () -- C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2010/12/29 09:57:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_nl_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/11/26 08:54:40 | 000,210,304 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2010/11/26 08:54:40 | 000,181,624 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
MOD - [2010/11/13 02:34:15 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/12 03:22:22 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll


[color=#E56717:271cfb05af]========== Win32 Services (SafeList) ==========[/color:271cfb05af]

SRV:64bit: - [2012/03/07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/10/14 04:27:30 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/10/08 12:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/01/29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/19 23:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R)
SRV - [2012/01/13 12:21:16 | 000,103,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/12 17:13:26 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011/05/02 12:37:49 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/03/20 17:44:30 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/12/29 10:23:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/09 07:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/11/22 20:23:00 | 001,993,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/11/12 03:21:52 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/10/06 06:08:48 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/10/06 06:08:44 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/09/28 04:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/09/14 04:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717:271cfb05af]========== Driver Services (SafeList) ==========[/color:271cfb05af]

DRV:64bit: - [2012/03/19 23:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/06 04:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/12 06:43:54 | 000,085,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2010/12/11 18:12:54 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2010/12/11 18:12:50 | 000,067,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2010/12/11 03:46:56 | 000,035,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2010/12/06 12:14:40 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2010/12/06 12:14:40 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2010/12/06 12:14:40 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2010/12/02 08:36:04 | 000,411,688 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010/11/22 20:23:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/09 12:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/10/08 12:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/09/30 07:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/09/30 07:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/09/14 04:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/07/29 15:30:48 | 001,383,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/07/09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/06/25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010/04/20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/11/01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717:271cfb05af]========== Standard Registry (SafeList) ==========[/color:271cfb05af]


[color=#E56717:271cfb05af]========== Internet Explorer ==========[/color:271cfb05af]

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6CF1003B-BFD2-4A06-AC83-B3B31130CD60}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6CF1003B-BFD2-4A06-AC83-B3B31130CD60}: "URL" = http://nl.woofi.info
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2880292


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=241e43f500000000000018f46ab7481d
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo.com/search?fr=vmn&type=vmn-ada-vmntbcleaner-1_0-ya-ch-rp&q={searchTerms}
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{69530022-CC23-4D73-B931-641CCC723C0D}: "URL" = http://search.avg.com/?d=4dfc6dc7&i=23&tp=chrome&q={searchTerms}&lng={language}&nt=1
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{6CF1003B-BFD2-4A06-AC83-B3B31130CD60}: "URL" = http://nl.woofi.info
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2880292
IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717:271cfb05af]========== FireFox ==========[/color:271cfb05af]

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jordy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jordy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/02/23 16:10:45 | 000,000,000 | ---D | M]


[color=#E56717:271cfb05af]========== Chrome ==========[/color:271cfb05af]

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=241e43f500000000000018f46ab7481d
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Jordy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Zoeken = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Gmail = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/23 20:04:07 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002..\Run: [Spotify Web Helper] C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [AVG search provider] "C:\Program Files (x86)\AVG\AVG10\SearchProvider.exe" /AFTERINST File not found
O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe ()
O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [spchecker] "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\__avast! sandbox\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://webmail.saxion.nl/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\base64 - No CLSID value found
O18:64bit: - Protocol\Handler\chrome - No CLSID value found
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\prox - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\base64 - No CLSID value found
O18 - Protocol\Handler\chrome - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\prox - No CLSID value found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
O37 - HKLM\...exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717:271cfb05af]========== Files/Folders - Created Within 30 Days ==========[/color:271cfb05af]

[2012/05/23 20:51:38 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Jordy\Desktop\OTL.com
[2012/05/23 20:13:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/05/23 18:22:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/05/23 18:22:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/05/23 18:22:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/05/23 18:22:19 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/05/23 18:22:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/23 18:21:34 | 004,525,103 | R--- | C] (Swearware) -- C:\Users\Jordy\Desktop\ComboFix.exe
[2012/05/23 08:03:00 | 000,000,000 | ---D | C] -- C:\TDSSStarter
[2012/05/22 12:24:59 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Jordy\Desktop\dds.com
[2012/05/20 18:32:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012/05/20 18:29:44 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/05/20 18:29:44 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/05/20 18:29:42 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/05/20 18:29:42 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/05/20 18:29:42 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/05/20 18:29:42 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/05/20 18:29:42 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/05/20 18:29:25 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/05/20 18:29:24 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/05/20 18:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/05/20 18:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/05/20 18:22:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012/05/20 17:53:09 | 000,000,000 | ---D | C] -- C:\Users\Jordy\AppData\Roaming\Malwarebytes
[2012/05/20 17:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/20 14:07:25 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/05/20 12:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/20 12:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/05/20 12:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/05/20 12:01:21 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012/05/20 11:53:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/05/20 11:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/05/20 11:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[color=#E56717:271cfb05af]========== Files - Modified Within 30 Days ==========[/color:271cfb05af]

