Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Trage Pc en soms desktop leeg of zwart scherm

Abraham54
18 antwoorden
  • Beste Abraham54 & lezers,

    Een tijd zonder pc, nu een nieuwe klapkoffer, helaas is er iets niet goed.
    Was aan t zoeken naar een HJT enzo, maar er staan nieuwe kreten van progjes, welke kan ik t beste posten en vanaf welke site?

    Mijn laptop is een Lenovo z580, met Windows 7, Avast Free, MBAM, paar maanden oud.
    Zou erg snel moeten zijn, maar dat is niet, veel internetverbindingsproblemen, ook opstarten is problematisch de laatste dagen.

    Zwart scherm bij t opstarten soms, dan na opstarten wil het heel moeilijk om verbinding met internet te maken, updaten van Mbam wil dan niet en is telkens beschadigd. Een paar keer waren mijn desktop-iconen weg en was het bureaublad compleet leeg…

    Backup heb ik gemaakt, welke log kan ik het beste plaatsen? Na eerder veel problemen met mijn eerdere laptop ben ik bang dat ik een virus heb opgelopen.

    Bvd!!! Groetjes Holly

    oja, ik gebruik Firefox, maar geen IE, die zit er wel op.
  • Heb je er al aan gedacht een recovery-installatie te doen?

    [b:6b0d42e32d]Welk programma[/b:6b0d42e32d]: [b:6b0d42e32d]OTL.exe[/b:6b0d42e32d][/color:6b0d42e32d]
    [b:6b0d42e32d]Waarvoor/waarom[/b:6b0d42e32d]: multifunktioneel tool - analyse en fix
    [b:6b0d42e32d]Moeilijkheidsgraad[/b:6b0d42e32d]: geen.
    [b:6b0d42e32d]Download[/b:6b0d42e32d]: [b:6b0d42e32d]OTL.exe[/color:6b0d42e32d][/b:6b0d42e32d] en plaats het bestand op het bureaublad.
    [b:6b0d42e32d]Sluit voordat OTL.exe[/color:6b0d42e32d] gaat scannen, eerst alle andere openstaande vensters![/b:6b0d42e32d]

    [b:6b0d42e32d]OTL.exe[/color:6b0d42e32d] gebruiken[/b:6b0d42e32d]:
    [list:6b0d42e32d][*:6b0d42e32d] [b:6b0d42e32d]Sluit nu eerst alle nog openstaande programmavensters![/color:6b0d42e32d][/b:6b0d42e32d]
    [list:6b0d42e32d][*:6b0d42e32d][b:6b0d42e32d]Windows 2000[/color:6b0d42e32d][/b:6b0d42e32d] en [b:6b0d42e32d]Windows XP[/b:6b0d42e32d][/color:6b0d42e32d]: dubbelklik op [b:6b0d42e32d]OTL.exe[/b:6b0d42e32d][/color:6b0d42e32d].
    [*:6b0d42e32d][b:6b0d42e32d]Windows Vista[/b:6b0d42e32d][/color:6b0d42e32d], [b:6b0d42e32d]Windows 7[/b:6b0d42e32d][/color:6b0d42e32d] en [b:6b0d42e32d]Windows 8[/b:6b0d42e32d][/color:6b0d42e32d]: via rechtsklik op [b:6b0d42e32d]OTL.exe[/b:6b0d42e32d][/color:6b0d42e32d] en kies voor "Als Administrator uitvoeren".[/list:u:6b0d42e32d][/list:u:6b0d42e32d]

    [list:6b0d42e32d][*:6b0d42e32d]Zet een vinkje bij [b:6b0d42e32d]Scan All Users[/b:6b0d42e32d][/color:6b0d42e32d], [b:6b0d42e32d]LOP Check[/b:6b0d42e32d][/color:6b0d42e32d] en bij [b:6b0d42e32d]PURITY Check[/b:6b0d42e32d][/color:6b0d42e32d].

    [*:6b0d42e32d]Kopieer en plak ondervermelde (vetgedrukte, blauwe tekst) in het kader onder [img:6b0d42e32d]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:6b0d42e32d]

    [b:6b0d42e32d]
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    netsvcs
    BASESERVICES
    DRIVES
    msconfig
    %SYSTEMDRIVE%\*.exe
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.sys /90
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\*
    %USERPROFILE%\..|smtmp;true;true;true /FP
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    hklm\software\clients\startmenuinternet|command
    s
    hklm\software\clients\startmenuinternet|command /64
    s
    CREATERESTOREPOINT[/color:6b0d42e32d][/b:6b0d42e32d]

    [*:6b0d42e32d]Klik vervolgens op de knop [img:6b0d42e32d]http://www.imgdumper.nl/uploads6/50cd93c69c626/50cd93c69be5b-OTL_-_Run_Scan_knop.jpg[/img:6b0d42e32d].
    [*:6b0d42e32d]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef.
    [*:6b0d42e32d]De scan zal niet heel erg lang duren.
    [list:6b0d42e32d][*:6b0d42e32d]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:6b0d42e32d]OTL.Txt[/b:6b0d42e32d] en [b:6b0d42e32d]Extras.txt[/b:6b0d42e32d].
    [*:6b0d42e32d]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:6b0d42e32d]
    [*:6b0d42e32d][b:6b0d42e32d]Notabene:[/b:6b0d42e32d][/color:6b0d42e32d] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:6b0d42e32d]
  • Hallo Abraham54,

    dank voor je reactie!
    Nee, niet aan gedacht, heb wel een systeemherstel naar een eerder punt gedaan. Afgelopen 4 dgn deed de pc echt moeilijk, vandaag doet ie t redelijk, maar misschien is dat omdat er iets opzit, dacht laat ik het controleren door een expert als u, dat leek me beter. Als er echt iets ergs in zit weet ik ook niet of recovery meteen zou helpen.

    Hier de logs, 1st OTL.txt:

    OTL logfile created on: 4-2-2013 18:37:14 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Trix\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    7,87 Gb Total Physical Memory | 6,01 Gb Available Physical Memory | 76,38% Memory free
    15,73 Gb Paging File | 13,65 Gb Available in Paging File | 86,75% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 653,44 Gb Total Space | 565,31 Gb Free Space | 86,51% Space Free | Partition Type: NTFS
    Drive D: | 25,47 Gb Total Space | 20,96 Gb Free Space | 82,31% Space Free | Partition Type: NTFS

    Computer Name: TRIX-PC | User Name: Trix | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========[/color:1d042247b8]

    PRC - [2013-02-04 18:27:23 | 000,602,112 | —- | M] (OldTimer Tools) – C:\Users\Trix\Downloads\OTL.exe
    PRC - [2012-12-18 20:08:28 | 000,065,192 | —- | M] (Adobe Systems Incorporated) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2012-10-30 23:50:59 | 004,297,136 | —- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2012-10-30 23:50:59 | 000,044,808 | —- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2012-05-27 13:55:05 | 000,329,056 | —- | M] (Lenovo) – C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
    PRC - [2012-05-27 13:52:44 | 000,099,680 | —- | M] () – C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
    PRC - [2012-02-09 06:40:12 | 001,876,992 | —- | M] (LENOVO) – C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe
    PRC - [2012-02-08 03:03:36 | 000,363,800 | —- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2012-02-08 03:03:34 | 000,277,784 | —- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2012-02-08 03:03:28 | 000,128,280 | —- | M] () – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    PRC - [2012-02-08 03:03:16 | 000,161,560 | —- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    PRC - [2012-01-27 10:40:46 | 000,291,608 | —- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    PRC - [2011-12-13 19:23:04 | 000,158,880 | —- | M] (Atheros) – C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    PRC - [2011-12-08 19:12:40 | 000,291,272 | —- | M] () – C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
    PRC - [2011-11-24 09:06:58 | 000,548,864 | —- | M] (Vimicro) – C:\Program Files (x86)\USB Camera\VM331_STI.EXE
    PRC - [2011-01-29 07:29:36 | 000,136,488 | —- | M] (CyberLink) – C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe


    ========== Modules (No Company Name) ==========[/color:1d042247b8]

    MOD - [2013-01-10 16:43:42 | 001,801,728 | —- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
    MOD - [2013-01-10 01:45:51 | 018,002,944 | —- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll
    MOD - [2013-01-10 01:45:41 | 011,451,904 | —- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll
    MOD - [2013-01-10 01:45:38 | 013,199,360 | —- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e43f80b6a3a40323520dd89cb77500a8\System.Windows.Forms.ni.dll
    MOD - [2013-01-10 01:45:35 | 007,069,696 | —- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll
    MOD - [2013-01-10 01:45:33 | 005,617,664 | —- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
    MOD - [2013-01-10 01:45:33 | 003,858,944 | —- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll
    MOD - [2013-01-10 01:45:31 | 000,595,968 | —- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
    MOD - [2013-01-10 01:45:30 | 001,667,584 | —- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
    MOD - [2013-01-10 01:45:30 | 000,982,528 | —- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
    MOD - [2013-01-10 01:45:29 | 009,094,656 | —- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
    MOD - [2013-01-10 01:45:24 | 014,412,800 | —- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
    MOD - [2012-05-27 13:55:05 | 000,013,664 | —- | M] () – C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
    MOD - [2012-05-27 13:52:44 | 000,099,680 | —- | M] () – C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
    MOD - [2011-12-08 19:12:40 | 000,291,272 | —- | M] () – C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
    MOD - [2011-06-28 07:28:38 | 000,042,496 | —- | M] () – C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\QTKB.dll
    MOD - [2011-06-02 21:58:18 | 000,132,448 | —- | M] () – C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
    MOD - [2011-06-02 21:57:44 | 000,161,120 | —- | M] () – C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll


    ========== Services (SafeList) ==========[/color:1d042247b8]

    SRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-30 23:50:59 | 000,044,808 | —- | M] (AVAST Software) [Auto | Running] – C:\Program Files\AVAST Software\Avast\AvastSvc.exe – (avast! Antivirus)
    SRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-02-03 06:29:52 | 000,628,448 | —- | M] (Intel(R) Corporation) [Auto | Running] – C:\Program Files\Intel\iCLS Client\HeciServer.exe – (Intel(R)
    SRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-24 02:51:22 | 000,120,160 | —- | M] (Lenovo) [Auto | Stopped] – C:\Windows\SysNative\NSDSvc.exe – (NSDSvc)
    SRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2010-09-23 02:10:10 | 000,057,184 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Program Files\Windows Live\Mesh\wlcrasvc.exe – (wlcrasvc)
    SRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-14 02:41:27 | 001,011,712 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)
    SRV - [2013-01-20 15:40:41 | 000,115,608 | —- | M] (Mozilla Foundation) [On_Demand | Stopped] – C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe – (MozillaMaintenance)
    SRV - [2012-12-18 20:08:28 | 000,065,192 | —- | M] (Adobe Systems Incorporated) [Auto | Running] – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe – (AdobeARMservice)
    SRV - [2012-12-14 02:42:10 | 000,277,616 | —- | M] (Intel Corporation) [On_Demand | Stopped] – C:\Windows\SysWOW64\IntelCpHeciSvc.exe – (cphs)
    SRV - [2012-10-08 11:42:54 | 001,258,856 | —- | M] (NVIDIA Corporation) [Auto | Stopped] – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe – (nvUpdatusService)
    SRV - [2012-02-08 03:03:36 | 000,363,800 | —- | M] (Intel Corporation) [Auto | Running] – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe – (UNS)
    SRV - [2012-02-08 03:03:34 | 000,277,784 | —- | M] (Intel Corporation) [Auto | Running] – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe – (LMS)
    SRV - [2012-02-08 03:03:28 | 000,128,280 | —- | M] () [Auto | Running] – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe – (Intel(R)
    SRV - [2012-02-08 03:03:16 | 000,161,560 | —- | M] (Intel Corporation) [Auto | Running] – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe – (jhi_service)
    SRV - [2011-12-13 19:23:04 | 000,158,880 | —- | M] (Atheros) [Auto | Running] – C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe – (ZAtheros Bt&Wlan Coex Agent)
    SRV - [2011-12-13 19:06:38 | 000,106,144 | —- | M] (Atheros Commnucations) [Auto | Running] – C:\Program Files (x86)\Bluetooth Suite\AdminService.exe – (AtherosSvc)
    SRV - [2010-03-18 22:16:28 | 000,130,384 | —- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe – (clr_optimization_v4.0.30319_32)
    SRV - [2009-06-10 22:23:09 | 000,066,384 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe – (clr_optimization_v2.0.50727_32)


