Vraag & Antwoord

Beveiliging & privacy

HElLUP.....please...

12 antwoorden
  • [url]http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1495877#1495877[/url] Zie bovenstaande bericht in een ander topic. Wie o wie wet wat er aan de hand kan zijn???
  • We gaan beginnen: [b:0b6511d370]Welk programma[/b:0b6511d370]: [color=#008000:0b6511d370][b:0b6511d370]OTL.exe[/b:0b6511d370][/color:0b6511d370] [b:0b6511d370]Waarvoor/waarom[/b:0b6511d370]: multifunktioneel tool - analyse en fix [b:0b6511d370]Moeilijkheidsgraad[/b:0b6511d370]: geen. [b:0b6511d370]Download[/b:0b6511d370]: [url=http://oldtimer.geekstogo.com/OTL.exe][b:0b6511d370][color=red:0b6511d370]OTL.exe[/color:0b6511d370][/b:0b6511d370][/url] en plaats het bestand op het bureaublad. [b:0b6511d370]Sluit voordat [color=#008000:0b6511d370]OTL.exe[/color:0b6511d370] gaat scannen, eerst alle andere openstaande vensters![/b:0b6511d370] [b:0b6511d370][color=#008000:0b6511d370]OTL.exe[/color:0b6511d370] gebruiken[/b:0b6511d370]: [list:0b6511d370][*:0b6511d370] [b:0b6511d370][color=#FF0000:0b6511d370]Sluit nu eerst alle nog openstaande programmavensters![/color:0b6511d370][/b:0b6511d370] [list:0b6511d370][*:0b6511d370][b:0b6511d370][color=#0000FF:0b6511d370]Windows 2000[/color:0b6511d370][/b:0b6511d370] en [color=#0000FF:0b6511d370][b:0b6511d370]Windows XP[/b:0b6511d370][/color:0b6511d370]: dubbelklik op [color=#008000:0b6511d370][b:0b6511d370]OTL.exe[/b:0b6511d370][/color:0b6511d370]. [*:0b6511d370][color=#0000FF:0b6511d370][b:0b6511d370]Windows Vista[/b:0b6511d370][/color:0b6511d370], [color=#0000FF:0b6511d370][b:0b6511d370]Windows 7[/b:0b6511d370][/color:0b6511d370] en [color=#0000FF:0b6511d370][b:0b6511d370]Windows 8[/b:0b6511d370][/color:0b6511d370]: via rechtsklik op [color=#008000:0b6511d370][b:0b6511d370]OTL.exe[/b:0b6511d370][/color:0b6511d370] en kies voor "Als Administrator uitvoeren".[/list:u:0b6511d370][/list:u:0b6511d370] [list:0b6511d370][*:0b6511d370]Zet een vinkje bij [color=#0000FF:0b6511d370][b:0b6511d370]Scan All Users[/b:0b6511d370][/color:0b6511d370], [color=#0000FF:0b6511d370][b:0b6511d370]LOP Check[/b:0b6511d370][/color:0b6511d370] en bij [color=#0000FF:0b6511d370][b:0b6511d370]PURITY Check[/b:0b6511d370][/color:0b6511d370]. [*:0b6511d370]Kopieer en plak ondervermelde (vetgedrukte, blauwe tekst) in het kader onder [img:0b6511d370]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:0b6511d370] [color=#0000FF:0b6511d370][b:0b6511d370] services.* explorer.exe winlogon.exe Userinit.exe svchost.exe netsvcs BASESERVICES DRIVES msconfig %SYSTEMDRIVE%\*.exe %SYSTEMDRIVE%\*.* %systemroot%\system32\Spool\prtprocs\w32x86\*.dll %systemroot%\*. /mp /s %systemroot%\system32\*.sys /90 %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\system32\*.exe /lockedfiles %systemroot%\System32\config\*.sav %PROGRAMFILES%\* %USERPROFILE%\..|smtmp;true;true;true /FP HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU hklm\software\clients\startmenuinternet|command /rs hklm\software\clients\startmenuinternet|command /64 /rs CREATERESTOREPOINT[/color:0b6511d370][/b:0b6511d370] [*:0b6511d370]Klik vervolgens op de knop [img:0b6511d370]http://www.imgdumper.nl/uploads6/50cd93c69c626/50cd93c69be5b-OTL_-_Run_Scan_knop.jpg[/img:0b6511d370]. [*:0b6511d370]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef. [*:0b6511d370]De scan zal niet heel erg lang duren. [list:0b6511d370][*:0b6511d370]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:0b6511d370]OTL.Txt[/b:0b6511d370] en [b:0b6511d370]Extras.txt[/b:0b6511d370]. [*:0b6511d370]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:0b6511d370] [*:0b6511d370][color=#008000:0b6511d370][b:0b6511d370]Notabene:[/b:0b6511d370][/color:0b6511d370] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:0b6511d370]
  • [color=red:cf258de183]OTL.txt[/color:cf258de183] ...