[2012/05/23 20:51:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jordy\Desktop\OTL.com
[2012/05/23 20:42:02 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002UA.job
[2012/05/23 20:20:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/23 20:20:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/23 20:12:53 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\FinalTorrent Update Checker.job
[2012/05/23 20:12:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/23 20:11:52 | 3104,624,640 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/23 20:04:07 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/05/23 18:20:59 | 004,525,103 | R--- | M] (Swearware) -- C:\Users\Jordy\Desktop\ComboFix.exe
[2012/05/23 02:21:52 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002Core.job
[2012/05/22 14:39:15 | 001,579,838 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/22 14:39:15 | 000,712,352 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012/05/22 14:39:15 | 000,625,462 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/22 14:39:15 | 000,138,912 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012/05/22 14:39:15 | 000,110,842 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/22 12:25:24 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Jordy\Desktop\dds.com
[2012/05/20 18:33:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/05/20 18:32:21 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/05/20 18:22:25 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2012/05/20 16:45:39 | 000,007,605 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Resmon.ResmonCfg
[2012/05/20 13:03:47 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/05/20 12:55:30 | 000,017,748 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012/05/20 12:01:21 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012/05/15 18:07:21 | 000,427,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[color=#E56717:271cfb05af]========== Files Created - No Company Name ==========[/color:271cfb05af]

[2012/05/23 18:22:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/23 18:22:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/23 18:22:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/23 18:22:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/23 18:22:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/05/20 18:32:21 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/05/20 18:29:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/05/20 18:22:25 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm
[2012/05/20 16:45:39 | 000,007,605 | ---- | C] () -- C:\Users\Jordy\AppData\Local\Resmon.ResmonCfg
[2012/03/19 23:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/19 23:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/03/19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/03/20 17:44:37 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/03/20 17:44:30 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/03/20 17:44:30 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/03/16 20:50:19 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/03/16 19:44:40 | 001,607,656 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/29 10:19:13 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010/12/09 07:50:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[color=#E56717:271cfb05af]========== LOP Check ==========[/color:271cfb05af]

[2011/04/19 15:05:50 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\com.w3i.FlipToast
[2011/11/14 20:58:30 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\DAEMON Tools Lite
[2011/03/19 00:41:25 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\FinalTorrent
[2011/11/01 13:27:11 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\HTC
[2011/10/25 17:31:47 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011/04/18 20:39:39 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\PowerCinema
[2011/04/19 15:05:02 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\RegistryKeys
[2012/05/21 18:25:25 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\SoftGrid Client
[2012/05/15 14:39:33 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\Spotify
[2012/05/20 12:39:46 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\SystemRequirementsLab
[2011/03/16 19:45:13 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\TP
[2011/03/18 19:15:14 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\WhiteSmoke
[2011/06/09 19:00:39 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\Windows Live Writer
[2012/05/23 20:12:53 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\FinalTorrent Update Checker.job

[color=#E56717:271cfb05af]========== Purity Check ==========[/color:271cfb05af]



[color=#E56717:271cfb05af]========== Alternate Data Streams ==========[/color:271cfb05af]

@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D
< End of report >
OTL Extras logfile created on: 5/23/2012 8:57:01 PM - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Jordy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

3.86 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 58.80% Memory free
7.71 Gb Paging File | 5.92 Gb Available in Paging File | 76.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.07 Gb Total Space | 464.75 Gb Free Space | 79.98% Space Free | Partition Type: NTFS

Computer Name: JORDY-PC | User Name: Jordy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717:271cfb05af]========== Extra Registry (SafeList) ==========[/color:271cfb05af]


[color=#E56717:271cfb05af]========== File Associations ==========[/color:271cfb05af]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cmd [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cpl [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.hta [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.inf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.ini [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.url [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.js [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.jse [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.pif [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.reg [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.vbe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.vbs [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.wsf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.wsh [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[color=#E56717:271cfb05af]========== Shell Spawning ==========[/color:271cfb05af]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- Reg Error: Key error.
batfile [open] -- Reg Error: Key error.
batfile [print] -- Reg Error: Key error.
chm.file [open] -- Reg Error: Key error.
cmdfile [edit] -- Reg Error: Key error.
cmdfile [open] -- Reg Error: Key error.
cmdfile [print] -- Reg Error: Key error.
comfile [open] -- Reg Error: Key error.
cplfile [cplopen] -- Reg Error: Key error.
exefile [open] -- Reg Error: Key error.
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- Reg Error: Key error.
htafile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- Reg Error: Key error.
inffile [open] -- Reg Error: Key error.
inffile [print] -- Reg Error: Key error.
inifile [open] -- Reg Error: Key error.
inifile [print] -- Reg Error: Key error.
InternetShortcut [open] -- Reg Error: Key error.
InternetShortcut [print] -- Reg Error: Key error.
jsfile [edit] -- Reg Error: Key error.
jsfile [open] -- Reg Error: Key error.
jsfile [print] -- Reg Error: Key error.
jsefile [edit] -- Reg Error: Key error.
jsefile [open] -- Reg Error: Key error.
jsefile [print] -- Reg Error: Key error.
piffile [open] -- Reg Error: Key error.
regfile [edit] -- Reg Error: Key error.
regfile [open] -- Reg Error: Key error.
regfile [merge] -- Reg Error: Key error.
regfile [print] -- Reg Error: Key error.
scrfile [config] -- Reg Error: Key error.
scrfile [install] -- Reg Error: Key error.
scrfile [open] -- Reg Error: Key error.
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- Reg Error: Key error.
txtfile [print] -- Reg Error: Key error.
txtfile [printto] -- Reg Error: Key error.
vbefile [edit] -- Reg Error: Key error.
vbefile [open] -- Reg Error: Key error.
vbefile [print] -- Reg Error: Key error.
vbsfile [edit] -- Reg Error: Key error.
vbsfile [open] -- Reg Error: Key error.
vbsfile [print] -- Reg Error: Key error.
wsffile [edit] -- Reg Error: Key error.
wsffile [open] -- Reg Error: Key error.
wsffile [print] -- Reg Error: Key error.
wshfile [open] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Folder [open] -- Reg Error: Key error.
Folder [explore] -- Reg Error: Key error.
Drive [find] -- Reg Error: Key error.
Applications\iexplore.exe [open] -- Reg Error: Key error.