    ========== Driver Services (SafeList) ==========[/color:1d042247b8]

    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-12-14 02:42:22 | 005,353,888 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\igdkmd64.sys – (igfx)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-30 23:51:56 | 000,059,728 | —- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\SysNative\drivers\aswTdi.sys – (aswTdi)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-30 23:51:55 | 000,984,144 | —- | M] (AVAST Software) [File_System | System | Running] – C:\Windows\SysNative\drivers\aswSnx.sys – (aswSnx)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-30 23:51:55 | 000,370,288 | —- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\SysNative\drivers\aswSP.sys – (aswSP)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-30 23:51:55 | 000,071,600 | —- | M] (AVAST Software) [File_System | Auto | Running] – C:\Windows\SysNative\drivers\aswMonFlt.sys – (aswMonFlt)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-30 23:51:53 | 000,025,232 | —- | M] (AVAST Software) [File_System | Auto | Running] – C:\Windows\SysNative\drivers\aswFsBlk.sys – (aswFsBlk)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-15 17:59:28 | 000,054,072 | —- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\SysNative\drivers\aswRdr2.sys – (aswRdr)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-08 11:42:36 | 000,030,056 | —- | M] (NVIDIA Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers
    vpciflt.sys – (nvpciflt)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-09-19 10:02:08 | 000,102,368 | —- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\ssudbus.sys – (dg_ssudbus)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-08-23 15:10:20 | 000,019,456 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\rdpvideominiport.sys – (RdpVideoMiniport)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-08-23 15:08:26 | 000,030,208 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbGD.sys – (TsUsbGD)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-08-23 15:07:35 | 000,057,856 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbFlt.sys – (TsUsbFlt)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-07-17 18:12:08 | 000,062,784 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\HECIx64.sys – (MEIx64)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-05-27 14:00:25 | 000,057,952 | —- | M] (Lenovo) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\fbfmon.sys – (fbfmon)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-05-27 14:00:25 | 000,013,408 | —- | M] (Lenovo) [Kernel | System | Running] – C:\Windows\SysNative\drivers\BPntDrv.sys – (BPntDrv)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-05-27 13:59:35 | 000,030,816 | —- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\AcpiVpc.sys – (ACPIVPC)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-05-27 13:59:34 | 000,039,008 | —- | M] (Lenovo.) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\LhdX64.sys – (LHDmgr)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-03-01 07:46:16 | 000,023,408 | —- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] – C:\Windows\SysNative\drivers\fs_rec.sys – (Fs_Rec)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-01-27 10:39:34 | 000,787,736 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\iusb3xhc.sys – (iusb3xhc)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-01-27 10:39:34 | 000,356,120 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\iusb3hub.sys – (iusb3hub)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-01-27 10:39:34 | 000,016,152 | —- | M] (Intel Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\iusb3hcs.sys – (iusb3hcs)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-24 01:45:50 | 000,024,160 | —- | M] (Lenovo Corporation") [Kernel | Boot | Running] – C:\Windows\SysNative\drivers
    sd.sys – (NSD)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-22 05:57:42 | 000,059,488 | —- | M] (Lenovo Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\Nsdfltr.sys – (Nsdfltr)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:15:22 | 000,290,464 | —- | M] (Atheros) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\btfilter.sys – (BtFilter)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:14:36 | 000,283,296 | —- | M] (Atheros) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\btath_rcp.sys – (BTATH_RCP)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:14:20 | 000,059,040 | —- | M] (Atheros) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\btath_lwflt.sys – (BTATH_LWFLT)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:14:04 | 000,166,048 | —- | M] (Atheros) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\btath_hcrp.sys – (BTATH_HCRP)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:13:50 | 000,036,000 | —- | M] (Atheros) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\btath_flt.sys – (AthBTPort)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:13:34 | 000,029,344 | —- | M] (Atheros) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\btath_bus.sys – (BTATH_BUS)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:13:18 | 000,109,216 | —- | M] (Atheros) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\btath_avdt.sys – (btath_avdt)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:13:04 | 000,259,744 | —- | M] (Atheros) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\btath_a2dp.sys – (BTATH_A2DP)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-06 12:23:10 | 000,331,264 | —- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\IntcDAud.sys – (IntcDAud)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-06 08:31:40 | 000,952,832 | —- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\vm331avs.sys – (vm331avs)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-11-30 03:40:32 | 000,568,600 | —- | M] (Intel Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\iaStor.sys – (iaStor)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-11-10 13:40:26 | 000,401,456 | —- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\SynTP.sys – (SynTP)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-10-24 08:47:28 | 000,313,960 | —- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\rtsuvstor.sys – (RSUSBVSTOR)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-10-22 02:45:14 | 002,791,424 | —- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\athrx.sys – (athr)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-10-10 08:56:15 | 000,107,904 | —- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsata.sys – (amdsata)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-10-10 08:56:15 | 000,027,008 | —- | M] (Advanced Micro Devices) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\amdxata.sys – (amdxata)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-08-23 14:57:24 | 000,565,352 | —- | M] (Realtek ) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\Rt64win7.sys – (RTL8167)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-01-29 07:29:58 | 000,031,088 | —- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\clwvd.sys – (clwvd)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2010-11-21 04:23:47 | 000,078,720 | —- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\HpSAMD.sys – (HpSAMD)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-21 22:20:06 | 000,121,840 | —- | M] (CyberLink) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\wsvd.sys – (wsvd)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-14 02:52:20 | 000,194,128 | —- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsbs.sys – (amdsbs)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-14 02:48:04 | 000,065,600 | —- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\lsi_sas2.sys – (LSI_SAS2)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-14 02:45:55 | 000,024,656 | —- | M] (Promise Technology) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\stexstor.sys – (stexstor)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-14 01:09:50 | 000,019,968 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\usb8023x.sys – (usb_rndisx)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-14 00:21:48 | 000,038,400 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\tpm.sys – (TPM)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-06-10 21:34:33 | 003,286,016 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\evbda.sys – (ebdrv)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-06-10 21:34:28 | 000,468,480 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\bxvbda.sys – (b06bdrv)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-06-10 21:34:23 | 000,270,848 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\b57nd60a.sys – (b57nd60a)
    DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-06-10 21:31:59 | 000,031,232 | —- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hcw85cir.sys – (hcw85cir)
    DRV - [2009-07-14 02:19:10 | 000,019,008 | —- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysWOW64\drivers\wimmount.sys – (WIMMount)


    ========== Standard Registry (SafeList) ==========[/color:1d042247b8]


    ========== Internet Explorer ==========[/color:1d042247b8]

    IE:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
    IE:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
    IE:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
    IE:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig
    edirectdomain?brand=LENN&bmod=LENN
    IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com [binary data]
    IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig
    edirectdomain?brand=LENN&bmod=LENN
    IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
    IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_nlNL506
    IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========[/color:1d042247b8]

    FF - prefs.js..browser.startup.homepage: "about:home"
    FF - prefs.js..extensions.enabledAddons: %7B6614d11d-d21d-b211-ae23-815234e1ebb5%7D:2.7.5
    FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
    FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.5
    FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
    FF - user.js - File not found

    FF:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
    FF:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32
    pDeployJava1.dll (Oracle Corporation)
    FF:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2
    pjp2.dll (Oracle Corporation)
    FF:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0
    pctrl.dll ( Microsoft Corporation)
    FF:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
    pIntelWebAPIIPT.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
    pIntelWebAPIUpdater.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64
    pDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0
    pctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123
    pGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123
    pGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR
    ppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-19 16:11:49 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-20 15:40:41 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-20 15:40:41 | 000,000,000 | —D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

    [2012-10-16 15:06:15 | 000,000,000 | —D | M] (No name found) – C:\Users\Trix\AppData\Roaming\Mozilla\Extensions
    [2013-01-11 06:52:03 | 000,000,000 | —D | M] (No name found) – C:\Users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\extensions
    [2013-01-08 21:01:21 | 000,000,000 | —D | M] (Flagfox) – C:\Users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
    [2013-01-11 06:52:03 | 000,000,000 | —D | M] (DownloadHelper) – C:\Users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2012-12-08 16:50:07 | 000,157,239 | —- | M] () (No name found) – C:\Users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\extensions\jid0-irAmugmQgdURBSCIFZAcjR8ZQMg@jetpack.xpi
    [2012-11-30 11:26:17 | 000,164,308 | —- | M] () (No name found) – C:\Users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}.xpi
    [2013-02-01 15:11:56 | 000,817,973 | —- | M] () (No name found) – C:\Users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2013-01-20 15:40:38 | 000,000,000 | —D | M] (No name found) – C:\Program Files (x86)\Mozilla Firefox\extensions
    [2012-12-19 16:11:49 | 000,000,000 | —D | M] (avast! WebRep) – C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
    [2013-01-20 15:40:41 | 000,262,552 | —- | M] (Mozilla Foundation) – C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2012-10-11 02:37:16 | 000,002,465 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2012-12-12 20:03:15 | 000,002,616 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
    [2012-12-12 20:03:15 | 000,004,771 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
    [2012-12-12 20:03:15 | 000,001,262 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml
  • O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | —- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:[b:46b226ee56]64bit:[/b:46b226ee56] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2:[b:46b226ee56]64bit:[/b:46b226ee56] - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2:[b:46b226ee56]64bit:[/b:46b226ee56] - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121214172139.dll File not found
    O2:[b:46b226ee56]64bit:[/b:46b226ee56] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:[b:46b226ee56]64bit:[/b:46b226ee56] - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121214172140.dll File not found
    O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3:[b:46b226ee56]64bit:[/b:46b226ee56] - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [SynLenovoGestureMgr] C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics)
    O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [CAPOSD] C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe (LENOVO)
    O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
    O4 - HKLM..\Run: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe ()
    O4 - HKLM..\Run: [MuteSync] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe (Lenovo)
    O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
    O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
    O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
    O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
    O13[b:46b226ee56]64bit:[/b:46b226ee56] - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E5D6C4E-1E06-4F2E-AEA2-040561CC7698}: DhcpNameServer = 192.168.42.129
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5800F2F5-4C18-4F38-8B9D-9BEAFA7DC8B0}: DhcpNameServer = 192.168.1.1
    O18:[b:46b226ee56]64bit:[/b:46b226ee56] - Protocol\Handler\livecall - No CLSID value found
    O18:[b:46b226ee56]64bit:[/b:46b226ee56] - Protocol\Handler\ms-help - No CLSID value found
    O18:[b:46b226ee56]64bit:[/b:46b226ee56] - Protocol\Handler\msnim - No CLSID value found
    O18:[b:46b226ee56]64bit:[/b:46b226ee56] - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:[b:46b226ee56]64bit:[/b:46b226ee56] - Protocol\Handler\wlpg - No CLSID value found
    O20:[b:46b226ee56]64bit:[/b:46b226ee56] - AppInit_DLLs: (C:\Windows\system32
    vinitx.dll) - C:\Windows\SysNative
    vinitx.dll (NVIDIA Corporation)
    O20 - AppInit_DLLs: (C:\Windows\SysWOW64
    vinit.dll) - C:\Windows\SysWOW64
    vinit.dll (NVIDIA Corporation)
    O20:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:[b:46b226ee56]64bit:[/b:46b226ee56] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:[b:46b226ee56]64bit:[/b:46b226ee56] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\..comfile [open] – "%1" %*
    O35:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\..exefile [open] – "%1" %*
    O35 - HKLM\..comfile [open] – "%1" %*
    O35 - HKLM\..exefile [open] – "%1" %*
    O37:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\…com [@ = comfile] – "%1" %*
    O37:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\…exe [@ = exefile] – "%1" %*
    O37 - HKLM\…com [@ = comfile] – "%1" %*
    O37 - HKLM\…exe [@ = exefile] – "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



    CREATERESTOREPOINT
    System Restore Service not available.