  • [color=red:87714cb87e]extras.txt[/color:87714cb87e] Deze heb ik er eenmalig voorgekregen echter niet als administrator uitgevoert. Darna wel echter niet meer dit kladblokje gekregen. Morgen nieuwe poging.
  • Bij een nieuwe run wordt dat extras.txt niet meer aangemaakt. Jammer, maar ook het geposte log is niet compleet. Dus: inderdaad graag nogmaals doen en nu goed.
  • OTL logfile created on: 30-1-2013 0:26:31 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dhr. P. de Jonge\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3,91 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 44,32% Memory free 7,82 Gb Paging File | 4,86 Gb Available in Paging File | 62,08% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 149,04 Gb Total Space | 65,47 Gb Free Space | 43,93% Space Free | Partition Type: NTFS Drive D: | 425,64 Gb Total Space | 420,32 Gb Free Space | 98,75% Space Free | Partition Type: NTFS Drive E: | 488,08 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: LAPTOP-***** | User Name: Dhr. P. de Jonge | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:53d40fed24]========== Processes (SafeList) ==========[/color:53d40fed24] PRC - [2013-01-28 23:34:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dhr. P. de Jonge\Downloads\OTL.exe PRC - [2013-01-20 20:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Dhr. P. de Jonge\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013-01-09 08:45:31 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-12-12 00:20:50 | 000,542,104 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe PRC - [2012-12-11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe PRC - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe PRC - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe PRC - [2012-09-18 11:47:22 | 000,577,400 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe PRC - [2012-09-18 11:46:48 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe PRC - [2012-09-18 11:46:26 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe PRC - [2012-09-18 11:46:22 | 000,366,456 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe PRC - [2012-09-18 11:46:14 | 000,259,960 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe PRC - [2012-09-18 11:46:10 | 000,375,160 | ---- | M] (BlueStack Systems) -- C:\Program Files (x86)\BlueStacks\HD-Network.exe PRC - [2012-08-30 20:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-08-28 07:41:08 | 000,092,632 | ---- | M] (TomTom) -- D:\TomTom Home 2\TomTomHOMEService.exe PRC - [2012-08-28 07:41:06 | 000,247,768 | ---- | M] (TomTom) -- D:\TomTom Home 2\TomTomHOMERunner.exe PRC - [2011-04-05 03:03:38 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2010-12-21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010-12-21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010-11-16 18:33:06 | 000,965,728 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe PRC - [2010-10-07 22:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2010-09-24 00:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2010-08-21 02:47:58 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe PRC - [2010-08-17 22:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2010-08-13 01:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe PRC - [2010-07-10 06:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe PRC - [2010-07-04 20:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe PRC - [2010-02-03 08:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe PRC - [2009-12-15 18:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009-11-02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009-06-19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2009-06-16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe PRC - [2007-11-30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [color=#E56717:53d40fed24]========== Modules (No Company Name) ==========[/color:53d40fed24] MOD - [2013-01-11 18:18:58 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\24ab5f14e55ae0dec23141f6e59a577c\CustomMarshalers.ni.dll MOD - [2013-01-10 19:35:00 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\07e052b2219f181a8b3da6b7b26cff06\System.Web.ni.dll MOD - [2013-01-10 19:34:18 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c6fb88c8055653672314c29ca4b78a7e\System.Windows.Forms.ni.dll MOD - [2013-01-10 19:34:02 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll MOD - [2013-01-10 19:33:57 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\612bad9f3a4f378c9c09cbb7460e3a93\Accessibility.ni.dll MOD - [2013-01-10 19:33:48 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll MOD - [2013-01-10 19:33:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll MOD - [2013-01-10 19:32:17 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll MOD - [2013-01-10 19:32:00 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll MOD - [2012-10-06 11:54:27 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2012-10-06 11:54:27 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2012-10-06 11:54:26 | 003,190,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2012-08-31 12:02:23 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2011-12-26 20:13:18 | 005,251,072 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2011-07-07 18:23:50 