[color=#E56717:271cfb05af]========== Security Center Settings ==========[/color:271cfb05af]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717:271cfb05af]========== System Restore Settings ==========[/color:271cfb05af]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717:271cfb05af]========== Firewall Settings ==========[/color:271cfb05af]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717:271cfb05af]========== Authorized Applications List ==========[/color:271cfb05af]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717:271cfb05af]========== Vista Active Open Ports Exception List ==========[/color:271cfb05af]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C79957-20B9-44B5-8440-66CAB005F0B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{05FB11B8-0A7E-4CE0-8B69-5578757DED16}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{09831E0B-A013-4A95-8961-3DE7AE5C3D5A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0AE0C594-B7EC-492E-9BDF-0954F4385E71}" = lport=139 | protocol=6 | dir=in | app=system |
"{13AF11F9-5A4C-4B16-85FD-2202A956D47C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{17344F56-C4AD-4E66-A4E0-93EF51B3EF56}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{1DB82160-49E7-44B3-B1DD-FBD5256A52B1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{202E6B45-9084-41DA-B91C-EB72F53F17F5}" = rport=138 | protocol=17 | dir=out | app=system |
"{316035C6-FA04-4CDD-8415-564B44B717D8}" = lport=138 | protocol=17 | dir=in | app=system |
"{39D8368D-D7F2-405B-9FF4-ADEFAECF25C5}" = lport=137 | protocol=17 | dir=in | app=system |
"{3AD4787D-426D-493A-960F-83838A79CD9C}" = lport=445 | protocol=6 | dir=in | app=system |
"{527ECF6F-AE43-422B-BF0C-94BECDAAC29E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{67D55EB3-06CD-4179-9629-655CA4AE887A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6D327779-91F6-4C41-B285-6D6154427B58}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BD2B2049-A08D-4AA2-AE85-EADF0183D882}" = rport=445 | protocol=6 | dir=out | app=system |
"{BF4EF355-CD20-4166-B7E2-8662EFF29D30}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C210EBA3-9AEE-43E9-9BEB-1AFFA388E203}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C5C62038-657A-4A38-B961-9B2D31D137D5}" = rport=137 | protocol=17 | dir=out | app=system |
"{C9CDC2BC-378B-4174-AB99-527C5A2D1960}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D434F023-D635-4966-B156-601316D4F2A9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E69032D9-7911-4F35-8241-D163312D8E19}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F28A7C3B-90FF-4E75-B9F3-BB65861A770B}" = rport=139 | protocol=6 | dir=out | app=system |
"{F3956E52-24CD-4924-8A43-2421A53AEA71}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F9E7C779-15CA-4F22-B144-3BC7F9130F58}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FABAD750-BB88-42AE-B575-1E3BD42A948F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FBFAB750-44E8-47BD-A3C8-288986133808}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

[color=#E56717:271cfb05af]========== Vista Active Application Exception List ==========[/color:271cfb05af]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CF37AD0-C727-42F9-8CC4-7C181803C7BA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0E772C5E-FC2C-492D-B5E4-CEC5C4A21C95}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{24159907-9B96-4EB2-BEF0-30B9F929B34C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{27BADE41-2482-478B-B151-B4F9992CC7BF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{31587243-00BF-4472-A89A-F7BFEDB3E668}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{31F4377E-41A2-4DE8-8C02-85877147E55F}" = protocol=6 | dir=out | app=system |
"{3AABDC20-7255-470E-A263-BE010481F8B0}" = dir=in | app=c:\program files (x86)\finaltorrent\finaltorrent.exe |
"{423236C1-F4A5-4647-8580-83F5875

Tellie 23 mei 2012, 21:11

Sorry, er ontbreekt toch nog een deel maar heb dat te laat gezien waardoor ik het logje al afgesloten heb...