    ========== Files/Folders - Created Within 30 Days ==========[/color:46b226ee56]

    [2013-02-03 01:40:19 | 000,000,000 | -HSD | C] – C:\Config.Msi
    [2013-02-03 01:33:54 | 000,000,000 | —D | C] – C:\Users\Trix\AppData\Roaming\Ahead
    [2013-02-03 01:33:39 | 000,000,000 | —D | C] – C:\ProgramData\Ahead
    [2013-02-03 01:33:26 | 000,000,000 | —D | C] – C:\Program Files (x86)\Common Files\Ahead
    [2013-02-02 03:31:33 | 000,000,000 | —D | C] – C:\ProgramData\xml_param
    [2013-02-02 03:28:13 | 000,000,000 | —D | C] – C:\Users\Trix\Documents\Aimersoft Music Converter
    [2013-02-02 03:12:03 | 000,000,000 | —D | C] – C:\Users\Trix\AppData\Roaming\MC Burner
    [2013-01-31 17:45:34 | 000,000,000 | —D | C] – C:\Users\Trix\Documents\PICS
    [2013-01-28 02:59:46 | 000,000,000 | —D | C] – C:\Users\Trix\Documents\Foon Y
    [2013-01-28 01:06:27 | 000,000,000 | —D | C] – C:\Users\Trix\Documents\4ME bellangrrijk
    [2013-01-28 01:05:15 | 000,000,000 | —D | C] – C:\Users\Trix\Documents
    ews interessant
    [2013-01-28 01:02:39 | 000,000,000 | —D | C] – C:\Users\Trix\Documents\MP
    [2013-01-28 00:48:50 | 000,000,000 | —D | C] – C:\Users\Trix\Documents\118_PANA
    [2013-01-25 00:41:41 | 000,000,000 | —D | C] – C:\Users\Trix\AppData\Roaming\CyberLink
    [2013-01-20 15:40:38 | 000,000,000 | —D | C] – C:\Program Files (x86)\Mozilla Firefox
    [2013-01-09 17:11:44 | 000,750,592 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\win32spl.dll
    [2013-01-09 17:11:44 | 000,492,032 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\win32spl.dll
    [2013-01-09 17:11:19 | 000,800,768 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\usp10.dll
    [2013-01-09 17:11:19 | 000,307,200 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative
    crypt.dll
    [2013-01-09 17:11:12 | 000,046,592 | —- | C] (Microsoft) – C:\Windows\SysWow64\fpb.rs
    [2013-01-09 17:11:12 | 000,046,592 | —- | C] (Microsoft) – C:\Windows\SysNative\fpb.rs
    [2013-01-09 17:11:12 | 000,045,568 | —- | C] (Microsoft) – C:\Windows\SysWow64\oflc-nz.rs
    [2013-01-09 17:11:12 | 000,045,568 | —- | C] (Microsoft) – C:\Windows\SysNative\oflc-nz.rs
    [2013-01-09 17:11:12 | 000,044,544 | —- | C] (Microsoft) – C:\Windows\SysWow64\pegibbfc.rs
    [2013-01-09 17:11:12 | 000,044,544 | —- | C] (Microsoft) – C:\Windows\SysNative\pegibbfc.rs
    [2013-01-09 17:11:12 | 000,043,520 | —- | C] (Microsoft) – C:\Windows\SysWow64\csrr.rs
    [2013-01-09 17:11:12 | 000,043,520 | —- | C] (Microsoft) – C:\Windows\SysNative\csrr.rs
    [2013-01-09 17:11:12 | 000,040,960 | —- | C] (Microsoft) – C:\Windows\SysWow64\cob-au.rs
    [2013-01-09 17:11:12 | 000,040,960 | —- | C] (Microsoft) – C:\Windows\SysNative\cob-au.rs
    [2013-01-09 17:11:12 | 000,030,720 | —- | C] (Microsoft) – C:\Windows\SysWow64\usk.rs
    [2013-01-09 17:11:12 | 000,030,720 | —- | C] (Microsoft) – C:\Windows\SysNative\usk.rs
    [2013-01-09 17:11:12 | 000,021,504 | —- | C] (Microsoft) – C:\Windows\SysWow64\grb.rs
    [2013-01-09 17:11:12 | 000,015,360 | —- | C] (Microsoft) – C:\Windows\SysWow64\djctq.rs
    [2013-01-09 17:11:12 | 000,015,360 | —- | C] (Microsoft) – C:\Windows\SysNative\djctq.rs
    [2013-01-09 17:11:11 | 002,746,368 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\gameux.dll
    [2013-01-09 17:11:11 | 002,576,384 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\gameux.dll
    [2013-01-09 17:11:11 | 000,441,856 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\Wpc.dll
    [2013-01-09 17:11:11 | 000,308,736 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\Wpc.dll
    [2013-01-09 17:11:11 | 000,051,712 | —- | C] (Microsoft) – C:\Windows\SysWow64\esrb.rs
    [2013-01-09 17:11:11 | 000,051,712 | —- | C] (Microsoft) – C:\Windows\SysNative\esrb.rs
    [2013-01-09 17:11:11 | 000,021,504 | —- | C] (Microsoft) – C:\Windows\SysNative\grb.rs
    [2013-01-09 17:11:11 | 000,020,480 | —- | C] (Microsoft) – C:\Windows\SysWow64\pegi-pt.rs
    [2013-01-09 17:11:11 | 000,020,480 | —- | C] (Microsoft) – C:\Windows\SysNative\pegi-pt.rs
    [2013-01-09 17:11:11 | 000,020,480 | —- | C] (Microsoft) – C:\Windows\SysNative\pegi-fi.rs
    [2013-01-09 17:11:11 | 000,020,480 | —- | C] (Microsoft) – C:\Windows\SysWow64\pegi.rs
    [2013-01-09 17:11:11 | 000,020,480 | —- | C] (Microsoft) – C:\Windows\SysNative\pegi.rs
    [2013-01-09 17:11:10 | 000,055,296 | —- | C] (Microsoft) – C:\Windows\SysWow64\cero.rs
    [2013-01-09 17:11:10 | 000,055,296 | —- | C] (Microsoft) – C:\Windows\SysNative\cero.rs
    [2013-01-09 17:11:10 | 000,023,552 | —- | C] (Microsoft) – C:\Windows\SysWow64\oflc.rs
    [2013-01-09 17:11:10 | 000,023,552 | —- | C] (Microsoft) – C:\Windows\SysNative\oflc.rs
    [2013-01-09 17:11:10 | 000,020,480 | —- | C] (Microsoft) – C:\Windows\SysWow64\pegi-fi.rs
    [2013-01-09 17:10:46 | 001,161,216 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\kernel32.dll
    [2013-01-09 17:10:46 | 000,424,448 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\KernelBase.dll
    [2013-01-09 17:10:45 | 000,362,496 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\wow64win.dll
    [2013-01-09 17:10:45 | 000,338,432 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\conhost.exe
    [2013-01-09 17:10:45 | 000,243,200 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\wow64.dll
    [2013-01-09 17:10:45 | 000,215,040 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\winsrv.dll
    [2013-01-09 17:10:45 | 000,016,384 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative
    tvdm64.dll
    [2013-01-09 17:10:45 | 000,014,336 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64
    tvdm64.dll
    [2013-01-09 17:10:45 | 000,013,312 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\wow64cpu.dll
    [2013-01-09 17:10:45 | 000,006,144 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
    [2013-01-09 17:10:45 | 000,005,120 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    [2013-01-09 17:10:45 | 000,005,120 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
    [2013-01-09 17:10:45 | 000,005,120 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\wow32.dll
    [2013-01-09 17:10:45 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
    [2013-01-09 17:10:45 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
    [2013-01-09 17:10:45 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
    [2013-01-09 17:10:45 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    [2013-01-09 17:10:45 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    [2013-01-09 17:10:45 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,025,600 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\setup16.exe
    [2013-01-09 17:10:44 | 000,007,680 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\instnm.exe
    [2013-01-09 17:10:44 | 000,006,144 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,004,608 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,004,608 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,004,608 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,004,608 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    [2013-01-09 17:10:44 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
    [2013-01-09 17:10:43 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    [2013-01-09 17:10:43 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
    [2013-01-09 17:10:43 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    [2013-01-09 17:10:43 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
    [2013-01-09 17:10:42 | 000,002,048 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\user.exe
    [2013-01-09 17:10:24 | 000,068,608 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\taskhost.exe

    ========== Files - Modified Within 30 Days ==========[/color:46b226ee56]

    [2013-02-04 18:28:00 | 000,001,070 | —- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013-02-04 18:27:58 | 000,001,099 | —- | M] () – C:\Users\Trix\Desktop\OTL - Snelkoppeling.lnk
    [2013-02-04 18:25:23 | 000,067,584 | –S- | M] () – C:\Windows\bootstat.dat
    [2013-02-04 16:28:00 | 000,001,066 | —- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013-02-04 15:58:27 | 000,032,064 | -H– | M] () – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013-02-04 15:58:27 | 000,032,064 | -H– | M] () – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013-02-04 15:57:17 | 001,663,048 | —- | M] () – C:\Windows\SysNative\PerfStringBackup.INI
    [2013-02-04 15:57:17 | 000,743,222 | —- | M] () – C:\Windows\SysNative\perfh013.dat
    [2013-02-04 15:57:17 | 000,652,148 | —- | M] () – C:\Windows\SysNative\perfh009.dat
    [2013-02-04 15:57:17 | 000,152,382 | —- | M] () – C:\Windows\SysNative\perfc013.dat
    [2013-02-04 15:57:17 | 000,121,080 | —- | M] () – C:\Windows\SysNative\perfc009.dat
    [2013-02-04 15:52:20 | 000,631,926 | —- | M] () – C:\Windows\SysNative\fastboot.set
    [2013-02-04 15:50:52 | 2040,041,471 | -HS- | M] () – C:\hiberfil.sys
    [2013-02-03 23:14:46 | 000,001,969 | —- | M] () – C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    [2013-02-03 23:14:44 | 000,000,000 | —- | M] () – C:\Windows\SysWow64\config.nt
    [2013-01-25 00:41:41 | 000,001,133 | —- | M] () – C:\Users\Trix\Desktop\Cyberlink Power2Go.lnk
    [2013-01-10 12:51:38 | 000,697,864 | —- | M] (Adobe Systems Incorporated) – C:\Windows\SysWow64\FlashPlayerApp.exe
    [2013-01-10 12:51:38 | 000,074,248 | —- | M] (Adobe Systems Incorporated) – C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2013-01-10 12:43:58 | 000,374,944 | —- | M] () – C:\Windows\SysNative\FNTCACHE.DAT
    [2013-01-10 01:46:36 | 001,641,044 | —- | M] () – C:\Windows\SysWow64\PerfStringBackup.INI

    ========== Files Created - No Company Name ==========[/color:46b226ee56]

    [2013-02-04 18:27:58 | 000,001,099 | —- | C] () – C:\Users\Trix\Desktop\OTL - Snelkoppeling.lnk
    [2012-12-14 02:42:30 | 000,064,512 | —- | C] () – C:\Windows\SysWow64\igdde32.dll
    [2012-12-14 02:42:24 | 000,754,652 | —- | C] () – C:\Windows\SysWow64\igcodeckrng700.bin
    [2012-12-14 02:42:24 | 000,598,384 | —- | C] () – C:\Windows\SysWow64\igvpkrng700.bin
    [2012-10-13 16:57:42 | 000,000,000 | —- | C] () – C:\Windows\firstboot.dat
    [2012-05-27 13:55:20 | 002,086,240 | —- | C] () – C:\Windows\SysWow64\LenovoVeriface.Interface.dll
    [2012-05-27 13:55:20 | 001,500,512 | —- | C] () – C:\Windows\SysWow64\Apblend.dll
    [2012-05-27 13:55:20 | 001,171,456 | —- | C] () – C:\Windows\SysWow64\PicNotify.dll
    [2012-05-27 13:55:20 | 000,472,416 | —- | C] () – C:\Windows\SysWow64\Lenovo.VerifaceStub.dll
    [2012-05-27 13:54:59 | 001,044,480 | —- | C] () – C:\Windows\SysWow64\3DImageRenderer.dll
    [2012-05-27 13:52:14 | 001,641,044 | —- | C] () – C:\Windows\SysWow64\PerfStringBackup.INI
    [2012-05-27 13:33:40 | 000,001,822 | —- | C] () – C:\Windows\vm331Rmv.ini
    [2012-05-27 13:33:40 | 000,001,822 | —- | C] () – C:\Windows\SysWow64\vm331Rmv.ini
    [2012-02-06 09:57:59 | 000,734,772 | —- | C] () – C:\Windows\SysWow64\igkrng700.bin
    [2012-02-06 09:57:53 | 000,559,780 | —- | C] () – C:\Windows\SysWow64\igfcg700m.bin
    [2012-02-03 06:08:26 | 000,001,536 | —- | C] () – C:\Windows\SysWow64\IusEventLog.dll