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll MOD - [2010-09-24 00:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe MOD - [2010-08-13 01:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe MOD - [2010-07-04 22:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files (x86)\Unlocker\UnlockerHook.dll MOD - [2010-07-04 20:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe MOD - [2010-07-01 19:21:42 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax MOD - [2009-11-02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009-11-02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2009-08-04 11:13:48 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_nl_b77a5c561934e089\System.resources.dll MOD - [2009-08-04 11:13:42 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll MOD - [2009-06-10 22:23:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2009-06-10 22:23:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2009-06-10 22:22:50 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll MOD - [2009-06-10 22:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll MOD - [2007-11-30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [color=#E56717:53d40fed24]========== Services (SafeList) ==========[/color:53d40fed24] SRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2011-12-20 10:59:50 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2010-11-30 21:19:52 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2010-09-23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2010-04-17 00:07:42 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-12-21 10:44:06 | 000,535,552 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Windows\SysNative\HFGService.dll -- (HFGService) SRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013-01-09 08:45:33 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2012-09-18 11:46:48 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc) SRV - [2012-09-18 11:46:26 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc) SRV - [2012-08-30 20:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-08-28 07:41:08 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- D:\TomTom Home 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2012-08-23 13:59:57 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\DHRP~1.DEJ\AppData\Local\Temp\7zS6D4D\hpslpsvc64.dll -- (HPSLPSVC) SRV - [2012-07-13 13:14:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-03-19 22:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2011-12-20 11:04:12 | 002,028,864 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2011-12-20 10:59:46 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2010-12-21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010-12-21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010-08-21 02:47:58 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-12-15 18:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009-06-16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717:53d40fed24]========== Driver Services (SafeList) ==========[/color:53d40fed24] DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2013-01-05 19:19:53 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-11-15 23:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-10-22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-10-15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-10-02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-09-21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-09-21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-09-14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-08-30 20:14:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-08-20 14:48:50 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-08-20 14:48:48 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-03-19 22:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-03-08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2012-03-01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2011-11-08 15:52:10 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2011-11-08 15:52:09 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2011-10-07 10:49:50 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2011-03-11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2011-03-11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2010-11-20 00:25:40 | 000,210,944 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2010-11-20 00:25:40 | 000,049,664 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2010-11-05 16:45:47 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2010-10-20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2010-10-14 17:28:15 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2010-09-08 12:39:31 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2010-08-11 07:11:25 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2010-06-23 02:31:11 | 000,333,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2010-04-17 00:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-12-21 10:43:36 | 000,052,224 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAudioHF.sys -- (BthAudioHF) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-12-21 10:43:00 | 000,078,848 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthav.sys -- (csr_a2dp) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-07-20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-07-14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-07-14 01:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-06-10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b:53d40fed24]64bit:[/b:53d40fed24] - [2008-05-23 16:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2012-09-18 11:46:38 | 000,071,032 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv) DRV - [2010-10-07 11:34:32 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2010-07-26 21:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2010-07-04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-03 01:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) DRV - [2006-07-24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen) [color=#E56717:53d40fed24]========== Standard Registry (SafeList) ==========[/color:53d40fed24] [color=#E56717:53d40fed24]========== Internet Explorer ==========[/color:53d40fed24] IE:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com IE:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com IE - HKLM\..\URLSearchHook: {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - C:\Program Files (x86)\InnoGames_International\prxtbInno.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=NL&userid=9ac28d0d-9ca0-46cb-8bd0-965f62113feb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com IE - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=NL&userid=9ac28d0d-9ca0-46cb-8bd0-965f62113feb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=NL&userid=9ac28d0d-9ca0-46cb-8bd0-965f62113feb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://112meldingen.nl/http://nl.grepolis.com/ [binary data] IE - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://monitor.p2000alarm.nl/ IE - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=NL&userid=9ac28d0d-9ca0-46cb-8bd0-965f62113feb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=NL&userid=9ac28d0d-9ca0-46cb-8bd0-965f62113feb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OC&dpid=OC&co=NL&userid=9ac28d0d-9ca0-46cb-8bd0-965f62113feb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\..\SearchScopes\{54CA3840-23B8-4CDC-819E-6BA9CDB81811}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3242338 IE - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:53d40fed24]========== FireFox ==========[/color:53d40fed24] FF:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dhr. P. de Jonge\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012-10-29 02:36:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-20 18:13:23 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-20 18:13:23 | 000,000,000 | ---D | M] [2012-06-14 09:50:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dhr. P. de Jonge\AppData\Roaming\mozilla\Extensions [2012-06-14 09:50:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dhr. P. de Jonge\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [color=#E56717:53d40fed24]========== Chrome ==========[/color:53d40fed24] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://feed.helperbar.com/?publisher=OC&dpid=OC&co=NL&userid=9ac28d0d-9ca0-46cb-8bd0-965f62113feb&affid=111585&searchtype=hp&babsrc=lnkry CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: registryAccess (Enabled) = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo\7.14.1.0_0\background/registryAccess.dll CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - Extension: Angry Birds = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\ CHR - Extension: YouTube = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Zoeken = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Command & Conquer Tiberium Alliances = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe\1.0.6_0\ CHR - Extension: AVG Safe Search = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\ CHR - Extension: Super Mario Bros = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbpefcldcpbgefiiloiigfnmmbcfkoa\4.1_0\ CHR - Extension: Gmail = C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b:53d40fed24]64bit:[/b:53d40fed24] - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (InnoGames International Toolbar) - {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - C:\Program Files (x86)\InnoGames_International\prxtbInno.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) O3:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) O3 - HKLM\..\Toolbar: (InnoGames International Toolbar) - {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - C:\Program Files (x86)\InnoGames_International\prxtbInno.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\..\Toolbar\WebBrowser: (no name) - {37E17185-B07A-47B3-BD86-C675E4E4B89A} - No CLSID value found. O3 - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\..\Toolbar\WebBrowser: (InnoGames International Toolbar) - {942CD1D4-9CC1-4D31-876A-EA8F489F7A59} - C:\Program Files (x86)\InnoGames_International\prxtbInno.dll (Conduit Ltd.) O4:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe () O4:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft) O4:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.) O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows (R) Win 7 DDK provider) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus) O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe () O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-932826579-3131961496-3641489139-1002..