Abraham54 23 mei 2012, 21:21

Je hebt een Acer.
Dus de Windows in die PC van jouw zit volgestopt met Acer crapware, waarvan het overgrote deel nutteloos aktieve processen in Windows zet.
Wat je kan doen is het volgende:
Behalve E-Powermanagent en E-Recovery mag je de rest van alle Acer software via Start\Configuratiescherm\Programma's en onderdelen verwijderen.
Daarna herstart jij de PC en laat je weten hoeveel processen er dan nog over zijn.

Tellie 23 mei 2012, 21:44

Processen: 90 (was trouwens 82, voordat ik internet opstartte)
Processorgebruik: 0%
Fysiek geheugen: 40%
P.s. bij de bestanden van Acer die ik heb verwijderd zag ik ook een hele lijst met bestanden van Oberon Media staan. Volgens mij is dat ook allemaal onzin van Acer, maar heb geprobeerd ze te verwijderen maar dat wou op de één of andere manier niet lukken.

Tellie 23 mei 2012, 21:46

Processen zijn nu overigens weer gezakt naar 85.

Abraham54 23 mei 2012, 22:23

Processen is nog steeds hoog hoor.
Maar we gaan kijken waar dat Oberon Media precies zit!
Welk programma: Zoek.exe
Waarvoor/waarom: multifunktioneel tool
Moeilijkheidsgraad: geen.
Download: zoek.exe
"Zoek.exe" gebruiken:
[list:2f1d03b3bc][*:2f1d03b3bc] [color=#0000FF:2f1d03b3bc]Sluit nu eerst alle nog openstaande programmavensters![/color:2f1d03b3bc]
[*:2f1d03b3bc]Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
([color=#0000FF:2f1d03b3bc]hier[/color:2f1d03b3bc] of [color=#0000FF:2f1d03b3bc]hier[/color:2f1d03b3bc]) kan je lezen hoe je dat doet.
[list:2f1d03b3bc][*:2f1d03b3bc][color=#0000FF:2f1d03b3bc]Windows 2000[/color:2f1d03b3bc] en [color=#0000FF:2f1d03b3bc]Windows XP[/color:2f1d03b3bc]: start het tool middels dubbelklik op "Zoek.exe".
[*:2f1d03b3bc][color=#0000FF:2f1d03b3bc]Windows Vista[/color:2f1d03b3bc] en [color=#0000FF:2f1d03b3bc]Windows 7[/color:2f1d03b3bc]: start het tool middels rechtsklik op "Zoek.exe" en dan kiezen voor Als Administrator uitvoeren.[/list:u:2f1d03b3bc]
[*:2f1d03b3bc]Vervolgens zal er een nieuw venster openen.
[*:2f1d03b3bc]Met je muis selecteer je nu de volgende keuze "[color=#0000FF:2f1d03b3bc]Custom search[/color:2f1d03b3bc]"(2e keuzerondje onder het invulvenster)
[*:2f1d03b3bc]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege invulvenster
[color=#0000FF:2f1d03b3bc]
Oberon Media;
[/color:2f1d03b3bc]

[*:2f1d03b3bc]Klik nu op de knop "[color=#0000FF:2f1d03b3bc]Run script[/color:2f1d03b3bc]".
[*:2f1d03b3bc]Wacht vervolgens geduldig af tot er een logje opent.
[*:2f1d03b3bc]Post dan de inhoud van het geopende logje in het volgende bericht.[/list:u:2f1d03b3bc]

Tellie 23 mei 2012, 22:30

Het is niet veel, maar hier de resultaten van het logje:
Zoek.exe Version 3.0.0.2 Updated 15-05-2012
Tool run by Jordy on wo 23-05-2012 at 22:25:54,48.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running from: C:\Users\Jordy\Downloads\zoek.exe
==== Folders Found ======================
==== Files Found ======================

Tellie 23 mei 2012, 22:31

Het is trouwens ook niet mogelijk om Clear.fi van Acer te verwijderen..

Abraham54 23 mei 2012, 22:36

We gaan even wat anders doen:
Welk programma: Trend Micro Hijack This Versie 2.0.4
Waarvoor/waarom: maakt een duidelijk overzicht van Windows door middel van een scan.
Moeilijkheidsgraad: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven.
Download de HijackThis Installer
Installatie:
[list:1ccdb4047b][*:1ccdb4047b]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:1ccdb4047b]
Gebruikers van Windows Vista en Windows 7 gaan daarna naar de installatielokatie van HijackThis.
[list:1ccdb4047b][*:1ccdb4047b]Vervolgens met rechts hijackthis.exe aanklikken en dan Eigenschappen kiezen.
[*:1ccdb4047b]Klik nu op de tab Comptabiliteit en zet dan een vinkje bij Als Administrator uitvoeren.
[*:1ccdb4047b]Als laatste wordt dan nog op Toepassen en OK geklikt[/list:u:1ccdb4047b]
Hijack This gebruiken:
[list:1ccdb4047b][*:1ccdb4047b]Sluit eerst alle openstaande programma's en de webbrowsers.
[*:1ccdb4047b]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile'
[list:1ccdb4047b][*:1ccdb4047b]Start HijackThis op met het scanvenster, klik dan eerst op de knop 'Main Menu'[/list:u:1ccdb4047b]
[*:1ccdb4047b]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'.
[*:1ccdb4047b]Kopieer en plak de inhoud van het Hijack This-logfile in je volgende bericht.
[*:1ccdb4047b]Hierna mag je Hijack This weer sluiten[/list:u:1ccdb4047b]