    ========== ZeroAccess Check ==========[/color:46b226ee56]

    [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () – C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll – [2012-06-09 06:43:10 | 014,172,672 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll – [2012-06-09 05:41:00 | 012,873,728 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll – [2012-08-21 14:11:31 | 000,857,088 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll – [2012-08-21 14:37:44 | 000,636,928 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll – [2012-08-21 14:08:38 | 000,453,120 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========[/color:46b226ee56]

    [2013-02-02 03:21:34 | 000,000,000 | —D | M] – C:\Users\Trix\AppData\Roaming\MC Burner

    ========== Purity Check ==========[/color:46b226ee56]



    ========== Custom Scans ==========[/color:46b226ee56]

    < services.* >[/color:46b226ee56]
    [2009-07-14 06:08:49 | 000,000,006 | -H– | C] () – C:\Windows\Tasks\SA.DAT
    [2009-07-14 06:08:49 | 000,032,548 | —- | C] () – C:\Windows\Tasks\SCHEDLGU.TXT
    [2012-05-27 13:58:10 | 000,001,066 | —- | C] () – C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    [2012-05-27 13:58:11 | 000,001,070 | —- | C] () – C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

    < explorer.exe >[/color:46b226ee56]

    < winlogon.exe >[/color:46b226ee56]

    < Userinit.exe >[/color:46b226ee56]

    < svchost.exe >[/color:46b226ee56]

    ========== Base Services ==========[/color:46b226ee56]
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:40:01 | 000,072,192 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\aelupsvc.dll – (AeLookupSvc)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:08 | 000,070,656 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\appinfo.dll – (Appinfo)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:38:55 | 000,079,360 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\alg.exe – (ALG)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:23:51 | 000,849,920 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\qmgr.dll – (BITS)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:00 | 000,705,024 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\BFE.DLL – (BFE)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-05-27 12:54:20 | 000,031,232 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\lsass.exe – (KeyIso)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:40:50 | 000,402,944 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\es.dll – (EventSystem)
    SRV - [2009-07-14 02:15:19 | 000,271,360 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\es.dll – (EventSystem)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-07-04 23:13:27 | 000,136,704 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\browser.dll – (Browser)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-06-02 06:41:28 | 000,184,320 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\cryptsvc.dll – (CryptSvc)
    SRV - [2012-06-02 05:36:29 | 000,140,288 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\cryptsvc.dll – (CryptSvc)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:01 | 000,512,000 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\rpcss.dll – (DcomLaunch)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:00 | 000,317,952 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\dhcpcore.dll – (Dhcp)
    SRV - [2010-11-21 04:24:09 | 000,254,464 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\dhcpcore.dll – (Dhcp)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2011-10-10 08:51:58 | 000,183,296 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\dnsrslvr.dll – (Dnscache)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:40:35 | 000,111,104 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\eapsvc.dll – (EapHost)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:00 | 000,038,912 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\hidserv.dll – (hidserv)
    SRV - [2009-07-14 02:15:24 | 000,049,152 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysWOW64\hidserv.dll – (hidserv)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:10 | 000,359,424 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\ipnathlp.dll – (SharedAccess)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:23:48 | 000,501,248 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\IPSECSVC.DLL – (PolicyAgent)
    No service found with a name of MsMpSvc
    No service found with a name of NisSrv
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:54 | 000,524,288 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\swprv.dll – (swprv)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:26 | 000,067,584 | —- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\SysNative\mmcss.dll – (MMCSS)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:52 | 000,360,448 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative
    etman.dll – (Netman)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:52 | 000,459,776 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative
    etprofm.dll – (netprofm)
    SRV - [2009-07-14 02:16:03 | 000,360,448 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysWOW64
    etprofm.dll – (netprofm)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-10-03 18:44:21 | 000,303,104 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative
    lasvc.dll – (NlaSvc)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:53 | 000,025,600 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative
    sisvc.dll – (nsi)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2011-10-10 08:54:35 | 000,404,480 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\umpnpmgr.dll – (PlugPlay)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-02-11 07:36:02 | 000,559,104 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\spoolsv.exe – (Spooler)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-05-27 12:54:20 | 000,031,232 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\lsass.exe – (ProtectedStorage)
    No service found with a name of EMDMgmt
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:53 | 000,099,328 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\rasauto.dll – (RasAuto)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:17 | 000,344,064 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\rasmans.dll – (RasMan)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:01 | 000,512,000 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\rpcss.dll – (RpcSs)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:16 | 000,030,720 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\seclogon.dll – (seclogon)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-05-27 12:54:20 | 000,031,232 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\lsass.exe – (SamSs)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:58 | 000,097,280 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wscsvc.dll – (wscsvc)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:23:48 | 000,236,032 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\srvsvc.dll – (LanmanServer)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:23:55 | 000,370,688 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\shsvcs.dll – (ShellHWDetection)
    SRV - [2010-11-21 04:24:03 | 000,328,192 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\shsvcs.dll – (ShellHWDetection)
    No service found with a name of slsvc
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:16 | 001,110,016 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\schedsvc.dll – (Schedule)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:32 | 000,316,928 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\tapisrv.dll – (TapiSrv)
    SRV - [2010-11-21 04:24:00 | 000,242,176 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysWOW64\tapisrv.dll – (TapiSrv)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:55 | 000,044,544 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\themeservice.dll – (Themes)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-05-01 06:40:20 | 000,209,920 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\profsvc.dll – (ProfSvc)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:23:55 | 001,600,512 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\VSSVC.exe – (VSS)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:32 | 000,679,424 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\audiosrv.dll – (AudioSrv)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:32 | 000,679,424 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\audiosrv.dll – (AudioEndpointBuilder)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:25:06 | 000,170,496 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\sdrsvc.dll – (SDRSVC)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:27 | 001,011,712 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:23:55 | 001,646,080 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wevtsvc.dll – (eventlog)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:28 | 000,828,416 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\MPSSVC.dll – (MpsSvc)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:48 | 000,580,096 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wiaservc.dll – (stisvc)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:15 | 000,128,000 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\msiexec.exe – (msiserver)
    SRV - [2010-11-21 04:24:28 | 000,073,216 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysWow64\msiexec.exe – (msiserver)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-08-21 14:09:40 | 000,219,136 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wbem\WMIsvc.dll – (Winmgmt)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-06-02 23:19:43 | 002,428,952 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wuaueng.dll – (wuauserv)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:09 | 000,252,416 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\dot3svc.dll – (dot3svc)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:56 | 000,886,784 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wlansvc.dll – (Wlansvc)
    SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:32 | 000,118,784 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wkssvc.dll – (LanmanWorkstation)

    ========== Drive Information ==========[/color:46b226ee56]
  • Physical Drives
    —————

    Drive: \.\\PHYSICALDRIVE0 - Fixed hard disk media
    Interface type: IDE
    Media Type: Fixed hard disk media
    Model: HITACHI HTS547575A9E384
    Partitions: 4
    Status: OK
    Status Info: 0

    Partitions
    —————

    DeviceID: Disk #0, Partition #0
    PartitionType: Installable File System
    Bootable: True
    BootPartition: True
    PrimaryPartition: True
    Size: 200,00MB
    Starting Offset: 1048576
    Hidden sectors: 0


    DeviceID: Disk #0, Partition #1
    PartitionType: Installable File System
    Bootable: False
    BootPartition: False
    PrimaryPartition: True
    Size: 653,00GB
    Starting Offset: 210763776
    Hidden sectors: 0


    DeviceID: Disk #0, Partition #2
    PartitionType: Installable File System
    Bootable: False
    BootPartition: False
    PrimaryPartition: True
    Size: 25,00GB
    Starting Offset: 701836034048
    Hidden sectors: 0


    DeviceID: Disk #0, Partition #3
    PartitionType: Unknown
    Bootable: False
    BootPartition: False
    PrimaryPartition: True
    Size: 20,00GB
    Starting Offset: 729182896128
    Hidden sectors: 0


    < %SYSTEMDRIVE%\*.exe >[/color:0dc878a5be]

    < %SYSTEMDRIVE%\*.* >[/color:0dc878a5be]
    [2010-11-21 04:23:51 | 000,383,786 | RHS- | M] () – C:\bootmgr
    [2011-02-24 18:03:41 | 000,008,192 | RHS- | M] () – C:\BOOTSECT.BAK
    [2013-02-04 18:25:38 | 001,912,059 | —- | M] () – C:\FaceProv.log
    [2013-02-04 15:50:52 | 2040,041,471 | -HS- | M] () – C:\hiberfil.sys
    [2013-02-04 15:50:55 | 4151,713,791 | -HS- | M] () – C:\pagefile.sys

    < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >[/color:0dc878a5be]

    < %systemroot%\*. /mp /s >[/color:0dc878a5be]

    < %systemroot%\system32\*.sys /90 >[/color:0dc878a5be]

    < %systemroot%\system32\*.dll /lockedfiles >[/color:0dc878a5be]

    < %systemroot%\Tasks\*.job /lockedfiles >[/color:0dc878a5be]

    < %systemroot%\system32\drivers\*.sys /lockedfiles >[/color:0dc878a5be]

    < %systemroot%\system32\*.exe /lockedfiles >[/color:0dc878a5be]

    < %systemroot%\System32\config\*.sav >[/color:0dc878a5be]

    < %PROGRAMFILES%\* >[/color:0dc878a5be]
    [2009-07-14 05:54:24 | 000,000,174 | -HS- | M] () – C:\Program Files (x86)\desktop.ini

    < %USERPROFILE%\..|smtmp;true;true;true /FP >[/color:0dc878a5be]

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color:0dc878a5be]

    < hklm\software\clients\startmenuinternet|command
    s >[/color:0dc878a5be]
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013-01-20 15:40:41 | 000,866,360 | —- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013-01-20 15:40:41 | 000,866,360 | —- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013-01-20 15:40:41 | 000,866,360 | —- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2013-01-20 15:40:41 | 000,917,400 | —- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2013-01-20 15:40:41 | 000,917,400 | —- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2013-01-20 15:40:41 | 000,917,400 | —- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" –show-icons [2011-06-24 07:25:50 | 001,012,792 | —- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" –hide-icons [2011-06-24 07:25:50 | 001,012,792 | —- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" –make-default-browser [2011-06-24 07:25:50 | 001,012,792 | —- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2011-06-24 07:25:50 | 001,012,792 | —- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011-10-10 08:48:08 | 000,074,240 | —- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011-10-10 08:48:08 | 000,074,240 | —- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011-10-10 08:48:08 | 000,074,240 | —- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell
    aom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012-11-14 03:56:04 | 000,757,296 | —- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012-11-14 03:56:04 | 000,757,296 | —- | M] (Microsoft Corporation)

    < hklm\software\clients\startmenuinternet|command /64
    s >[/color:0dc878a5be]
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2013-01-20 15:40:41 | 000,866,360 | —- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2013-01-20 15:40:41 | 000,866,360 | —- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2013-01-20 15:40:41 | 000,866,360 | —- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2013-01-20 15:40:41 | 000,917,400 | —- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2013-01-20 15:40:41 | 000,917,400 | —- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2013-01-20 15:40:41 | 000,917,400 | —- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" –SHOW-ICONS [2011-06-24 07:25:50 | 001,012,792 | —- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" –HIDE-ICONS [2011-06-24 07:25:50 | 001,012,792 | —- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" –MAKE-DEFAULT-BROWSER [2011-06-24 07:25:50 | 001,012,792 | —- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2011-06-24 07:25:50 | 001,012,792 | —- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011-10-10 08:48:08 | 000,089,088 | —- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011-10-10 08:48:08 | 000,089,088 | —- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011-10-10 08:48:08 | 000,089,088 | —- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell
    aom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012-11-14 03:56:04 | 000,757,296 | —- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012-11-14 03:56:04 | 000,757,296 | —- | M] (Microsoft Corporation)