\Run: [TomTomHOME.exe] D:\TomTom Home 2\TomTomHOMERunner.exe (TomTom) O4 - HKU\S-1-5-21-932826579-3131961496-3641489139-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-932826579-3131961496-3641489139-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows\Overig\Startup\Dropbox.lnk = C:\Users\Dhr. P. de Jonge\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-932826579-3131961496-3641489139-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O13[b:53d40fed24]64bit:[/b:53d40fed24] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab (GMNRev Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.7.2) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.7.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EC540E6-4205-4692-B45A-B26AD18AEC30}: DhcpNameServer = 192.168.2.254 O18:[b:53d40fed24]64bit:[/b:53d40fed24] - Protocol\Handler\linkscanner - No CLSID value found O18:[b:53d40fed24]64bit:[/b:53d40fed24] - Protocol\Handler\livecall - No CLSID value found O18:[b:53d40fed24]64bit:[/b:53d40fed24] - Protocol\Handler\ms-help - No CLSID value found O18:[b:53d40fed24]64bit:[/b:53d40fed24] - Protocol\Handler\msnim - No CLSID value found O18:[b:53d40fed24]64bit:[/b:53d40fed24] - Protocol\Handler\skype4com - No CLSID value found O18:[b:53d40fed24]64bit:[/b:53d40fed24] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b:53d40fed24]64bit:[/b:53d40fed24] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\linkscanner - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:[b:53d40fed24]64bit:[/b:53d40fed24] - Protocol\Filter\text/x-mrml - No CLSID value found O18 - Protocol\Filter\text/x-mrml {C51721BE-858B-4A66-A8BF-D2882FF49820} - C:\Program Files (x86)\Common Files\A&W\MidRadio.ocx (YAMAHA CORPORATION) O20:[b:53d40fed24]64bit:[/b:53d40fed24] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b:53d40fed24]64bit:[/b:53d40fed24] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b:53d40fed24]64bit:[/b:53d40fed24] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2001-10-16 10:13:46 | 000,122,880 | R--- | M] () - E:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [2001-10-12 19:25:32 | 000,000,150 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{5f5e07e8-5f27-11e0-bd29-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{5f5e07e8-5f27-11e0-bd29-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2001-10-16 10:13:46 | 000,122,880 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\..comfile [open] -- "%1" %* O35:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b:53d40fed24]64bit:[/b:53d40fed24] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b:53d40fed24]64bit:[/b:53d40fed24] UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig:64bit - StartUpReg: [b:53d40fed24]ASUS Screen Saver Protector[/b:53d40fed24] - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS) MsConfig:64bit - StartUpReg: [b:53d40fed24]CLMLServer[/b:53d40fed24] - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) MsConfig:64bit - StartUpReg: [b:53d40fed24]RtHDVCpl[/b:53d40fed24] - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT Restore point Set: OTL Restore Point [color=#E56717:53d40fed24]========== Files/Folders - Created Within 30 Days ==========[/color:53d40fed24] [2013-01-29 19:20:07 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{6005CF63-58AC-488A-9800-537AC564F78C} [2013-01-28 23:08:00 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{F3BC9DE3-DC4A-46E4-B8AC-90489FFE057B} [2013-01-28 11:07:36 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{E87B3337-2AD0-4F5C-95AB-C8D5DA3EEBC2} [2013-01-27 12:51:52 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{8026F543-4683-42E5-9FFE-BB509FE5BDC6} [2013-01-26 10:23:35 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{1901E41C-0578-4202-9440-0F7DEEB27918} [2013-01-25 11:10:14 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{5DCA3F8B-C829-430F-A815-021F45738362} [2013-01-24 09:37:14 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{49EE86D5-87DC-4B9A-AA3F-A6C5001CCDD0} [2013-01-23 11:21:08 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{6A1E268D-907C-411A-A279-C8F1621FED7D} [2013-01-22 23:20:42 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{38C13DDF-CB8E-4515-B5E6-B2B84658CD0E} [2013-01-22 17:46:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG January 2013 Campaign [2013-01-22 08:48:30 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{8978673E-6394-4054-93F7-A22C6AC47094} [2013-01-21 19:48:38 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{842AF3DB-CEA3-4717-AFD1-92BBA3C57AEA} [2013-01-20 21:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva [2013-01-20 21:20:20 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva [2013-01-20 20:42:28 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{2C38F12E-4C6E-4727-AE8C-A1CC40E1DAA0} [2013-01-20 11:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2013-01-20 10:59:58 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2013-01-20 09:46:01 | 000,000,000 | ---D | C] -- C:\MFT 208638 [2013-01-20 09:45:51 | 000,000,000 | ---D | C] -- C:\MFT 310966 [2013-01-20 08:42:02 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{853FB4E5-4C37-470A-8F09-FF40F0B83035} [2013-01-19 08:59:18 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{13C3928B-5FD9-4F4A-805F-4ABF91913815} [2013-01-18 09:02:16 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{9DB0D053-24E0-4A9E-AE7D-FEF63ADA2121} [2013-01-17 10:42:09 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{553B3229-CFEF-4D4E-97C9-0B52CE5DC160} [2013-01-16 22:41:44 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{98B6D461-D4A4-450C-988B-75BAB7A2E406} [2013-01-16 09:28:05 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{7E6FE32D-1AF0-4620-BA27-DE44D6BA04D6} [2013-01-15 10:33:34 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{0B3A26DE-43B3-4D11-A831-AF7CC2488581} [2013-01-14 14:25:53 | 000,000,000 | ---D | C] -- C:\Sierra [2013-01-14 14:13:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\directx [2013-01-14 10:09:29 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{29E4B184-74B0-45B2-9451-E6C1C4E81631} [2013-01-13 13:40:29 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{476248EE-ACBC-48D5-8494-D7C65D470B62} [2013-01-12 09:18:35 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{3AA92624-0DF5-4636-91DD-BB8449A4C86A} [2013-01-11 17:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013-01-11 17:41:02 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{EE9E7090-FB99-4067-95BA-336A0EC21EED} [2013-01-10 07:51:54 | 000,000,000 | ---D | C] -- C:\Users\Dhr. P. de Jonge\AppData\Local\{C30DC7A5-D04F-4B5B-93AF-C2740F186E96} [2013-01-09 08:33:39 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013-01-09 08:33:38 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013-01-09 08:33:22 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013-01-09 08:33:18 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013-01-09 08:33:13 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013-01-09 08:33:13 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013-01-09 08:33:13 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013-01-09 08:33:13 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013-01-09 08:33:13 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013-01-09 08:33:13 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013-01-09 08:33:13 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013-01-09 08:33:13 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013-01-09 08:33:13 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013-01-09 08:33:13 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013-01-09 08:33:13 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013-01-09 08:33:13 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013-01-09 08:33:13 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013-01-09 08:33:13 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013-01-09 08:33:13 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013-01-09 08:33:13 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013-01-09 08:33:13 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013-01-09 08:33:13 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013-01-09 08:33:13 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013-01-09 08:33:13 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013-01-09 08:33:13 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013-01-09 08:33:12 | 002,745,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013-01-09 08:33:12 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013-01-09 08:33:12 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013-01-09 08:33:11 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013-01-09 08:33:11 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013-01-09 08:33:11 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013-01-09 08:33:11 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013-01-09 08:33:11 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013-01-09 08:33:11 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013-01-09 08:33:11 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013-01-09 08:33:11 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013-01-09 08:32:54 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013-01-09 08:32:48 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013-01-09 08:32:45 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013-01-09 08:32:45 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013-01-09 08:32:45 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013-01-09 08:32:45 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013-01-09 08:32:45 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013-01-09 08:32:44 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013-01-09 08:32:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013-01-09 08:32:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013-01-09 08:32:43 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013-01-09 08:32:43 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013-01-09 08:32:43 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013-01-09 08:32:43 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013-01-09 08:32:43 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013-01-09 08:32:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 08:32:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 08:32:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 08:32:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 08:32:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 08:32:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 08:32:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 08:32:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 08:32:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 08:32:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 08:32:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 08:32:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 08:32:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013-01-0
  • Het log is weer niet compleet. Ik vermoed dat je alleen wat zichtbaar is in het kladblokdocument selekteert en kopieert. Je browsers zitten vol met ongein! [color=#FF0000:7c9775628f][b:7c9775628f]Stap •1•[/b:7c9775628f][/color:7c9775628f] [b:7c9775628f]Welk programma[/b:7c9775628f]: [color=#008000:7c9775628f][b:7c9775628f]AdwCleaner[/b:7c9775628f][/color:7c9775628f] [b:7c9775628f]Waarvoor/waarom[/b:7c9775628f]: Scanner om Windows op te schonen en te ontdoen van malafide toolbars. [b:7c9775628f]Moeilijkheidsgraad[/b:7c9775628f]: Geen. [b:7c9775628f]Downloadlokatie[/b:7c9775628f]: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen! [b:7c9775628f]Download[/b:7c9775628f]: [url=http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner][color=#FF0000:7c9775628f][b:7c9775628f]AdwCleaner by Xplode[/b:7c9775628f][/color:7c9775628f][/url]. [b:7c9775628f]Opmerkingen[/b:7c9775628f]: [list:7c9775628f][*:7c9775628f][color=#FF0000:7c9775628f][b:7c9775628f] Alle openstaande programma's en webpagina's dienen afgesloten te zijn[/b:7c9775628f][/color:7c9775628f]. [*:7c9775628f]Dat na opstarten van [color=#008000:7c9775628f][b:7c9775628f]AdwCleaner[/b:7c9775628f][/color:7c9775628f] de snelkoppelingen verdwijnen van bureaublad, is normaal.[/list:u:7c9775628f] [b:7c9775628f][color=#008000:7c9775628f]AdwCleaner[/color:7c9775628f] opstarten[/b:7c9775628f]: [list:7c9775628f][*:7c9775628f][b:7c9775628f][color=#0000FF:7c9775628f]Windows 2000[/color:7c9775628f][/b:7c9775628f] en [color=#0000FF:7c9775628f][b:7c9775628f]Windows XP[/b:7c9775628f][/color:7c9775628f]: dubbelklik op adwcleaner.exe. [*:7c9775628f][color=#0000FF:7c9775628f][b:7c9775628f]Windows Vista[/b:7c9775628f][/color:7c9775628f], [color=#0000FF:7c9775628f][b:7c9775628f]Windows 7[/b:7c9775628f][/color:7c9775628f] en [color=#0000FF:7c9775628f][b:7c9775628f]Windows 8[/b:7c9775628f][/color:7c9775628f]: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".[/list:u:7c9775628f] [b:7c9775628f][color=#008000:7c9775628f]AdwCleaner[/color:7c9775628f] is opgestart[/b:7c9775628f]: [list:7c9775628f][*:7c9775628f]Klik op de knop [color=#0000FF:7c9775628f][b:7c9775628f]Verwijderen[/b:7c9775628f][/color:7c9775628f] [*:7c9775628f]Klik bij [color=#0000FF:7c9775628f][b:7c9775628f]AdwCleaner – Afsluiting van de programma's[/b:7c9775628f][/color:7c9775628f] op [b:7c9775628f]OK[/b:7c9775628f] [*:7c9775628f]Klik bij [color=#0000FF:7c9775628f][b:7c9775628f]AdwCleaner – Herstarten noodzakelijk[/b:7c9775628f][/color:7c9775628f] op [b:7c9775628f]OK[/b:7c9775628f][/list:u:7c9775628f] [b:7c9775628f][color=#008000:7c9775628f]AdwCleaner[/color:7c9775628f] logbestand[/b:7c9775628f]: [list:7c9775628f][*:7c9775628f]Nadat de PC opnieuw is opgestart, opent een logfile. [*:7c9775628f]Post vervolgens de inhoud van dit log in je volgende bericht.[/list:u:7c9775628f] [color=#FF0000:7c9775628f][b:7c9775628f]Stap •2•[/b:7c9775628f][/color:7c9775628f] [b:7c9775628f]Welk programma[/b:7c9775628f]: [color=#008000:7c9775628f][b:7c9775628f]HitmanPro 3.7[/b:7c9775628f][/color:7c9775628f] [b:7c9775628f]Waarvoor/waarom[/b:7c9775628f]: Specialistische ondemandscanner om Windows diepgaand te onderzoeken en op te schonen. [b:7c9775628f]Moeilijkheidsgraad[/b:7c9775628f]: Geen, maar lees alles eerst goed. [b:7c9775628f]Downloadlokatie[/b:7c9775628f]: Dit programma absoluut naar het bureaublad downloaden! [b:7c9775628f]Download [color=#008000:7c9775628f]HitmanPro 3.7[/color:7c9775628f] als 32- of als 64-bit versie[/b:7c9775628f]: [list:7c9775628f][*:7c9775628f][url=http://dl.surfright.nl/HitmanPro.exe][color=#FF0000:7c9775628f][b:7c9775628f]HimanPro 3,7 32-bit-versie[/b:7c9775628f][/color:7c9775628f][/url] [*:7c9775628f][url=http://dl.surfright.nl/HitmanPro_x64.exe][color=#FF0000:7c9775628f][b:7c9775628f]HimanPro 3,7 64-bit-versie[/b:7c9775628f][/color:7c9775628f][/url][/list:u:7c9775628f] [b:7c9775628f]HitmanPro 3.7 opstarten[/b:7c9775628f] [list:7c9775628f][*:7c9775628f] [b:7c9775628f][color=#FF0000:7c9775628f]Sluit nu eerst alle nog openstaande programmavensters![/color:7c9775628f][/b:7c9775628f] [*:7c9775628f][b:7c9775628f][color=#0000FF:7c9775628f]Windows 2000[/color:7c9775628f][/b:7c9775628f] en [color=#0000FF:7c9775628f][b:7c9775628f]Windows XP[/b:7c9775628f][/color:7c9775628f]: dubbelklik op HitmanPro 3.7. [*:7c9775628f][color=#0000FF:7c9775628f][b:7c9775628f]Windows Vista[/b:7c9775628f][/color:7c9775628f] en [color=#0000FF:7c9775628f][b:7c9775628f]Windows 7[/b:7c9775628f][/color:7c9775628f]: rechtsklik op HitmanPro 3.7 en kies voor "Als Administrator uitvoeren".[/list:u:7c9775628f] [b:7c9775628f]HitmanPro 3.7 is opgestart[/b:7c9775628f]: [list:7c9775628f][*:7c9775628f] Vink de optie "[b:7c9775628f]Ik accepteer de voorwaarden van de gebruikersovereenkomst aan[/b:7c9775628f]" en klik op "[b:7c9775628f]Volgende[/b:7c9775628f]" [*:7c9775628f] Selecteer de optie "[b:7c9775628f]Nee, ik wil deze computer slechts eenmalig controleren[/b:7c9775628f]" en klik op "[b:7c9775628f]Volgende[/b:7c9775628f]" [*:7c9775628f] De scan zal nu gestart worden, doe verder niets op de computer totdat de scan gereed is. [*:7c9775628f] Als de scan gereed is klik dan op "[b:7c9775628f]Activeer gratis licentie[/b:7c9775628f]" nu komt de melding "[b:7c9775628f]Het product is succesvol geactiveerd[/b:7c9775628f]" [*:7c9775628f] klik nu op "[b:7c9775628f]Ok[/b:7c9775628f]" en daarna op "[b:7c9775628f]Volgende[/b:7c9775628f]" [*:7c9775628f] Klik onderin het scherm op "[b:7c9775628f]Save log[/b:7c9775628f]" en sla deze op bijvoorbeeld het bureaublad op. [img:7c9775628f]http://www.imgdumper.nl/uploads5/500bf1a109315/500bf1a10837f-hmp.png[/img:7c9775628f][/list:u:7c9775628f] [b:7c9775628f]HitmanPro 3.7 scanlog postent[/b:7c9775628f]: [list:7c9775628f][*:7c9775628f] Plaats aansluitend de inhoud van het scan-log in het volgende bericht.[/list:u:7c9775628f]
  • Heb idd gewoon geknipt en geplakt. # AdwCleaner v2.109 - Verslag gemaakt op 03/02/2013 om 09:37:49 # Geactualiseerd op 26/01/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium (64 bits) # Gebruiker : Dhr. P. de Jonge - LAPTOP-**** # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Dhr. P. de Jonge\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Verwijdert : C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla ***** [Register] ***** ***** [Browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] File : C:\Users\Dhr. P. de Jonge\AppData\Local\Google\Chrome\User Data\Default\Preferences Verwijdert [l.801] : homepage = "hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=NL&userid=9ac28d0d-9ca0-46cb-8bd0[...] Verwijdert [l.1224] : urls_to_restore_on_startup = [ "hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=NL&userid=[...] ************************* AdwCleaner[R1].txt - [1373 octets] - [03/02/2013 09:37:34] AdwCleaner[S2].txt - [1191 octets] - [03/02/2013 09:37:49] ########## EOF - C:\AdwCleaner[S2].txt - [1251 octets] ##########
  • [code:1:e74b120903] HitmanPro 3.7.1.186 www.hitmanpro.com Computer name . . . . : LAPTOP-**** Windows . . . . . . . : 6.1.0.7600.X64/4 User name . . . . . . : Laptop-****\Dhr. P. de Jonge UAC . . . . . . . . . : Enabled License . . . . . . . : Trial (16 days left) Scan date . . . . . . : 2013-02-03 10:04:46 Scan mode . . . . . . : Normal Scan duration . . . . : 5m 2s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 13 Objects scanned . . . : 3.009.941 Files scanned . . . . : 51.851 Remnants scanned . . : 762.299 files / 2.195.791 keys Cookies _____________________________________________________________________ C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\118HY4PN.txt C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\6W2GPU03.txt C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\ENGE8BWH.txt C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\GBH6ZRSV.txt C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\GQUZVF2W.txt C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\GSZX4E44.txt C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\HACF0SYY.txt C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\HE71P81K.txt C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\IAAGFDYE.txt C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\JH93Y649.txt C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\RQXMW0HH.txt C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\WXUGQF3W.txt C:\Users\Dhr. P. de Jonge\AppData\Roaming\Microsoft\Windows\Cookies\X9UR6J3Q.txt [/code:1:e74b120903]
  • Hoe gaat het ondertussen?
  • zie hierboven. Maar blijf afbeeldingen missen en niet terug te vinden.
  • Probeer dit eens: Download [url=http://download.bleepingcomputer.com/grinler/unhide.exe][b:169ab6fb0b][color=#FF0000:169ab6fb0b]Unhide.exe[/color:169ab6fb0b][/b:169ab6fb0b][/url] naar het bureaublad, als u een melding krijgt dat het bestand mogelijk onveilig is kunt u dit negeren. [list:169ab6fb0b] [*:169ab6fb0b] Dubbelklik op "[b:169ab6fb0b]Unhide.exe[/b:169ab6fb0b]" om de tool te starten. [*:169ab6fb0b] [b:169ab6fb0b][color=#FF0000:169ab6fb0b]Let op!!![/color:169ab6fb0b][/b:169ab6fb0b] [i:169ab6fb0b]Windows Vista & 7 gebruikers dienen "[b:169ab6fb0b]Unhide.exe[/b:169ab6fb0b]" als administrator uit te voeren "[u:169ab6fb0b]Rechtermuisknop uitvoeren als administrator[/u:169ab6fb0b]",[/i:169ab6fb0b] [*:169ab6fb0b] Wacht rustig af totdat de tool gereed is en doe in de tussentijd verder niets op de computer. [*:169ab6fb0b] Als de tool gereed is krijgt u het onderstaande scherm te zien, met de melding "[b:169ab6fb0b]Your files should now be visible[/b:169ab6fb0b]" [list:169ab6fb0b] [*:169ab6fb0b][img:169ab6fb0b]http://www.imgdumper.nl/uploads4/4d9d78e7013bd/4d9d78e700801-unhide..jpg[/img:169ab6fb0b][/list:u:169ab6fb0b] [*:169ab6fb0b] Vermeld in uw volgende bericht of u deze melding heeft gekregen.[/list:u:169ab6fb0b]

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.