Tellie 23 mei 2012, 22:47

Hier het logje:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:46:03, on 23-5-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1"
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-21-1781743323-2443383540-730848164-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1781743323-2443383540-730848164-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1781743323-2443383540-730848164-1000\..\RunOnce: [spchecker] "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1781743323-2443383540-730848164-1000\..\RunOnce: [AVG search provider] "C:\Program Files (x86)\AVG\AVG10\SearchProvider.exe" /AFTERINST (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} (IBM Lotus iNotes 8.5 Control) - https://webmail.saxion.nl/dwa85W.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASP.NET-statusservice (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11887 bytes

Tellie 23 mei 2012, 22:49

Hoop dat ik het goed heb gedaan, wist namelijk niet wat je bedoelde met start Hijack op met het scanvenster..

Abraham54 23 mei 2012, 23:25

Je hebt het prima gedaan hoor.
Je gaat naar Uitvoeren
Uitvoeren kan ook gestart worden door gelijktijdig de "Windowstoets + R-toets" in te drukken.
De opdracht luidt: msconfig
In het nieuwe venster Systeemconfiguratie klik je op de tab Opstarten.
Hieronder staat een lijst van tools die opstarten, maar die je mag uitvinken:
IAStorIcon
SuiteTray
EgisTecPMMUpdate
EgisUpdate
Adobe Reader Speed Launcher
MDS_Menu
ArcadeMovieService
Spotify Web Helper

Klik daarna op de knoppen Toepassen en OK.
In het nieuwe vensterje klik je vervolgens op Nu opnieuw opstarten

Tellie 24 mei 2012, 14:09

Ik zal het direct doen als ik straks thuis kom!

Abraham54 24 mei 2012, 14:47

Dan ben ik benieuwd hoe jouw notebook daarop heeft gereageerd.

Tellie 24 mei 2012, 17:05

Ik kan enkel 'Spotify Web Helper' en 'IAStorIcon' vinden. Van Egis zie ik niet het programma staan die jij aangeeft, wel 2 andere. Die 2 heten beide 'EgisTec in-Product Service' van 'Egis Technology Inc'. Daarnaast zie ik ook nog 3 dingen van 'Cyberlink Corp.' staan, namelijk 'MUI StartMenu Application', 'Clear.fi movie' en 'MyWinLocker Suite'. Ik heb de 2 programma's die jij aangaf uitgezet en de pc opnieuw gestart. Die 3 programma's van 'Cyberlink Corp' heb ik nog niet afgesloten. Wacht eerst jou reactie af of dit wel nodig is.. Voor de duidelijkheid, alle andere programma's die je aangaf kan ik niet vinden.

Tellie 24 mei 2012, 17:13

Ik heb trouwens ComboFix, HiJackThis en dds (+ dat attach bestandje) nog op het bureaublad staan.., kan ik deze alweer verwijderen?

Abraham54 24 mei 2012, 18:01

Alles wat je vermeld hebt in je voorlaatste bericht mag je allemaal uitschakelen.
Opruimen doen we is we klaar zijn.

Tellie 24 mei 2012, 18:15

Heb alles uitgeschakeld.. Hapert helaas nu nog steeds tijdens het typen. Lijkt ook nog totaal geen verbetering in te zitten.

Tellie 24 mei 2012, 18:24

Het haperen is direct na het opstarten wel een stuk heftiger dan wanneer de laptop een paar minuten aan staat. Hoewel het haperen dan een stuk minder is, blijft het bestaan. Na het opstarten hapert hij bijv. bij het typen van een tekstje hierin om de 3-4 woorden. Tijdens het intypen van deze tekst heeft hij maar 1 keer gehaperd. Echt vreemd..

Tellie 24 mei 2012, 22:27

Processen staan nu trouwens op 77, de rest is gelijk gebleven.

Tellie 25 mei 2012, 17:42

Het gaat echt heel goed vandaag. Net terug van werk en de laptop aangezet, en hij heeft maar een paar keer heel even gehaperd. Daarnaast is die ook echt verschrikkelijk snel. Ik denk dat we moeten kijken of het mogelijk is om de processen te verlagen. Hij staat op dit moment op 75. Ik hoop dat dit nog een stuk te verminderen is op de 1 of ander manier...

Abraham54 25 mei 2012, 17:45

Hoi start nogmaals msconfig.
Klik vervolgens op de tab Services
Zet nu eerst onderaan links in het venster een vinkje bij Alle Microsoft Services verbergen.
Over blijven dan de services van andere software, o.a. Acer.
Haal daar de vinkjes bij weg.
Klik dan op Toepassen en dan op OK.
Kies vervolgens voor het opnieuw opstarten.
Ik ben benieuwd.