    < End of report >
  • Poeh, flinke texten, even puzzelen om het compleet hier op het forum te krijgen, hopelijk gaat het goed; nu komt Extras.txt:

    OTL Extras logfile created on: 4-2-2013 18:37:14 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Trix\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    7,87 Gb Total Physical Memory | 6,01 Gb Available Physical Memory | 76,38% Memory free
    15,73 Gb Paging File | 13,65 Gb Available in Paging File | 86,75% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 653,44 Gb Total Space | 565,31 Gb Free Space | 86,51% Space Free | Partition Type: NTFS
    Drive D: | 25,47 Gb Total Space | 20,96 Gb Free Space | 82,31% Space Free | Partition Type: NTFS

    Computer Name: TRIX-PC | User Name: Trix | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========[/color:6e13e4c6eb]


    ========== File Associations ==========[/color:6e13e4c6eb]

    [b:6e13e4c6eb]64bit:[/b:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = ChromeHTML] – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    .url[@ = InternetShortcut] – C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] – C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

    [HKEY_USERS\S-1-5-21-1344933989-1830536301-1791700931-1001\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] – C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========[/color:6e13e4c6eb]

    [b:6e13e4c6eb]64bit:[/b:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    exefile [open] – "%1" %*
    helpfile [open] – Reg Error: Key error.
    htmlfile [edit] – Reg Error: Key error.
    htmlfile [print] – rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    http [open] – "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" – "%1" (Google Inc.)
    https [open] – "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" – "%1" (Google Inc.)
    inffile [install] – %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] – "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] – "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] – "%1" /S
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] – cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] – Reg Error: Value error.
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    cplfile [cplopen] – %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] – "%1" %*
    helpfile [open] – Reg Error: Key error.
    htmlfile [edit] – Reg Error: Key error.
    htmlfile [print] – rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    http [open] – "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" – "%1" (Google Inc.)
    https [open] – "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" – "%1" (Google Inc.)
    inffile [install] – %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] – "%1" /S
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] – cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] – Reg Error: Value error.
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========[/color:6e13e4c6eb]

    [b:6e13e4c6eb]64bit:[/b:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [b:6e13e4c6eb]64bit:[/b:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [b:6e13e4c6eb]64bit:[/b:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [b:6e13e4c6eb]64bit:[/b:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========[/color:6e13e4c6eb]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========[/color:6e13e4c6eb]


    ========== Vista Active Open Ports Exception List ==========[/color:6e13e4c6eb]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{171C3E6E-60B3-4A93-A265-511E5E5741EB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{1F12F3E5-051E-4E3C-ADEE-9872335FB42B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{22C46F1C-1A35-4010-A2A6-BCEA71FCF999}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{23032618-BE40-40F0-9035-F978205BBE54}" = lport=139 | protocol=6 | dir=in | app=system |
    "{242CD74C-9A84-45B9-BA32-34CE7FB6D218}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{27DDBEE9-838F-40A0-9E60-B06541F815A8}" = rport=138 | protocol=17 | dir=out | app=system |
    "{30C7C8F5-7A35-4EA8-ABF6-74E03D090AB4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{4DB573FC-F718-4F66-A0BB-FD79AB3A2B92}" = rport=445 | protocol=6 | dir=out | app=system |
    "{4DE14A23-51DB-424C-9469-250A81A65D9F}" = rport=139 | protocol=6 | dir=out | app=system |
    "{66C073DA-14EF-47E7-8A0E-D977BE7C4E1F}" = lport=137 | protocol=17 | dir=in | app=system |
    "{6707C146-0F08-4377-A825-ED13E7ECDE8C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{6F2E9F33-5F62-4FE5-A4D1-E72BFA866BDD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{6F98D465-C2B2-49FA-A375-EFA44A6F8AF6}" = rport=137 | protocol=17 | dir=out | app=system |
    "{83E7BAD9-7E5B-44FA-88BC-172D2BBAC347}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{998B5B4C-7540-4298-8946-4B9255709216}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{9DFAB428-E5D1-4279-A684-20B3A13FB1FE}" = lport=138 | protocol=17 | dir=in | app=system |
    "{A1E10B8C-65D1-4C90-869A-F43AD94C210E}" = lport=445 | protocol=6 | dir=in | app=system |
    "{AB0FDD52-7C12-41E4-B925-3058E1FB578D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{AF6AD98A-5D92-4535-9777-E4A90CDD35AD}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{C82E0EA6-4E37-459B-8261-03EFD6404EC2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{D4BEA4E6-05A6-4569-B206-58A6990B1236}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{E811D20A-151D-480B-AF85-6AA7220F7922}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{F852DB1D-287B-412A-9FD7-3FA71CA84993}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========[/color:6e13e4c6eb]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{07ADB104-CB4C-40D4-AC16-8A6E08CDDD11}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{09FAAAF0-4013-46DC-9240-21FC3DEB8755}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{1AEFABAA-E1C5-44FC-A560-61D4A69FE340}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{25DF4A92-5AA4-44FA-9E93-C769DEA15817}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{275776DF-447C-48CC-A020-9994EB0EDA9E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{2833F88B-1BA3-439F-B0DE-311CE94E84F2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{2A0B3E57-76F5-444F-841A-25A344D270FB}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{2C5473D2-48E3-48A8-8D6D-946687488288}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{31CF8DE5-FBAF-46BD-923B-14FA7A08A4F7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{52669D32-3EA3-4CD1-A93C-62E349517412}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{53108EEE-A051-4505-8593-D81CE373FFC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{58334161-9CFB-4148-9BA4-8449BA4F2E5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{5AE8F2BE-4C6E-45F1-88A7-36A0AC668080}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{8BCD0CB5-4429-445D-AF4D-A5354E572597}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{9DF1AB82-5FA5-4212-8B70-8613A725F58D}" = protocol=6 | dir=out | app=system |
    "{AB050893-5865-43AE-B6DA-2C5E7587492F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{B66AD3F8-800A-4343-AFB5-DABAA4AA4430}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C73E8A8B-C8F8-4984-8651-DEB1D0A59896}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{CCC11F98-40D4-4E9E-A87E-0C3D8ED13B10}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{D2A05E63-D933-4F2A-A6E3-13E31F4998C6}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{E8B44872-A602-419A-BD6B-441F991627CC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{E8FA1DCD-D5BF-4CE9-9F0B-E5A58E410BC6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{F0B3F74D-FE6C-40E7-A2E1-73D67DA0C17F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{FC5ACAC2-C81C-4D7C-B5FB-2FC0D105BDCE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:6e13e4c6eb]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
    "{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
    "{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
    "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
    "{90140000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2010
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-configuratiescherm 306.97
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafisch stuurprogramma 306.97
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.1111
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
    "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
    "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
    "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
    "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
    "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "99841829BE839365AA67B2AD0E50D371F59F8A1E" = Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1)
    "Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
    "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
    "{16D5D9E9-C8DE-4014-A09C-B9B5ABA0F7FA}" = Lenovo MuteSync
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
    "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros WLAN Client Installation Program
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
    "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "{4677B88C-CE16-4CBB-A2CB-B76E9D456C7F}" = Nsd
    "{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
    "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
    "{48F851E7-DD0C-4A35-AD7A-57878023E987}" = Lenovo CAPOSD
    "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
    "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
    "{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
    "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
    "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
    "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
    "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010
    "{90140000-0015-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010
    "{90140000-0016-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010
    "{90140000-0018-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010
    "{90140000-0019-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010
    "{90140000-001A-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010
    "{90140000-001B-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
    "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
    "{90140000-001F-0413-0000-0000000FF1CE}_Office14.SingleImage_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0413-1000-0000000FF1CE}_Office14.SingleImage_{B9427E36-0B0A-48F4-8A51-1C178708A28E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010
    "{90140000-002C-0413-0000-0000000FF1CE}_Office14.SingleImage_{D3B92058-CF96-445F-A297-F7ED19C4E841}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
    "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010
    "{90140000-006E-0413-0000-0000000FF1CE}_Office14.SingleImage_{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010
    "{90140000-00A1-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-7AD7-1043-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Nederlands
    "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
    "{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = Lenovo EasyCamera
    "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
    "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
    "{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
    "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
    "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
    "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
    "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
    "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
    "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
    "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
    "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
    "{FDB0A81A-1173-4B15-BEA4-89FEA0474F17}" = Intelligent Touchpad
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "avast" = avast! Free Antivirus
    "ESET Online Scanner" = ESET Online Scanner v3
    "Google Chrome" = Google Chrome
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
    "InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
    "InstallShield_{48F851E7-DD0C-4A35-AD7A-57878023E987}" = Lenovo CAPOSD
    "InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
    "InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
    "InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100
    "Mozilla Firefox 18.0.1 (x86 nl)" = Mozilla Firefox 18.0.1 (x86 nl)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Office14.SingleImage" = Microsoft Office Home and Student 2010
    "VeriFace" = VeriFace
    "WinLiveSuite" = Windows Live Essentials

    ========== Last 20 Event Log Errors ==========[/color:527785e2db]

    [ Application Events ]
    Error - 25-1-2013 9:40:31 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328
    Description = An error has occurred (—query ManualSetMs key success failed with
    0, The Code is:0x424.).

    Error - 25-1-2013 9:40:38 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328
    Description = An error has occurred (—Get Poicy Open key suc failed with 0, The
    Code is:0x422.).

    Error - 25-1-2013 9:40:38 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328
    Description = An error has occurred (—query POLICYVT key success failed with 0,
    The Code is:0x424.).

    Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328
    Description = An error has occurred (—IKEEXT failed with 27346, The Code is:0x598.).

    Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328
    Description = An error has occurred (—IKEEXT failed with 27346, The Code is:0x599.).

    Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328
    Description = An error has occurred (—Dhcp failed with 27346, The Code is:0x598.).

    Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328
    Description = An error has occurred (—Dhcp failed with 27346, The Code is:0x599.).

    Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328
    Description = An error has occurred (—EventSystem failed with 27346, The Code
    is:0x598.).

    Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328
    Description = An error has occurred (—EventSystem failed with 27346, The Code
    is:0x599.).

    Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328
    Description = An error has occurred (—WSearch failed with 27346, The Code is:0x598.).

    [ Media Center Events ]
    Error - 11-1-2013 13:43:56 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0
    Description = 18:43:56 - Fout bij verbinden met internet. 18:43:56 - Kan geen
    contact maken met server..

    Error - 11-1-2013 14:44:01 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0
    Description = 19:44:01 - Fout bij verbinden met internet. 19:44:01 - Kan geen
    contact maken met server..

    Error - 11-1-2013 17:56:02 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0
    Description = 22:56:02 - Fout bij verbinden met internet. 22:56:02 - Kan geen
    contact maken met server..

    Error - 20-1-2013 14:41:02 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0
    Description = 19:41:02 - Fout bij verbinden met internet. 19:41:02 - Kan geen
    contact maken met server..

    Error - 20-1-2013 14:41:10 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0
    Description = 19:41:07 - Fout bij verbinden met internet. 19:41:07 - Kan geen
    contact maken met server..

    Error - 31-1-2013 21:14:45 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0
    Description = 2:14:45 - Fout bij verbinden met internet. 2:14:45 - Kan geen contact
    maken met server..

    Error - 31-1-2013 22:14:54 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0
    Description = 3:14:54 - Fout bij verbinden met internet. 3:14:54 - Kan geen contact
    maken met server..

    Error - 31-1-2013 23:15:05 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0
    Description = 4:15:05 - Fout bij verbinden met internet. 4:15:05 - Kan geen contact
    maken met server..

    Error - 1-2-2013 13:20:43 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0
    Description = 18:20:43 - Fout bij verbinden met internet. 18:20:43 - Kan geen
    contact maken met server..

    Error - 3-2-2013 17:33:52 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0
    Description = 22:33:51 - Fout bij verbinden met internet. 22:33:51 - Kan geen
    contact maken met server..

    [ System Events ]
    Error - 4-2-2013 10:25:13 | Computer Name = Trix-PC | Source = DCOM | ID = 10005
    Description =

    Error - 4-2-2013 10:25:19 | Computer Name = Trix-PC | Source = DCOM | ID = 10005
    Description =

    Error - 4-2-2013 10:25:21 | Computer Name = Trix-PC | Source = DCOM | ID = 10005
    Description =

    Error - 4-2-2013 10:25:21 | Computer Name = Trix-PC | Source = DCOM | ID = 10005
    Description =

    Error - 4-2-2013 10:49:32 | Computer Name = Trix-PC | Source = DCOM | ID = 10010
    Description =

    Error - 4-2-2013 10:51:23 | Computer Name = Trix-PC | Source = BTHUSB | ID = 327697
    Description = Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden
    en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd.