Tellie 26 mei 2012, 02:26

Ik heb de volgende programma's uitgeschakeld:
- EgisTec Ticket Service
- Acer ePower Service
- FLEXnet License Service
- McAfee SiteAdvisor Service
- Internet Pass-Through Service
- Steam Client Service
Van de Volgende programma's wil ik eerst bevestiging of ik ze wel kan uitschakelen, omdat ik het gevoel heb dat deze wél ingeschakeld moeten zijn:
- Intel(R) Content Protection HECI Service
- Intel(R) Rapid Storage Technoligy
- Intel(R) Management and Security Application Local Management Service
- NVIDIA Driver Helper Service
- NVIDIA Update Service Daemon
- Intel(R) Turbo Boost Technology Monitor 2.0
- Intel(R) Management and Security Application User Notification Service

Abraham54 26 mei 2012, 11:00

Van mij mag je beide nVidia services uitzetten.
Ook mag uit:
- Intel(R) Content Protection HECI Service
- Intel(R) Management and Security Application User Notification Service
- Intel(R) Management and Security Application Local Management Service
Als je de Turboboost display kan missen:
- Intel(R) Turbo Boost Technology Monitor 2.0
Wat betreft Steam, die "Steam Client Service" kan je misschien beter weer inschakelen.

Tellie 26 mei 2012, 12:49

Oke, allemaal uitgevoerd. Het haperen is sterk verminderd. de laptop is een stuk sneller maar het is toch nog niet over. Zo had ik gisteren vrijwel helemaal geen last van haperen. En nu hapert hij toch wel een aantal keer. Hoewel deze haperingen een stuk korter zijn dan voorheen, zijn ze er nog wel.

Abraham54 26 mei 2012, 12:58

Doe het volgende: een Schijfcontrole gaan doen.
Klik daarvoor Computer open en vraag vervolgens de Eigenschappen van --> "C" op.
Klik nu op de tab Extra
Klik vervolgens op de knop Nu controleren in het gedeelte waar staat "Hiermee kunt u het station op fouten controleren".
In het nieuwe venstertje zorg je ervoor dat beide opties aangevinkt zijn.
Vervolgens krijg je de melding dat Windows voor die actie moet herstarten.
Doe dat dan ook.
Hierdoor wordt de systeemschijf niet alleen op clusterfouten gecontroleerd, maar ook op fouten in het bestandssysteem die dan gerepareerd worden.
Afhankelijk van de omvanggrootte van Windows en de grootte van de schijven, kan deze scan enige tijd in beslag nemen!

Tellie 26 mei 2012, 21:02

Heb de schijfcontrole ook uitgevoerd.

Abraham54 27 mei 2012, 09:49

Oké en hoe gaat het nu dan.
Overigens, welke browser is jouw favoriet?

Tellie 27 mei 2012, 10:49

Het haperen is nog steeds niet volledig verdwenen. Het is echt sterk verbeterd ten opzichte van een week geleden, maar nog steeds niet volledig verholpen.
Tijdens het typen van deze tekst haperde hij 3 keer. Mijn favoriete browser is Google Chrome.

Abraham54 27 mei 2012, 10:52

Heb jij in Chrome soms teveel add-ons gezet?

Tellie 27 mei 2012, 13:53

Zijn "Add Ons" ook wel extensies? Ik heb namelijk in Chrome het volgende webadres ingetikt: chrome://extensions. De enige actieve is Avast.

Tellie 27 mei 2012, 15:01

TFC uitvoeren ging prima maar toen ik O&O nog maar net 10 minuten aan had staan sloeg de laptop op tilt. Ik kreeg 1 of ander blauw scherm te zien met een hele boel tekst, het enige wat ik nog weet is iets over "een crash dump voorkomen" en dat ik de pc af moest sluiten als dit de eerste keer was dat ik dit scherm zag..

Abraham54 27 mei 2012, 15:07

Gaat niet goed dus en waarom dat bij defragmenteren moet gebeuren is mij een raadsel.
WhoCrashed introductie
WhoCrashed beschrijving
Download de free home edition van WhoCrashed naar je bureaublad via klik hier en installeer het tool via klikken/dubbelklikken op "whocrashedSetup.exe"
Nadat 'WhoCrashed' is opgestart, klik je op de "Analyze" knop.
Selekteer nu de inhoud van het venster, kopieer dit en post het resultaat in je volgende post.

Tellie 27 mei 2012, 15:44

Als ik op Analyze druk staat er: "Please scroll down the window to read the report". Hier volgt een kopie van alles wat er op het scherm staat:
--------------------------------------------------------------------------------
Welcome to WhoCrashed (HOME EDITION) v 3.04
--------------------------------------------------------------------------------
This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution.
Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice.
This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. If will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.
To obtain technical support visit www.resplendence.com/support
Click here to check if you have the latest version or if an update is available.
Just click the Analyze button for a comprehensible report ...
--------------------------------------------------------------------------------
Home Edition Notice
--------------------------------------------------------------------------------
This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which also allows analysis of crashdumps on remote drives and computers on the network and offers a range of additional features.
Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.
--------------------------------------------------------------------------------
System Information (local)
--------------------------------------------------------------------------------
computer name: JORDY-PC
windows version: Windows 7 Service Pack 1, 6.1, build: 7601
windows dir: C:\Windows
CPU: GenuineIntel Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz Intel586, level: 6
8 logical processors, active mask: 255
RAM: 4139499520 total
VM: 2147352576, free: 1958182912
--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------
Crash dump directory: C:\Windows\Minidump
Crash dumps are enabled on your computer.
No valid crash dumps have been found on your computer
--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------
Crash dumps are enabled but no valid crash dumps have been found. It may be that there are problems which prevent crash dumps from being written out. Check out the following article for possible causes: If crash dumps are not written out.
In case your computer does experience sudden reboots it is likely these are caused by malfunctioning hardware, power failure or a thermal issue. To troubleshoot a thermal issue, check the temperature using your BIOS setup program, check for dust in CPU and motherboard fans and if your computer is portable make sure it's located on a hard surface. Otherwise it's suggested you contact the support department of the manufacturer of your system or test your system with a memory test utility for further investigation.
Check out the following articles for more information: Troubleshooting sudden resets and shut downs.
Read the topic general suggestions for troubleshooting system crashes for more information.
Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

Abraham54 27 mei 2012, 16:02

Jammer, geen analyse.
Heb je intussen nog weer van die BlueScreensOfDeath (BSOD's) gehad?

Tellie 27 mei 2012, 16:09

Nee, nergens last van. Alleen die enkele keer tijdens het uitvoeren van dat programma O&O.

Abraham54 27 mei 2012, 16:29

Start O&O defrag dan maar weer op je jouw Windows te optimeren.

Tellie 27 mei 2012, 16:31

Is het niet gevaarlijk dan om kans te lopen dat het weer misgaat?

Abraham54 27 mei 2012, 16:39

Dat kan alleen proefsgewijs ondervonden worden.
Dus start O&O-Defrag.
Ik heb dit echt nog nooit meegemaakt, dat door een defragmentering te starten, dat dit resulteert in een BSOD.

Tellie 27 mei 2012, 16:51

Als ik O&O open zie ik een scherm met bovenin de optie "start". Als ik dan mijn "C-schijf" selecteer en dan op start druk is het goed? Of moet ik nog iets anders aan- of uitzetten?

Tellie 27 mei 2012, 16:53

Ik zie "smart defrag" namelijk ook nergens staan.. Sorry voor het gezeur van mij, maar ben toch een beetje huiverig.

Abraham54 27 mei 2012, 16:58

Iobit Smart Defrag.
Dat is Chinese software, mogelijk met gestolen techniek van O7O en of PerfektDisk.
Start nu O&O en start de defragmentering daarmee.

Tellie 27 mei 2012, 18:53

Ik heb alles uitgevoerd, en het is ditmaal, gelukkig, goed gegaan!

Abraham54 27 mei 2012, 18:59

Mooi zo.
Heb je ook het idee, dat alles nu sneller gaat?

Tellie 27 mei 2012, 19:56

Het gaat wel super snel nu ja.., máár de snelheid is sowieso al sterk verbeterd. Het probleem is, en blijft ondanks de sterk verbeterde snelheid gewoon het af en toe haperen. Hoewel dat ook telkens iets verbetert, want tijdens het typen van deze tekst heeft hij niet 1 keer (!!!) gehaperd.
Ik zal straks na het eten even kijken of het spelen van spellen al weer kan. Daar kan ik namelijk het beste kijken of hij nog hapert, of niet.

Abraham54 27 mei 2012, 20:10

Ga eens naar www.speed.io en post de gegevens van de test.

Tellie 27 mei 2012, 20:15

Hoop dat je het zo kan zien.. :

Tellie 27 mei 2012, 20:17

Er stond trouwens "excellent" bij, dus ik denk dat daar het probleem niet zit.

Abraham54 27 mei 2012, 20:23

Aan die snelheid kan het inderdaad niet liggen.
Het blijft een raadseltje dus.
Het oorspronkelijke probleem is overigens een stuk minder nu.
En dat haperen heb je niet als je Word en co werkt?

Tellie 27 mei 2012, 20:45

Jawel, ook in Word, of bij het typen van een tekst in Facebook. Maar ook soms bij het verplaatsten van een mapje, of als ik aan het scrollen ben.
Maar voordat ik met jou in contact ben gekomen kon ik echt niet meer werken met Word, omdat de laptop dan echt om de 3-4-5 woorden haperde.
Nu is dat haperen in Word bijna voorbij, alleen in het begin even, en dan nog een enkele keer af en toe.