    Error - 4-2-2013 10:51:27 | Computer Name = Trix-PC | Source = Service Control Manager | ID = 7038
    Description = De nvUpdatusService-service kan niet als .\UpdatusUser met het huidig
    ingestelde wachtwoord worden aangemeld vanwege de volgende fout: %%1330 Gebruik
    de module Services in de Microsoft Management Console (MMC) om te controleren of
    de service juist is geconfigureerd.

    Error - 4-2-2013 10:51:27 | Computer Name = Trix-PC | Source = Service Control Manager | ID = 7000
    Description = De NVIDIA Update Service Daemon-service kan vanwege de volgende fout
    niet worden gestart: %%1069

    Error - 4-2-2013 10:51:32 | Computer Name = Trix-PC | Source = BTHUSB | ID = 327697
    Description = Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden
    en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd.

    Error - 4-2-2013 13:25:32 | Computer Name = Trix-PC | Source = BTHUSB | ID = 327697
    Description = Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden
    en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd.


    < End of report >


    Ik herken wel de Bluetooth erin, daar hebben we mee geprobeerd om gegevens via zo'n smartphone proberen uit te wisselen, dat lukte niet, dus met kabel, dat ging wel.

    Bvd!
    Groetjes Holly
  • Het OTL-log laat feitelijk niks bijzonders zien, is Windows met McAfee antivirus gekomen?

    [b:bf89584732]Stap •1•[/b:bf89584732][/color:bf89584732]
    [b:bf89584732]Welk programma[/b:bf89584732]: [b:bf89584732]Junkware Removal Tool by Thisisu[/b:bf89584732][/color:bf89584732]
    [b:bf89584732]Waarvoor/waarom[/b:bf89584732]: Scanner om Windows o.a. te ontdoen van malafide toolbars.
    [b:bf89584732]Moeilijkheidsgraad[/b:bf89584732]: Geen.
    [b:bf89584732]Downloadlokatie[/b:bf89584732]: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen!
    [b:bf89584732]Download[/b:bf89584732]: [b:bf89584732]JRT.exe[/b:bf89584732][/color:bf89584732]
    .
    [b:bf89584732]Opmerkingen[/b:bf89584732]:
    [list:bf89584732][*:bf89584732][b:bf89584732] Alle openstaande programma's en webpagina's dienen afgesloten te zijn[/b:bf89584732][/color:bf89584732].
    [*:bf89584732] [b:bf89584732]Het is raadzaam de actieve beveiligingssoftware te deaktiveren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.[/color:bf89584732][/b:bf89584732]:
    [*:bf89584732][b:bf89584732]Hier[/color:bf89584732][/b:bf89584732] en [b:bf89584732]hier[/color:bf89584732][/b:bf89584732] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
    [*:bf89584732]Dat tijdens de scan van [b:bf89584732]JRT.exe[/b:bf89584732][/color:bf89584732] tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.[/list:u:bf89584732]
    [b:bf89584732]Junkware Removal Tool by Thisisu[/color:bf89584732] opstarten[/b:bf89584732]:
    [list:bf89584732][*:bf89584732][b:bf89584732]Windows 2000[/color:bf89584732][/b:bf89584732] en [b:bf89584732]Windows XP[/b:bf89584732][/color:bf89584732]: dubbelklik op [b:bf89584732]JRT.exe[/b:bf89584732][/color:bf89584732].
    [*:bf89584732][b:bf89584732]Windows Vista[/b:bf89584732][/color:bf89584732], [b:bf89584732]Windows 7[/b:bf89584732][/color:bf89584732] en [b:bf89584732]Windows 8[/b:bf89584732][/color:bf89584732]: via rechtsklik op [b:bf89584732]JRT.exe[/b:bf89584732][/color:bf89584732] en kies voor "Als Administrator uitvoeren".
    [*:bf89584732][b:bf89584732]JRT.exe[/b:bf89584732][/color:bf89584732] zal daarna Windows gaan scannen.
    [*:bf89584732]Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig.
    [*:bf89584732]Als de scan voltooid is zal een logje ([b:bf89584732]JRT.txt[/b:bf89584732][/color:bf89584732]) op het bureaublad opgeslagen worden en automatisch openen.
    [*:bf89584732]Post de inhoud van dit log in je volgende bericht.[/list:u:bf89584732]

    [b:bf89584732]Stap •2•[/b:bf89584732][/color:bf89584732]
    [b:bf89584732]Welk programma[/b:bf89584732]: [b:bf89584732]ComboFix[/b:bf89584732][/color:bf89584732]
    [b:bf89584732]Waarvoor/waarom[/b:bf89584732]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en op te schonen.
    [b:bf89584732]Moeilijkheidsgraad[/b:bf89584732]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:bf89584732]Downloadlokatie[/b:bf89584732]: Dit programma absoluut naar het bureaublad downloaden!
    [b:bf89584732]Download ComboFix via één van deze locaties[/b:bf89584732]:
    [list:bf89584732][*:bf89584732][b:bf89584732]Bleepingcomputer[/b:bf89584732]
    [*:bf89584732][b:bf89584732]ForoSpyware[/b:bf89584732]
    [*:bf89584732][b:bf89584732]Geekstogo[/b:bf89584732][/list:u:bf89584732]
    [b:bf89584732]Hier[/color:bf89584732][/b:bf89584732] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor je ComboFix start gedeaktiveert zijn!
    [b:bf89584732]Hier[/color:bf89584732][/b:bf89584732] en [b:bf89584732]hier[/color:bf89584732][/b:bf89584732] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:bf89584732]Opmerkingen[/b:bf89584732]:
    [list:bf89584732][*:bf89584732]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:bf89584732]
    [b:bf89584732]ComboFix opstarten[/b:bf89584732]:
    [list:bf89584732][*:bf89584732][b:bf89584732]Windows 2000[/color:bf89584732][/b:bf89584732] en [b:bf89584732]Windows XP[/b:bf89584732][/color:bf89584732]: dubbelklik op ComboFix.exe.
    [*:bf89584732][b:bf89584732]Windows Vista[/b:bf89584732][/color:bf89584732] en [b:bf89584732]Windows 7[/b:bf89584732][/color:bf89584732]: via rechtsklik op ComboFix.exe en kies voor "Als Administrator uitvoeren".[/list:u:bf89584732]
    [b:bf89584732]ComboFix is opgestart[/b:bf89584732]:
    [list:bf89584732][*:bf89584732]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:bf89584732]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:bf89584732]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:bf89584732]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:bf89584732]Post de inhoud van dit logbestand in je volgende bericht.
    [*:bf89584732]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:bf89584732]
    [b:bf89584732]Belangrijke opmerking[/b:bf89584732]:
    [list:bf89584732][*:bf89584732][b:bf89584732]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:bf89584732][/b:bf89584732]
    [*:bf89584732][b:bf89584732]Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.[/color:bf89584732][/b:bf89584732]
    [*:bf89584732][b:bf89584732]Start dan de computer opnieuw op.[/color:bf89584732][/b:bf89584732][/list:u:bf89584732]
  • Hallo Abraham54,
    OTL niets bijzonders, dat stemt me al wat vrolijker. De McAfee was idd met de laptop gratis een paar maanden, zodra die voorbij was meteen Avast geinstalleerd (na verwijderen McAfee). En firewall Defender, maar miss toch beter weer Armor?

    Internet is een beetje een knipperlicht, maar kon de progjes downloaden en heb ze offline laten runnen. Hierbij de rapporten van de scans (1st JRT en dan ComboFix):

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 4.6.2 (02.02.2013:2)
    OS: Windows 7 Home Premium x64
    Ran by Trix on di 05-02-2013 at 1:20:44,73
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
    Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1344933989-1830536301-1791700931-1001\software\microsoft\internet explorer\searchscopes\\DefaultScope



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Folder] "C:\ProgramData\partner"



    ~~~ FireFox

    Successfully deleted: [File] "C:\Users\Trix\AppData\Roaming\mozilla\firefox\profiles\tpdjclsh.default\extensions\jid0-irAmugmQgdURBSCIFZAcjR8ZQMg@jetpack.xpi"
    Emptied folder: C:\Users\Trix\AppData\Roaming\mozilla\firefox\profiles\tpdjclsh.default\minidumps [15 files]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on di 05-02-2013 at 1:35:16,46
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ComboFix 13-02-03.03 - Trix 05-02-2013 1:51.1.8 - x64
    Gestart vanuit: c:\users\Trix\Desktop\ComboFix.exe
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Trix\AppData\Local\Microsoft\Windows\Temporary Internet Files\{1852468D-124F-4A2D-97B3-8DEF46CADE06}.xps
    c:\users\Trix\AppData\Local\Microsoft\Windows\Temporary Internet Files\{31C7B559-98CE-4B7A-B2C2-539B95B4DCC2}.xps
    c:\users\Trix\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F02143D1-F36B-442E-8DBF-735D41691659}.xps
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2013-01-05 to 2013-02-05 ))))))))))))))))))))))))))))))
    .
    .
    2013-02-05 00:20 . 2013-02-05 00:20 ——– d—–w- c:\windows\ERUNT
    2013-02-05 00:19 . 2013-02-05 00:20 ——– d—–w- C:\JRT
    2013-02-04 17:27 . 2013-02-04 17:27 76232 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4879592-1236-4E28-A827-4BBF8CAEB3CF}\offreg.dll
    2013-02-04 00:28 . 2013-01-08 05:32 9161176 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4879592-1236-4E28-A827-4BBF8CAEB3CF}\mpengine.dll
    2013-02-03 00:33 . 2013-02-03 00:33 ——– d—–w- c:\users\Trix\AppData\Roaming\Ahead
    2013-02-03 00:33 . 2013-02-03 00:33 ——– d—–w- c:\programdata\Ahead
    2013-02-03 00:33 . 2013-02-03 22:03 ——– d—–w- c:\program files (x86)\Common Files\Ahead
    2013-02-02 02:31 . 2013-02-02 02:32 ——– d—–w- c:\programdata\xml_param
    2013-02-02 02:12 . 2013-02-02 02:21 ——– d—–w- c:\users\Trix\AppData\Roaming\MC Burner
    2013-01-24 23:41 . 2013-01-24 23:41 ——– d—–w- c:\users\Trix\AppData\Roaming\CyberLink
    2013-01-24 23:41 . 2013-01-24 23:41 ——– d—–w- c:\users\Public\CyberLink
    2013-01-09 16:10 . 2012-11-30 05:41 424448 —-a-w- c:\windows\system32\KernelBase.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-01-17 00:28 . 2010-11-21 03:27 273840 ——w- c:\windows\system32\MpSigStub.exe
    2013-01-10 11:51 . 2012-10-16 17:03 74248 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-01-10 11:51 . 2012-10-16 17:03 697864 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2013-01-10 00:42 . 2012-10-16 14:51 67599240 —-a-w- c:\windows\system32\MRT.exe
    2012-12-16 17:11 . 2012-12-21 09:32 46080 —-a-w- c:\windows\system32\atmlib.dll
    2012-12-16 14:45 . 2012-12-21 09:32 367616 —-a-w- c:\windows\system32\atmfd.dll
    2012-12-16 14:13 . 2012-12-21 09:32 295424 —-a-w- c:\windows\SysWow64\atmfd.dll
    2012-12-16 14:13 . 2012-12-21 09:32 34304 —-a-w- c:\windows\SysWow64\atmlib.dll
    2012-12-14 15:49 . 2012-10-16 16:53 24176 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-12-14 01:42 . 2012-12-14 01:42 9728 —-a-w- c:\windows\system32\IGFXDEVLib.dll
    2012-12-14 01:42 . 2012-12-14 01:42 437760 —-a-w- c:\windows\system32\igfxrnor.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 21850112 —-a-w- c:\windows\SysWow64\igdfcl32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 196096 —-a-w- c:\windows\SysWow64\IntelOpenCL32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 384512 —-a-w- c:\windows\system32\igfxpph.dll
    2012-12-14 01:42 . 2012-02-06 08:57 12615680 —-a-w- c:\windows\system32\igdumd64.dll
    2012-12-14 01:42 . 2012-12-14 01:42 64512 —-a-w- c:\windows\SysWow64\igdde32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 440320 —-a-w- c:\windows\system32\igfxrell.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 437760 —-a-w- c:\windows\system32\igfxrptb.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 437248 —-a-w- c:\windows\system32\igfxrtha.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 435712 —-a-w- c:\windows\system32\igfxrheb.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 435712 —-a-w- c:\windows\system32\igfxrara.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 431104 —-a-w- c:\windows\system32\igfxrkor.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 429056 —-a-w- c:\windows\system32\igfxrcht.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 330752 —-a-w- c:\windows\SysWow64\igfxdv32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 28672 —-a-w- c:\windows\system32\igfxexps.dll
    2012-12-14 01:42 . 2012-12-14 01:42 180224 —-a-w- c:\windows\SysWow64\iglhcp32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 11174912 —-a-w- c:\windows\SysWow64\igd10umd32.dll
    2012-12-14 01:42 . 2012-02-06 08:57 64000 —-a-w- c:\windows\system32\igfxsrvc.dll
    2012-12-14 01:42 . 2012-02-06 08:57 110592 —-a-w- c:\windows\system32\hccutils.dll
    2012-12-14 01:42 . 2012-12-14 01:42 640512 —-a-w- c:\windows\SysWow64\igfxcmrt32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 512112 —-a-w- c:\windows\system32\igfxsrvc.exe
    2012-12-14 01:42 . 2012-12-14 01:42 438784 —-a-w- c:\windows\system32\igfxrnld.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 438784 —-a-w- c:\windows\system32\igfxrdeu.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 3121152 —-a-w- c:\windows\SysWow64\igfxcmjit32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 255088 —-a-w- c:\windows\system32\igfxext.exe
    2012-12-14 01:42 . 2012-12-14 01:42 483840 —-a-w- c:\windows\system32\igfx11cmrt64.dll
    2012-12-14 01:42 . 2012-12-14 01:42 439808 —-a-w- c:\windows\system32\igfxresn.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 437760 —-a-w- c:\windows\system32\igfxrtrk.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 428544 —-a-w- c:\windows\system32\igfxrchs.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 241664 —-a-w- c:\windows\system32\IntelOpenCL64.dll
    2012-12-14 01:42 . 2012-02-06 08:57 9007616 —-a-w- c:\windows\system32\igfxress.dll
    2012-12-14 01:42 . 2012-02-06 08:57 12858368 —-a-w- c:\windows\system32\igd10umd64.dll
    2012-12-14 01:42 . 2012-12-14 01:42 80384 —-a-w- c:\windows\system32\igdde64.dll
    2012-12-14 01:42 . 2012-12-14 01:42 754652 —-a-w- c:\windows\system32\igcodeckrng700.bin
    2012-12-14 01:42 . 2012-12-14 01:42 598384 —-a-w- c:\windows\system32\igvpkrng700.bin
    2012-12-14 01:42 . 2012-12-14 01:42 459264 —-a-w- c:\windows\SysWow64\igfx11cmrt32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 439296 —-a-w- c:\windows\system32\igfxrrus.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 438784 —-a-w- c:\windows\system32\igfxrptg.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 286208 —-a-w- c:\windows\system32\igfxrenu.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 142336 —-a-w- c:\windows\system32\igfxdo.dll
    2012-12-14 01:42 . 2012-02-06 08:57 11049472 —-a-w- c:\windows\SysWow64\igdumd32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 56832 —-a-w- c:\windows\system32\Intel_OpenCL_ICD64.dll
    2012-12-14 01:42 . 2012-12-14 01:42 5353888 —-a-w- c:\windows\system32\drivers\igdkmd64.sys
    2012-12-14 01:42 . 2012-12-14 01:42 439296 —-a-w- c:\windows\system32\igfxrrom.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 438272 —-a-w- c:\windows\system32\igfxrcsy.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 25088 —-a-w- c:\windows\SysWow64\igfxexps32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 185968 —-a-w- c:\windows\system32\difx64.exe
    2012-12-14 01:42 . 2012-12-14 01:42 11633152 —-a-w- c:\windows\system32\ig7icd64.dll
    2012-12-14 01:42 . 2012-02-06 08:58 56832 —-a-w- c:\windows\system32\OpenCL.dll
    2012-12-14 01:42 . 2012-12-14 01:42 8621056 —-a-w- c:\windows\SysWow64\ig7icd32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 518656 —-a-w- c:\windows\system32\igfxcmrt64.dll
    2012-12-14 01:42 . 2012-12-14 01:42 438272 —-a-w- c:\windows\system32\igfxrfin.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 437760 —-a-w- c:\windows\system32\igfxrsve.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 432128 —-a-w- c:\windows\system32\igfxrjpn.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 27457536 —-a-w- c:\windows\system32\igdfcl64.dll
    2012-12-14 01:42 . 2012-12-14 01:42 116224 —-a-w- c:\windows\system32\igfxCoIn_v2932.dll
    2012-12-14 01:42 . 2012-12-14 01:42 442880 —-a-w- c:\windows\system32\igfxdev.dll
    2012-12-14 01:42 . 2012-12-14 01:42 438784 —-a-w- c:\windows\system32\igfxrita.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 438272 —-a-w- c:\windows\system32\igfxrhun.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 437248 —-a-w- c:\windows\system32\igfxrdan.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 27643904 —-a-w- c:\windows\SysWow64\igdrcl32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 126976 —-a-w- c:\windows\system32\igfxcpl.cpl
    2012-12-14 01:42 . 2012-12-14 01:42 441968 —-a-w- c:\windows\system32\igfxpers.exe
    2012-12-14 01:42 . 2012-12-14 01:42 439808 —-a-w- c:\windows\system32\igfxrfra.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 410112 —-a-w- c:\windows\system32\igfxTMM.dll
    2012-12-14 01:42 . 2012-12-14 01:42 3581440 —-a-w- c:\windows\system32\igdbcl64.dll
    2012-12-14 01:42 . 2012-12-14 01:42 172144 —-a-w- c:\windows\system32\igfxtray.exe
    2012-12-14 01:42 . 2012-12-14 01:42 5906032 —-a-w- c:\windows\system32\GfxUI.exe
    2012-12-14 01:42 . 2012-12-14 01:42 56320 —-a-w- c:\windows\SysWow64\Intel_OpenCL_ICD32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 438784 —-a-w- c:\windows\system32\igfxrsky.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 438784 —-a-w- c:\windows\system32\igfxrplk.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 438784 —-a-w- c:\windows\system32\igfxrhrv.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 3511296 —-a-w- c:\windows\system32\igfxcmjit64.dll
    2012-12-14 01:42 . 2012-12-14 01:42 2898944 —-a-w- c:\windows\SysWow64\igdbcl32.dll
    2012-12-14 01:42 . 2012-12-14 01:42 27664896 —-a-w- c:\windows\system32\igdrcl64.dll
    2012-12-14 01:42 . 2012-12-14 01:42 175104 —-a-w- c:\windows\system32\gfxSrvc.dll
    2012-12-14 01:42 . 2012-02-06 08:58 56320 —-a-w- c:\windows\SysWow64\OpenCL.dll
    2012-12-14 01:42 . 2012-12-14 01:42 437760 —-a-w- c:\windows\system32\igfxrslv.lrc
    2012-12-14 01:42 . 2012-12-14 01:42 399984 —-a-w- c:\windows\system32\hkcmd.exe
    2012-12-14 01:42 . 2012-12-14 01:42 277616 —-a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
    2012-12-14 01:42 . 2012-12-14 01:42 216064 —-a-w- c:\windows\system32\iglhcp64.dll
    2012-12-12 22:00 . 2012-12-12 22:01 916456 —-a-w- c:\windows\system32\deployJava1.dll
    2012-12-12 22:00 . 2012-12-12 22:01 289768 —-a-w- c:\windows\system32\javaws.exe
    2012-12-12 22:00 . 2012-12-12 22:01 1034216 —-a-w- c:\windows\system32
    pDeployJava1.dll
    2012-12-12 22:00 . 2012-12-12 22:01 189416 —-a-w- c:\windows\system32\javaw.exe
    2012-12-12 22:00 . 2012-12-12 22:01 188904 —-a-w- c:\windows\system32\java.exe
    2012-12-12 22:00 . 2012-12-12 22:01 108008 —-a-w- c:\windows\system32\WindowsAccessBridge-64.dll
    2012-11-30 04:45 . 2013-01-09 16:10 44032 —-a-w- c:\windows\apppatch\acwow64.dll
    2012-11-14 07:06 . 2012-12-12 21:27 17811968 —-a-w- c:\windows\system32\mshtml.dll
    2012-11-14 06:32 . 2012-12-12 21:27 10925568 —-a-w- c:\windows\system32\ieframe.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-05-27 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
    "331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864]
    "Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-06-01 506712]
    "MuteSync"="c:\program files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe" [2012-02-04 343040]
    "Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272]
    "YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
    "YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
    "UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
    "VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-05-27 329056]
    "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
    "CAPOSD"="c:\progra~2\Lenovo\LENOVO~2\CAPOSD.exe" [2012-02-09 1876992]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    "AppInit_DLLs"=c:\windows\SysWOW64
    vinit.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe [2011-12-24 120160]
    R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-12-13 36000]
    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-12-13 259744]
    R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-12-13 109216]
    R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-12-13 166048]
    R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-12-13 59040]
    R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-12-13 283296]
    R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-12-13 290464]
    R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
    R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2011-10-24 313960]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-16 1255736]
    R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2012-05-27 57952]
    S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-27 16152]
    S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-05-27 39008]
    S0 NSD;NSD;c:\windows\system32\drivers
    sd.sys [2011-12-24 24160]
    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS
    vpciflt.sys [2012-10-08 30056]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2012-05-27 13408]
    S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
    S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-12-13 106144]
    S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
    S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-08 128280]
    S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
    S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-12-13 158880]
    S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-05-27 30816]
    S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-12-13 29344]
    S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
    S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-27 356120]
    S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-27 787736]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
    S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2013-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-27 12:58]
    .
    2013-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-27 12:58]
    .
    .
    ——— X64 Entries ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2012-10-30 22:50 133400 —-a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
    @="{771C7324-DA80-49D3-8017-753B0AF60951}"
    [HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
    2012-05-27 12:55 1508192 —-a-w- c:\windows\System32\IcnOvrly.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-12-13 792224]
    "AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-12-13 657568]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-31 12446824]
    "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
    "OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-05-27 789856]
    "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
    "Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-05-27 8079408]
    "EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-05-27 6200368]
    "Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-05-27 206176]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=c:\windows\System32
    vinitx.dll
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.com/ig
    edirectdomain?brand=LENN&bmod=LENN
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://lenovo.msn.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
    FF - ProfilePath - c:\users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\
    FF - prefs.js: browser.startup.homepage - about:home
    FF - ExtSQL: 2012-12-19 16:16; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    Toolbar-Locked - (no file)
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zi.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zi.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zi.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zi.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2013-02-05 01:55:14
    ComboFix-quarantined-files.txt 2013-02-05 00:55
    .
    Pre-Run: 607.358.894.080 bytes beschikbaar
    Post-Run: 607.215.222.784 bytes beschikbaar
    .
    - - End Of File - - 189BF25BEFA07434C38FA10521960F97


    Bvd! Groetjes Holly
  • Hoe gaat het inmiddels?
  • Hallo Abraham54,

    de laptop werkt m.i. een stuk stabieler nu, t knipperen & lang laden is weg (met opstarten gaat ie weer goed en mijn desktopitems blijven staan).

    Internet blijft traag en knipperlicht, maar dat kan ook i.v.m. vele wifi in woonwijk…soms wel 12 netwerken gedetecteerd, een boel dus. Dan soms nog wel verbinding maar laden de pagina's met geen mogelijkheid.

    Heb in mijn email gekke e-mailadressen gevonden, die raar zijn en ik niet ken. (dat kan van eerder zijn, toen er een backdoor was geconstateerd door u, toen is er ook misbruik van mijn ID en email gemaakt helaas).

    Wat kwam er uit de ComboFix en JRT? Zag iets met registersleutels van IE? Ik gebruik IE niet, kan ik die uitzetten? Of is dat een gekke vraag?

    Bvd!
    Groetjes Holly
  • Ik weet niet of je via Softonic download, dat niet meer doen vanwege de vieze wrapper die Softonic gebruikt.

    Doe nu maar het volgende:

    Download [b:3ebf249e9b]Windows Repair All in One[/color:3ebf249e9b][/b:3ebf249e9b].

    [b:3ebf249e9b]Lees deze lange handleiding A.U.B. helemaal door voordat u begint.[/b:3ebf249e9b][/color:3ebf249e9b]
    [b:3ebf249e9b]Notabene:[/color:3ebf249e9b] sluit voordat Windows Repair All in One[/color:3ebf249e9b] de fix gaat doen, eerst alle[/color:3ebf249e9b] andere openstaande vensters![/b:3ebf249e9b]

    [list:3ebf249e9b]
    [*:3ebf249e9b] Dubbelklik op "[b:3ebf249e9b]tweaking.com_windows_repair_aio_setup.exe[/color:3ebf249e9b][/b:3ebf249e9b]" om de installatie daarvan te starten.
    [*:3ebf249e9b] [b:3ebf249e9b]Windows Vista, 7 & 8[/b:3ebf249e9b][/color:3ebf249e9b]: rechtsklik op de setup.exe en dan kiezen voor Als Administrator uitvoeren.
    [*:3ebf249e9b] Klik in het scherm dat verschijnt op "[b:3ebf249e9b]Next[/b:3ebf249e9b]" om het programma op de computer te installeren.
    [*:3ebf249e9b] Volg de verder instructies van de installatie op, wanneer de installatie gereed is klikt u op "[b:3ebf249e9b]Next[/b:3ebf249e9b]" en daarna op "[b:3ebf249e9b]Finish[/b:3ebf249e9b]"
    [*:3ebf249e9b] Hierna wordt het programma automatisch opgestart.
    [*:3ebf249e9b] Indien wordt aangegeven, dat er een [b:3ebf249e9b]update[/b:3ebf249e9b] beschikbaar is, klikt u op [b:3ebf249e9b]JA[/b:3ebf249e9b] om hier mee akkoord te gaan.
    [list:3ebf249e9b]
    [*:3ebf249e9b] Indien u niet beschikt over een werkende internetverbinding, dan kiest u de optie "[b:3ebf249e9b]NEE[/b:3ebf249e9b]".[/list:u:3ebf249e9b]
    [*:3ebf249e9b] In het scherm wat nu verschijnt klik u op "[b:3ebf249e9b]Next[/b:3ebf249e9b]" zoals op de onderstaande afbeelding.
    [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e858705fe93/50e858705e33a-WRAIO-b.png[/img:3ebf249e9b]
    [*:3ebf249e9b] Klik in het vervolg scherm / tabblad [b:3ebf249e9b]Step1[/b:3ebf249e9b] wederom op "[b:3ebf249e9b]Next[/b:3ebf249e9b]"
    [*:3ebf249e9b] Klik in het volgende scherm [b:3ebf249e9b]Step2[/b:3ebf249e9b] wederom op "[b:3ebf249e9b]Next[/b:3ebf249e9b]"
    [*:3ebf249e9b] Bij het volgende scherm [b:3ebf249e9b]Step3[/b:3ebf249e9b] klikt u op "[b:3ebf249e9b]Do it[/b:3ebf249e9b]" om de System File Checker uit te voeren zoals u kunt zien op de onderstaande afbeelding.
    [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e859733bd22/50e859733a1c7-WRAIO-c.png[/img:3ebf249e9b]
    [*:3ebf249e9b] Er zal nu automatisch een CMD / DOS achtig scherm openen, druk hier op een toets om door te gaan.
    [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e859d3a0b45/50e859d39eff0-WRAIO-d.png[/img:3ebf249e9b]
    [*:3ebf249e9b] Als deze scan gereed is klikt u wederom op "[b:3ebf249e9b]Next[/b:3ebf249e9b]"
    [*:3ebf249e9b] Klik in het volgende scherm [b:3ebf249e9b]Step4[/b:3ebf249e9b] wederom op "[b:3ebf249e9b]Next[/b:3ebf249e9b]"
    [*:3ebf249e9b] Klik hierna onder het tabblad [b:3ebf249e9b]Start repairs[/b:3ebf249e9b] op de knop [b:3ebf249e9b]Start[/b:3ebf249e9b] zoals op de onderstaande afbeelding.
    [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e85bad2cdb8/50e85bad2ae7c-WRAIO-e.png[/img:3ebf249e9b]
    [*:3ebf249e9b] Er zal nu een melding verschijnen met de mededeling om een herstelpunt en register back-up aan te maken, klik hier op [b:3ebf249e9b]JA[/b:3ebf249e9b].
    [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e85c0027382/50e85c00267cc-WRAIO-f.png[/img:3ebf249e9b]
    [*:3ebf249e9b] Hierna verschijnt het volgende scherm.
    [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e85c55ebef8/50e85c55e8459-WRAIO-g.png[/img:3ebf249e9b]
    [*:3ebf249e9b] Voer nu verder niets uit op de computer, laat het programma zijn werk doen.
    [*:3ebf249e9b] Als het bovenstaande scherm is gesloten druk dan nogmaals op [b:3ebf249e9b]Start[/b:3ebf249e9b].
    [*:3ebf249e9b] Standaard staan nu alle items aangevinkt, laat deze zo staan en klik op de knop [b:3ebf249e9b]start[/b:3ebf249e9b] zoals u kunt zien op de onderstaande afbeelding.
    [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e85d423523e/50e85d4231b8f-WRAIO-h.png[/img:3ebf249e9b]
    [*:3ebf249e9b] Laat het programma nu zijn werk doen en doe verder niets op het systeem, er zullen nu van allerlei CMD schermen verschijnen klik deze dan ook nooit weg.
    [*:3ebf249e9b] Ik het rode kader op de onderstaande afbeelding ziet u de voorgang van de tool.
    [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e85f3bddd01/50e85f3bd67d4-WRAIO-i.png[/img:3ebf249e9b]
    [*:3ebf249e9b] Als het erop lijkt alsof de tool niets meer doet, laat het systeem dan nog steeds met rust en wacht af tot het volgende scherm verschijnt.
    [*:3ebf249e9b] Wanneer in een volgende scherm daarom gevraagd wordt, klikt u op "[b:3ebf249e9b]JA[/b:3ebf249e9b]"
    [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e8621861f05/50e862186134e-WRAIO-j.png[/img:3ebf249e9b]
    [*:3ebf249e9b] De computer wordt nu vanzelf na 30 seconden opnieuw opgestart.[/list:u:3ebf249e9b]
  • Hallo Abraham54,

    Nope, geen Softonic, daar waarschuwde u me vorig jaar voor. Heb wel gedownload via deze twee sites maar werkte niet en weer uninstall gedaan, toen werkte ook de boel niet meer, toen systeemherstelpunt gedaan, toen was het weer ok.

    http://www.aimersoft.com/drm-music-converter.html en

    http://computertotaal.nl/software/23463-freemake-audio-converter-1-1-0.html

    Google wel, ALS ik dan zou kiezen om iets te downloaden zoek ik bijv freeware op deze site van C!T. Majorgeeks en Bleebingcomputer en Softpedia acht ik ook veilig. Scan met MBAM, heb Esetonline scanner. Houd Adobe en Java up2date (check regelmatig in FF).
    Heb ook Secunia-scan gedaan. Was alles ok.

    Nu de scan runde zag ik in rood een zin staan: antivirus uitschakelen. Dit had ik niet gedaan…zag het niet in de instructies van u, daarnaast zag ik het ook pas toen de scan runde.
    Gewacht tot het schermpje om de pc opnieuw op te starten….daarna bleef t scherm weer zwart… na 8-10min wachten de uitknop ingedrukt gehouden&in save modus opgestart. Dat werkte, toen weer gewoon opstarten. Het duurde zo'n tien min. eer het op wou starten… ik maakte me wel een beetje zorgen…

    Download zelf weinig meer vind ik (soms muziekjes van YouTube), doch had ik in Mediacenter een cd willen maken en mp3 naar wav om willen zetten, wat niet niet is gelukt. Daarom had ik van een bedrijf een trial gedownload, waar ik spijt van had, uninstalled de boel, nog meer spijt toen t vastliep. Idem met de freeware van de burner van C!T.

    Toch als de pc op een bepaalde manier reageert is het net of ik het gevoel krijg dat er iets niet klopt en iets fout zit.

    Ik kreeg geen rapport van de scan…of staat die ergens opgeslagen?

    Bvd
    Groetjes Holly
  • Nee, je krijgt geen log, maar gaat het nu wel beter.
    En de downloadsites zijn goed en betrouwbaar.
  • Hallo Abraham54,

    yes, het knippert niet meer, loopt niet vast (verkenner reageert niet bijv.), geen zwart scherm meer gezien, dus zal eea goed gerepaired zijn gelukkig. Waren het beschadigingen of een virus of malware?

    Heb gevinkt in de FF dat ik niet gevolgd wil worden, geen cookies of historie bewaren, heb wel wat bladwijzers. Verder vind ik de ATF-cleaner fijn. Is dat raadzaam om te blijven gebruiken?

    Doe mijn best om alles schoon te houden. Flagfox aan, Dr.Web sitechecker, Adblock, dat scheelt ook dat je niet per ongeluk met de muis op een advertentie komt (ik gebruik de touchpad van de laptop nl.).

    Is mijn klapkoffer nu weer schoon?
    Nog opruimen dan?
    Bvd!
    Groetjes Holly
  • Lees nu eerst onderstaande eens:

    [b:15894cd5ca]Optimaliseringstips[/b:15894cd5ca][/color:15894cd5ca]

    Wat je kan doen is het volgende:

    a) Windows goed opruimen en daarna goed opgeruimd houden en
    b) Windows goed defragmenteren en daarna regelmatig de defragmentering na opruimen weer ter hand nemen!

    Wat betreft het opruimen: kijk daarvoor hier: http://www.nationaalcomputerforum.nl/showthread.php?t=99605
    Er is denk ik geen betere opschoner voor Windows dan WinSysClean.
    Ik gebruik WinSysClean als sinds 2001 en heb met iedere nieuwe versie gemerkt dat het tool nog beter reinigt.
    Schrik niet mocht WinSysClean de eerste keer een hoop troep vinden.
    'Windows zelf houdt namelijk ervan een hoop bestanden in de tijdelijke mappen aan te houden en laat dan alleen de oudste bestanden eventueel verwijderen.
    WinSysClean zorgt er nu voor dat alles wordt opgeruimd.
    En dat alleen al bevordert het tempo van Windows, want dan hoeft die troep niet meer meegedragen te worden.
    Overigens: hetzelfde geldt voor al die programma's die je niet meer gebruikt!

    Wat betreft het defragmenteren: ga O&O Free Defrag gebruiken.
    O&O Defrag Free Edition als 32-bit- dan wel 64-bit editie - Downloadlink

    Start na installatie O&O Defrag Free Edition, deze gratis defragmenteerder werkt efficiënter dan het Windows tool.
    Standaard is "Smart defrag" al ingesteld, dit houdt in dat veel gebruikte bestanden naar voren worden geplaatst waardoor alles sneller gaat!
    De eerste defragmentering kan enige tijd in beslag nemen; daarop volgende keren zal het sneller gaan.

    Laat maar weten of deze "vertroeteltips" hebben geholpen.
  • Hallo Abraham54,

    De 'vertroeteltools' gedownload, ga ermee aan de slag, laat het natuurlijk horen hoe het verloopt. Hopelijk helpt het met opschonen en sneller maken. Dat is altijd welkom :)

    Dank wederom.
    Groetjes Holly.
  • Hallo Abraham54,

    de defragmentatie is gelukt. Heb dus wel eens last v lezen (dyslectie) en had per ongeluk de 32bits gedaan, die doet t dan dus niet.
    De 64 bits gedaan, die deed het. Duurde wel even, maar is gelukt. 0,17% gewin na de defragmentatie.

    Vroeg me af wat het verschil is tussen de cleaner die u aangeeft en CcCleaner van Piriform? Houd zelf niet zo van het registreren enzo, wat zijn de voor&nadelen tov Ccleaner?

    Bvd
    Groet Holly

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.