Tellie 27 mei 2012, 20:54

Spellen spelen is echt nog niet te doen. Constante haperingen, ook als ik het spel op optimale stettings, of zelfs nog lager zet. En dat terwijl ik het een jaar lang zonder problemen en zonder enkele haperingen kon gamen (niet dat ik veel game, maar die enkele keer dat ik het deed ging het altijd prima).
Mijn laptop werkt volgens mij standaard via Intel HD Graphics. Als ik ga gamen werkt hij volgens mij met de Nvidia GeForce GT540M. Zou het niet kunnen dat er iets mis is met de koppeling tussen deze kaart en de geïntegreerde versie van Intel? Heb geen idee of dit überhaupt kan, maar probeer een beetje mee te denken.. :wink:

Abraham54 27 mei 2012, 20:56

Dan heb ik het vermoeden dat er hardware interrupts constant bezig zijn!
Is het een PC of een notebook?
Merk en type-aanduiding?
Ik lees net dit op http://www.laptopshop.nl/product/133355/acer-aspire-5750g-2414g64mn.html bij de reviews:
Verder heb ik "QuietHDD" ook geinstalleerd. Hiermee kun je het Advanced Power Management van de hardeschijf aanpassen. Zodat deze zich niet meer uitschakelt, als er een paar seconde niks van hem gevraagd wordt. Dit vermindert slijtage en stopt het *klik* geluid dat je van je hardeschijf hoort komen. Plaats een snelkoppeling naar dit programma in je opstart folder, zodat windows hem iedere keer start zodra jij je laptop aan zet. Programmatje van 60kb dat een achtergrond process draait van 1.15mb, niet te merken dus.

Tellie 27 mei 2012, 20:59

Notebook een Acer Aspire 5750G met een Intel Core i7-2630QM (2.0GHz, 6MB L3 cache) processor. Met een NVIDIA GeForce GT540M. Met 4 GB DDR3 Memory en 640 GB HDD.

Tellie 27 mei 2012, 21:03

En hoe installeer ik dat "QuietHDD", en wat moet ik precies doen?

Abraham54 27 mei 2012, 21:42

Laten we nu eerst overigens kijken hoe bij jouw Energiebeheer is ingericht.
Dat vindt je in het Configuratiescherm.
Mijn notebook is zo ingesteld dat de harddisk zowel op accu alsook via de netadapter nooit uitgeschakeld wordt.
Ik gebruik ook geen slaapstand!
Mijn notebook staat of aan of is uit.

Tellie 28 mei 2012, 11:22

Ik heb bij energiebeheer de optie "gebalanceerd" aan staan.

Tellie 28 mei 2012, 11:23

Het is ook mogelijk om "energiebesparing" of "hoge prestaties" te selecteren.

Abraham54 28 mei 2012, 12:09

Inderdaad heb je meerdere mogelijkheden.
gebalanceerd wil enkel dit zeggen: dan wordt de processor in snelheid verlaagd of verhoogd, al naar gelang de te leveren prestaties.
Dat houdt dan weer verband met de benodigde energie.
Waar het nu om gaat, is de instelling voor de HD!

Tellie 28 mei 2012, 12:13

Oke, waar vind ik die en wat moet ik daarmee doen?

Abraham54 28 mei 2012, 13:45

Als je een van de energieinstellingen open hebt geklikt, dan zie je een link "Geavanceerde enenrgie-instellingen wijzigen".
Daarin vindt je veel mogelijkheden!

Tellie 28 mei 2012, 13:58

Dat klopt, dan zit ik toch goed. Maar daar zit geen "optie" HD bij.

Tellie 28 mei 2012, 14:02

Of is dat de optie "harde schijf"?

Abraham54 28 mei 2012, 14:29

Yes!

Tellie 28 mei 2012, 15:24

Die staat ingesteld als volgt:
Harde schijf uitzetten na
Op accu: na 2 minuten
Op netstroom: na 15 minuten

Abraham54 28 mei 2012, 15:29

Maak daar eens nooit van en klik daarna meteen op de knop Toepassen.
En dan ben ik benieuwd of dat geholpen heeft.

Tellie 28 mei 2012, 15:36

Heb beide op "nooit" gezet.

Tellie 28 mei 2012, 15:41

Maar gamen blijft onmogelijk. Constante haperingen vrij snel achter elkaar. In Word, of op internet gaat het een stuk beter. Haperingen blijven aanwezig, maar is wel verminderd ten opzichte van een aantal weken geleden.

Abraham54 28 mei 2012, 16:00

Dan denk ik toch aan een storingsfaktor in de hardware.
Laat je notebook van de week eens in een echte PC-Winkel nakijken.
Heb je overigens nog garantie?

Tellie 28 mei 2012, 16:05

Ja, ik heb nog ruim een half jaar fabrieksgarantie van Acer. Daarnaast heb ik ook nog garantie via bol.com.
Ik heb al eens contact gehad over de garantie, maar omdat waarschijnlijk alles van de laptop verwijderd wordt wou ik het eerst zo nog eens proberen.
Maar helaas is dat niet gelukt. Ik wil je wel ontzettend bedanken voor alle hulp die je hebt gegeven!!

Abraham54 28 mei 2012, 16:07

Ik heb je graag geholpen hoor.
Beschik je over een externe opslag overigens?

Tellie 28 mei 2012, 20:48

Ik heb wel een externe harde schijf, dus moet alle belangrijke bestanden maar zolang daar naartoe verplaatsen. Wel kut, want zal die laptop wel een aantal weken kwijt zijn dan..

Antwoord niet gevonden? Stel hier je vraag: