Vraag & Antwoord

Beveiliging & privacy

Trage Pc en soms desktop leeg of zwart scherm

18 antwoorden
  • Beste Abraham54 & lezers, Een tijd zonder pc, nu een nieuwe klapkoffer, helaas is er iets niet goed. Was aan t zoeken naar een HJT enzo, maar er staan nieuwe kreten van progjes, welke kan ik t beste posten en vanaf welke site? Mijn laptop is een Lenovo z580, met Windows 7, Avast Free, MBAM, paar maanden oud. Zou erg snel moeten zijn, maar dat is niet, veel internetverbindingsproblemen, ook opstarten is problematisch de laatste dagen. Zwart scherm bij t opstarten soms, dan na opstarten wil het heel moeilijk om verbinding met internet te maken, updaten van Mbam wil dan niet en is telkens beschadigd. Een paar keer waren mijn desktop-iconen weg en was het bureaublad compleet leeg... Backup heb ik gemaakt, welke log kan ik het beste plaatsen? Na eerder veel problemen met mijn eerdere laptop ben ik bang dat ik een virus heb opgelopen. Bvd!!! Groetjes Holly oja, ik gebruik Firefox, maar geen IE, die zit er wel op.
  • Heb je er al aan gedacht een recovery-installatie te doen? [b:6b0d42e32d]Welk programma[/b:6b0d42e32d]: [color=#008000:6b0d42e32d][b:6b0d42e32d]OTL.exe[/b:6b0d42e32d][/color:6b0d42e32d] [b:6b0d42e32d]Waarvoor/waarom[/b:6b0d42e32d]: multifunktioneel tool - analyse en fix [b:6b0d42e32d]Moeilijkheidsgraad[/b:6b0d42e32d]: geen. [b:6b0d42e32d]Download[/b:6b0d42e32d]: [url=http://oldtimer.geekstogo.com/OTL.exe][b:6b0d42e32d][color=red:6b0d42e32d]OTL.exe[/color:6b0d42e32d][/b:6b0d42e32d][/url] en plaats het bestand op het bureaublad. [b:6b0d42e32d]Sluit voordat [color=#008000:6b0d42e32d]OTL.exe[/color:6b0d42e32d] gaat scannen, eerst alle andere openstaande vensters![/b:6b0d42e32d] [b:6b0d42e32d][color=#008000:6b0d42e32d]OTL.exe[/color:6b0d42e32d] gebruiken[/b:6b0d42e32d]: [list:6b0d42e32d][*:6b0d42e32d] [b:6b0d42e32d][color=#FF0000:6b0d42e32d]Sluit nu eerst alle nog openstaande programmavensters![/color:6b0d42e32d][/b:6b0d42e32d] [list:6b0d42e32d][*:6b0d42e32d][b:6b0d42e32d][color=#0000FF:6b0d42e32d]Windows 2000[/color:6b0d42e32d][/b:6b0d42e32d] en [color=#0000FF:6b0d42e32d][b:6b0d42e32d]Windows XP[/b:6b0d42e32d][/color:6b0d42e32d]: dubbelklik op [color=#008000:6b0d42e32d][b:6b0d42e32d]OTL.exe[/b:6b0d42e32d][/color:6b0d42e32d]. [*:6b0d42e32d][color=#0000FF:6b0d42e32d][b:6b0d42e32d]Windows Vista[/b:6b0d42e32d][/color:6b0d42e32d], [color=#0000FF:6b0d42e32d][b:6b0d42e32d]Windows 7[/b:6b0d42e32d][/color:6b0d42e32d] en [color=#0000FF:6b0d42e32d][b:6b0d42e32d]Windows 8[/b:6b0d42e32d][/color:6b0d42e32d]: via rechtsklik op [color=#008000:6b0d42e32d][b:6b0d42e32d]OTL.exe[/b:6b0d42e32d][/color:6b0d42e32d] en kies voor "Als Administrator uitvoeren".[/list:u:6b0d42e32d][/list:u:6b0d42e32d] [list:6b0d42e32d][*:6b0d42e32d]Zet een vinkje bij [color=#0000FF:6b0d42e32d][b:6b0d42e32d]Scan All Users[/b:6b0d42e32d][/color:6b0d42e32d], [color=#0000FF:6b0d42e32d][b:6b0d42e32d]LOP Check[/b:6b0d42e32d][/color:6b0d42e32d] en bij [color=#0000FF:6b0d42e32d][b:6b0d42e32d]PURITY Check[/b:6b0d42e32d][/color:6b0d42e32d]. [*:6b0d42e32d]Kopieer en plak ondervermelde (vetgedrukte, blauwe tekst) in het kader onder [img:6b0d42e32d]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:6b0d42e32d] [color=#0000FF:6b0d42e32d][b:6b0d42e32d] services.* explorer.exe winlogon.exe Userinit.exe svchost.exe netsvcs BASESERVICES DRIVES msconfig %SYSTEMDRIVE%\*.exe %SYSTEMDRIVE%\*.* %systemroot%\system32\Spool\prtprocs\w32x86\*.dll %systemroot%\*. /mp /s %systemroot%\system32\*.sys /90 %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\system32\*.exe /lockedfiles %systemroot%\System32\config\*.sav %PROGRAMFILES%\* %USERPROFILE%\..|smtmp;true;true;true /FP HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU hklm\software\clients\startmenuinternet|command /rs hklm\software\clients\startmenuinternet|command /64 /rs CREATERESTOREPOINT[/color:6b0d42e32d][/b:6b0d42e32d] [*:6b0d42e32d]Klik vervolgens op de knop [img:6b0d42e32d]http://www.imgdumper.nl/uploads6/50cd93c69c626/50cd93c69be5b-OTL_-_Run_Scan_knop.jpg[/img:6b0d42e32d]. [*:6b0d42e32d]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef. [*:6b0d42e32d]De scan zal niet heel erg lang duren. [list:6b0d42e32d][*:6b0d42e32d]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:6b0d42e32d]OTL.Txt[/b:6b0d42e32d] en [b:6b0d42e32d]Extras.txt[/b:6b0d42e32d]. [*:6b0d42e32d]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:6b0d42e32d] [*:6b0d42e32d][color=#008000:6b0d42e32d][b:6b0d42e32d]Notabene:[/b:6b0d42e32d][/color:6b0d42e32d] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:6b0d42e32d]
  • Hallo Abraham54, dank voor je reactie! Nee, niet aan gedacht, heb wel een systeemherstel naar een eerder punt gedaan. Afgelopen 4 dgn deed de pc echt moeilijk, vandaag doet ie t redelijk, maar misschien is dat omdat er iets opzit, dacht laat ik het controleren door een expert als u, dat leek me beter. Als er echt iets ergs in zit weet ik ook niet of recovery meteen zou helpen. Hier de logs, 1st OTL.txt: OTL logfile created on: 4-2-2013 18:37:14 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Trix\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 7,87 Gb Total Physical Memory | 6,01 Gb Available Physical Memory | 76,38% Memory free 15,73 Gb Paging File | 13,65 Gb Available in Paging File | 86,75% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 653,44 Gb Total Space | 565,31 Gb Free Space | 86,51% Space Free | Partition Type: NTFS Drive D: | 25,47 Gb Total Space | 20,96 Gb Free Space | 82,31% Space Free | Partition Type: NTFS Computer Name: TRIX-PC | User Name: Trix | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:1d042247b8]========== Processes (SafeList) ==========[/color:1d042247b8] PRC - [2013-02-04 18:27:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Trix\Downloads\OTL.exe PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-05-27 13:55:05 | 000,329,056 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe PRC - [2012-05-27 13:52:44 | 000,099,680 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe PRC - [2012-02-09 06:40:12 | 001,876,992 | ---- | M] (LENOVO) -- C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe PRC - [2012-02-08 03:03:36 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012-02-08 03:03:34 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012-02-08 03:03:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012-02-08 03:03:16 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2012-01-27 10:40:46 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2011-12-13 19:23:04 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2011-12-08 19:12:40 | 000,291,272 | ---- | M] () -- C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe PRC - [2011-11-24 09:06:58 | 000,548,864 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera\VM331_STI.EXE PRC - [2011-01-29 07:29:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [color=#E56717:1d042247b8]========== Modules (No Company Name) ==========[/color:1d042247b8] MOD - [2013-01-10 16:43:42 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll MOD - [2013-01-10 01:45:51 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll MOD - [2013-01-10 01:45:41 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll MOD - [2013-01-10 01:45:38 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e43f80b6a3a40323520dd89cb77500a8\System.Windows.Forms.ni.dll MOD - [2013-01-10 01:45:35 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll MOD - [2013-01-10 01:45:33 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll MOD - [2013-01-10 01:45:33 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll MOD - [2013-01-10 01:45:31 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll MOD - [2013-01-10 01:45:30 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll MOD - [2013-01-10 01:45:30 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll MOD - [2013-01-10 01:45:29 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll MOD - [2013-01-10 01:45:24 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll MOD - [2012-05-27 13:55:05 | 000,013,664 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll MOD - [2012-05-27 13:52:44 | 000,099,680 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe MOD - [2011-12-08 19:12:40 | 000,291,272 | ---- | M] () -- C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe MOD - [2011-06-28 07:28:38 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\QTKB.dll MOD - [2011-06-02 21:58:18 | 000,132,448 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll MOD - [2011-06-02 21:57:44 | 000,161,120 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll [color=#E56717:1d042247b8]========== Services (SafeList) ==========[/color:1d042247b8] SRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-02-03 06:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-24 02:51:22 | 000,120,160 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Windows\SysNative\NSDSvc.exe -- (NSDSvc) SRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2010-09-23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013-01-20 15:40:41 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-12-14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012-10-08 11:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-02-08 03:03:36 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-02-08 03:03:34 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-02-08 03:03:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012-02-08 03:03:16 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) SRV - [2011-12-13 19:23:04 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent) SRV - [2011-12-13 19:06:38 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc) SRV - [2010-03-18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717:1d042247b8]========== Driver Services (SafeList) ==========[/color:1d042247b8] DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-12-14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-10-08 11:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-09-19 10:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-07-17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-05-27 14:00:25 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-05-27 14:00:25 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-05-27 13:59:35 | 000,030,816 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-05-27 13:59:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-01-27 10:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-01-27 10:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2012-01-27 10:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-24 01:45:50 | 000,024,160 | ---- | M] (Lenovo Corporation") [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nsd.sys -- (NSD) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-22 05:57:42 | 000,059,488 | ---- | M] (Lenovo Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Nsdfltr.sys -- (Nsdfltr) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:15:22 | 000,290,464 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:14:36 | 000,283,296 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:14:20 | 000,059,040 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:14:04 | 000,166,048 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:13:50 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:13:34 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:13:18 | 000,109,216 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-13 19:13:04 | 000,259,744 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-06 12:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-12-06 08:31:40 | 000,952,832 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm331avs.sys -- (vm331avs) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-11-30 03:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-11-10 13:40:26 | 000,401,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-10-24 08:47:28 | 000,313,960 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-10-22 02:45:14 | 002,791,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-10-10 08:56:15 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-10-10 08:56:15 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-08-23 14:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2011-01-29 07:29:58 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-21 22:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-07-14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b:1d042247b8]64bit:[/b:1d042247b8] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717:1d042247b8]========== Standard Registry (SafeList) ==========[/color:1d042247b8] [color=#E56717:1d042247b8]========== Internet Explorer ==========[/color:1d042247b8] IE:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data] IE:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com IE:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com [binary data] IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_nlNL506 IE - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:1d042247b8]========== FireFox ==========[/color:1d042247b8] FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: %7B6614d11d-d21d-b211-ae23-815234e1ebb5%7D:2.7.5 FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474 FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.5 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1 FF - user.js - File not found FF:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b:1d042247b8]64bit:[/b:1d042247b8] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-19 16:11:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-20 15:40:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-20 15:40:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-10-16 15:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Trix\AppData\Roaming\Mozilla\Extensions [2013-01-11 06:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\extensions [2013-01-08 21:01:21 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2013-01-11 06:52:03 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-12-08 16:50:07 | 000,157,239 | ---- | M] () (No name found) -- C:\Users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\extensions\jid0-irAmugmQgdURBSCIFZAcjR8ZQMg@jetpack.xpi [2012-11-30 11:26:17 | 000,164,308 | ---- | M] () (No name found) -- C:\Users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}.xpi [2013-02-01 15:11:56 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-20 15:40:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-12-19 16:11:49 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2013-01-20 15:40:41 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-10-11 02:37:16 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012-12-12 20:03:15 | 000,002,616 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml [2012-12-12 20:03:15 | 000,004,771 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml [2012-12-12 20:03:15 | 000,001,262 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml
  • O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b:46b226ee56]64bit:[/b:46b226ee56] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b:46b226ee56]64bit:[/b:46b226ee56] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b:46b226ee56]64bit:[/b:46b226ee56] - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121214172139.dll File not found O2:[b:46b226ee56]64bit:[/b:46b226ee56] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:[b:46b226ee56]64bit:[/b:46b226ee56] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121214172140.dll File not found O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:[b:46b226ee56]64bit:[/b:46b226ee56] - HKU\S-1-5-21-1344933989-1830536301-1791700931-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [SynLenovoGestureMgr] C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics) O4:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CAPOSD] C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe (LENOVO) O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe () O4 - HKLM..\Run: [MuteSync] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe (Lenovo) O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo) O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O13[b:46b226ee56]64bit:[/b:46b226ee56] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E5D6C4E-1E06-4F2E-AEA2-040561CC7698}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5800F2F5-4C18-4F38-8B9D-9BEAFA7DC8B0}: DhcpNameServer = 192.168.1.1 O18:[b:46b226ee56]64bit:[/b:46b226ee56] - Protocol\Handler\livecall - No CLSID value found O18:[b:46b226ee56]64bit:[/b:46b226ee56] - Protocol\Handler\ms-help - No CLSID value found O18:[b:46b226ee56]64bit:[/b:46b226ee56] - Protocol\Handler\msnim - No CLSID value found O18:[b:46b226ee56]64bit:[/b:46b226ee56] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b:46b226ee56]64bit:[/b:46b226ee56] - Protocol\Handler\wlpg - No CLSID value found O20:[b:46b226ee56]64bit:[/b:46b226ee56] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b:46b226ee56]64bit:[/b:46b226ee56] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b:46b226ee56]64bit:[/b:46b226ee56] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\..comfile [open] -- "%1" %* O35:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b:46b226ee56]64bit:[/b:46b226ee56] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) CREATERESTOREPOINT System Restore Service not available. [color=#E56717:46b226ee56]========== Files/Folders - Created Within 30 Days ==========[/color:46b226ee56] [2013-02-03 01:40:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013-02-03 01:33:54 | 000,000,000 | ---D | C] -- C:\Users\Trix\AppData\Roaming\Ahead [2013-02-03 01:33:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead [2013-02-03 01:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead [2013-02-02 03:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\xml_param [2013-02-02 03:28:13 | 000,000,000 | ---D | C] -- C:\Users\Trix\Documents\Aimersoft Music Converter [2013-02-02 03:12:03 | 000,000,000 | ---D | C] -- C:\Users\Trix\AppData\Roaming\MC Burner [2013-01-31 17:45:34 | 000,000,000 | ---D | C] -- C:\Users\Trix\Documents\PICS [2013-01-28 02:59:46 | 000,000,000 | ---D | C] -- C:\Users\Trix\Documents\Foon Y [2013-01-28 01:06:27 | 000,000,000 | ---D | C] -- C:\Users\Trix\Documents\4ME bellangrrijk [2013-01-28 01:05:15 | 000,000,000 | ---D | C] -- C:\Users\Trix\Documents\news interessant [2013-01-28 01:02:39 | 000,000,000 | ---D | C] -- C:\Users\Trix\Documents\MP [2013-01-28 00:48:50 | 000,000,000 | ---D | C] -- C:\Users\Trix\Documents\118_PANA [2013-01-25 00:41:41 | 000,000,000 | ---D | C] -- C:\Users\Trix\AppData\Roaming\CyberLink [2013-01-20 15:40:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013-01-09 17:11:44 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013-01-09 17:11:44 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013-01-09 17:11:19 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013-01-09 17:11:19 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013-01-09 17:11:12 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013-01-09 17:11:12 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013-01-09 17:11:12 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013-01-09 17:11:12 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013-01-09 17:11:12 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013-01-09 17:11:12 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013-01-09 17:11:12 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013-01-09 17:11:12 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013-01-09 17:11:12 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013-01-09 17:11:12 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013-01-09 17:11:12 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013-01-09 17:11:12 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013-01-09 17:11:12 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013-01-09 17:11:12 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013-01-09 17:11:12 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013-01-09 17:11:11 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013-01-09 17:11:11 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013-01-09 17:11:11 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013-01-09 17:11:11 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013-01-09 17:11:11 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013-01-09 17:11:11 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013-01-09 17:11:11 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013-01-09 17:11:11 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013-01-09 17:11:11 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013-01-09 17:11:11 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013-01-09 17:11:11 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013-01-09 17:11:11 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013-01-09 17:11:10 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013-01-09 17:11:10 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013-01-09 17:11:10 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013-01-09 17:11:10 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013-01-09 17:11:10 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013-01-09 17:10:46 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013-01-09 17:10:46 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013-01-09 17:10:45 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013-01-09 17:10:45 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013-01-09 17:10:45 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013-01-09 17:10:45 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013-01-09 17:10:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013-01-09 17:10:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013-01-09 17:10:45 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013-01-09 17:10:45 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013-01-09 17:10:45 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013-01-09 17:10:45 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013-01-09 17:10:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013-01-09 17:10:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 17:10:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013-01-09 17:10:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013-01-09 17:10:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 17:10:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 17:10:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 17:10:44 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013-01-09 17:10:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013-01-09 17:10:44 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013-01-09 17:10:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 17:10:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 17:10:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 17:10:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 17:10:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 17:10:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 17:10:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 17:10:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 17:10:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 17:10:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 17:10:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 17:10:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 17:10:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013-01-09 17:10:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013-01-09 17:10:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013-01-09 17:10:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013-01-09 17:10:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013-01-09 17:10:24 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [color=#E56717:46b226ee56]========== Files - Modified Within 30 Days ==========[/color:46b226ee56] [2013-02-04 18:28:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-02-04 18:27:58 | 000,001,099 | ---- | M] () -- C:\Users\Trix\Desktop\OTL - Snelkoppeling.lnk [2013-02-04 18:25:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-02-04 16:28:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-02-04 15:58:27 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-02-04 15:58:27 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-02-04 15:57:17 | 001,663,048 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-02-04 15:57:17 | 000,743,222 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat [2013-02-04 15:57:17 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-02-04 15:57:17 | 000,152,382 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat [2013-02-04 15:57:17 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-02-04 15:52:20 | 000,631,926 | ---- | M] () -- C:\Windows\SysNative\fastboot.set [2013-02-04 15:50:52 | 2040,041,471 | -HS- | M] () -- C:\hiberfil.sys [2013-02-03 23:14:46 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013-02-03 23:14:44 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013-01-25 00:41:41 | 000,001,133 | ---- | M] () -- C:\Users\Trix\Desktop\Cyberlink Power2Go.lnk [2013-01-10 12:51:38 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-01-10 12:51:38 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-01-10 12:43:58 | 000,374,944 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-01-10 01:46:36 | 001,641,044 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [color=#E56717:46b226ee56]========== Files Created - No Company Name ==========[/color:46b226ee56] [2013-02-04 18:27:58 | 000,001,099 | ---- | C] () -- C:\Users\Trix\Desktop\OTL - Snelkoppeling.lnk [2012-12-14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012-12-14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin [2012-12-14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin [2012-10-13 16:57:42 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat [2012-05-27 13:55:20 | 002,086,240 | ---- | C] () -- C:\Windows\SysWow64\LenovoVeriface.Interface.dll [2012-05-27 13:55:20 | 001,500,512 | ---- | C] () -- C:\Windows\SysWow64\Apblend.dll [2012-05-27 13:55:20 | 001,171,456 | ---- | C] () -- C:\Windows\SysWow64\PicNotify.dll [2012-05-27 13:55:20 | 000,472,416 | ---- | C] () -- C:\Windows\SysWow64\Lenovo.VerifaceStub.dll [2012-05-27 13:54:59 | 001,044,480 | ---- | C] () -- C:\Windows\SysWow64\3DImageRenderer.dll [2012-05-27 13:52:14 | 001,641,044 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-05-27 13:33:40 | 000,001,822 | ---- | C] () -- C:\Windows\vm331Rmv.ini [2012-05-27 13:33:40 | 000,001,822 | ---- | C] () -- C:\Windows\SysWow64\vm331Rmv.ini [2012-02-06 09:57:59 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin [2012-02-06 09:57:53 | 000,559,780 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin [2012-02-03 06:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [color=#E56717:46b226ee56]========== ZeroAccess Check ==========[/color:46b226ee56] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-08-21 14:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012-08-21 14:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-08-21 14:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717:46b226ee56]========== LOP Check ==========[/color:46b226ee56] [2013-02-02 03:21:34 | 000,000,000 | ---D | M] -- C:\Users\Trix\AppData\Roaming\MC Burner [color=#E56717:46b226ee56]========== Purity Check ==========[/color:46b226ee56] [color=#E56717:46b226ee56]========== Custom Scans ==========[/color:46b226ee56] [color=#A23BEC:46b226ee56]< services.* >[/color:46b226ee56] [2009-07-14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009-07-14 06:08:49 | 000,032,548 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012-05-27 13:58:10 | 000,001,066 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012-05-27 13:58:11 | 000,001,070 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [color=#A23BEC:46b226ee56]< explorer.exe >[/color:46b226ee56] [color=#A23BEC:46b226ee56]< winlogon.exe >[/color:46b226ee56] [color=#A23BEC:46b226ee56]< Userinit.exe >[/color:46b226ee56] [color=#A23BEC:46b226ee56]< svchost.exe >[/color:46b226ee56] [color=#E56717:46b226ee56]========== Base Services ==========[/color:46b226ee56] SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:08 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-05-27 12:54:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem) SRV - [2009-07-14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-07-04 23:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-06-02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc) SRV - [2012-06-02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp) SRV - [2010-11-21 04:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2011-10-10 08:51:58 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv) SRV - [2009-07-14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent) No service found with a name of MsMpSvc No service found with a name of NisSrv SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm) SRV - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-10-03 18:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2011-10-10 08:54:35 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-02-11 07:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-05-27 12:54:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage) No service found with a name of EMDMgmt SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-05-27 12:54:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection) SRV - [2010-11-21 04:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection) No service found with a name of slsvc SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv) SRV - [2010-11-21 04:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-05-01 06:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver) SRV - [2010-11-21 04:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-08-21 14:09:40 | 000,219,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2012-06-02 23:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2009-07-14 02:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc) SRV:[b:46b226ee56]64bit:[/b:46b226ee56] - [2010-11-21 04:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation) [color=#E56717:46b226ee56]========== Drive Information ==========[/color:46b226ee56]
  • Physical Drives --------------- Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media Interface type: IDE Media Type: Fixed hard disk media Model: HITACHI HTS547575A9E384 Partitions: 4 Status: OK Status Info: 0 Partitions --------------- DeviceID: Disk #0, Partition #0 PartitionType: Installable File System Bootable: True BootPartition: True PrimaryPartition: True Size: 200,00MB Starting Offset: 1048576 Hidden sectors: 0 DeviceID: Disk #0, Partition #1 PartitionType: Installable File System Bootable: False BootPartition: False PrimaryPartition: True Size: 653,00GB Starting Offset: 210763776 Hidden sectors: 0 DeviceID: Disk #0, Partition #2 PartitionType: Installable File System Bootable: False BootPartition: False PrimaryPartition: True Size: 25,00GB Starting Offset: 701836034048 Hidden sectors: 0 DeviceID: Disk #0, Partition #3 PartitionType: Unknown Bootable: False BootPartition: False PrimaryPartition: True Size: 20,00GB Starting Offset: 729182896128 Hidden sectors: 0 [color=#A23BEC:0dc878a5be]< %SYSTEMDRIVE%\*.exe >[/color:0dc878a5be] [color=#A23BEC:0dc878a5be]< %SYSTEMDRIVE%\*.* >[/color:0dc878a5be] [2010-11-21 04:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2011-02-24 18:03:41 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2013-02-04 18:25:38 | 001,912,059 | ---- | M] () -- C:\FaceProv.log [2013-02-04 15:50:52 | 2040,041,471 | -HS- | M] () -- C:\hiberfil.sys [2013-02-04 15:50:55 | 4151,713,791 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC:0dc878a5be]< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >[/color:0dc878a5be] [color=#A23BEC:0dc878a5be]< %systemroot%\*. /mp /s >[/color:0dc878a5be] [color=#A23BEC:0dc878a5be]< %systemroot%\system32\*.sys /90 >[/color:0dc878a5be] [color=#A23BEC:0dc878a5be]< %systemroot%\system32\*.dll /lockedfiles >[/color:0dc878a5be] [color=#A23BEC:0dc878a5be]< %systemroot%\Tasks\*.job /lockedfiles >[/color:0dc878a5be] [color=#A23BEC:0dc878a5be]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color:0dc878a5be] [color=#A23BEC:0dc878a5be]< %systemroot%\system32\*.exe /lockedfiles >[/color:0dc878a5be] [color=#A23BEC:0dc878a5be]< %systemroot%\System32\config\*.sav >[/color:0dc878a5be] [color=#A23BEC:0dc878a5be]< %PROGRAMFILES%\* >[/color:0dc878a5be] [2009-07-14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini [color=#A23BEC:0dc878a5be]< %USERPROFILE%\..|smtmp;true;true;true /FP >[/color:0dc878a5be] [color=#A23BEC:0dc878a5be]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color:0dc878a5be] [color=#A23BEC:0dc878a5be]< hklm\software\clients\startmenuinternet|command /rs >[/color:0dc878a5be] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013-01-20 15:40:41 | 000,866,360 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013-01-20 15:40:41 | 000,866,360 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013-01-20 15:40:41 | 000,866,360 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2013-01-20 15:40:41 | 000,917,400 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2013-01-20 15:40:41 | 000,917,400 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2013-01-20 15:40:41 | 000,917,400 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2011-06-24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2011-06-24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2011-06-24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2011-06-24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011-10-10 08:48:08 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011-10-10 08:48:08 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011-10-10 08:48:08 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012-11-14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012-11-14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) [color=#A23BEC:0dc878a5be]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color:0dc878a5be] 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2013-01-20 15:40:41 | 000,866,360 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2013-01-20 15:40:41 | 000,866,360 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2013-01-20 15:40:41 | 000,866,360 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2013-01-20 15:40:41 | 000,917,400 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2013-01-20 15:40:41 | 000,917,400 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2013-01-20 15:40:41 | 000,917,400 | ---- | M] (Mozilla Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2011-06-24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2011-06-24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2011-06-24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2011-06-24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011-10-10 08:48:08 | 000,089,088 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011-10-10 08:48:08 | 000,089,088 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011-10-10 08:48:08 | 000,089,088 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012-11-14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) 64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012-11-14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) < End of report >
  • Poeh, flinke texten, even puzzelen om het compleet hier op het forum te krijgen, hopelijk gaat het goed; nu komt Extras.txt: OTL Extras logfile created on: 4-2-2013 18:37:14 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Trix\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 7,87 Gb Total Physical Memory | 6,01 Gb Available Physical Memory | 76,38% Memory free 15,73 Gb Paging File | 13,65 Gb Available in Paging File | 86,75% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 653,44 Gb Total Space | 565,31 Gb Free Space | 86,51% Space Free | Partition Type: NTFS Drive D: | 25,47 Gb Total Space | 20,96 Gb Free Space | 82,31% Space Free | Partition Type: NTFS Computer Name: TRIX-PC | User Name: Trix | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:6e13e4c6eb]========== Extra Registry (SafeList) ==========[/color:6e13e4c6eb] [color=#E56717:6e13e4c6eb]========== File Associations ==========[/color:6e13e4c6eb] [b:6e13e4c6eb]64bit:[/b:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-1344933989-1830536301-1791700931-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717:6e13e4c6eb]========== Shell Spawning ==========[/color:6e13e4c6eb] [b:6e13e4c6eb]64bit:[/b:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717:6e13e4c6eb]========== Security Center Settings ==========[/color:6e13e4c6eb] [b:6e13e4c6eb]64bit:[/b:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b:6e13e4c6eb]64bit:[/b:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b:6e13e4c6eb]64bit:[/b:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b:6e13e4c6eb]64bit:[/b:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717:6e13e4c6eb]========== Firewall Settings ==========[/color:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717:6e13e4c6eb]========== Authorized Applications List ==========[/color:6e13e4c6eb] [color=#E56717:6e13e4c6eb]========== Vista Active Open Ports Exception List ==========[/color:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{171C3E6E-60B3-4A93-A265-511E5E5741EB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1F12F3E5-051E-4E3C-ADEE-9872335FB42B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{22C46F1C-1A35-4010-A2A6-BCEA71FCF999}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{23032618-BE40-40F0-9035-F978205BBE54}" = lport=139 | protocol=6 | dir=in | app=system | "{242CD74C-9A84-45B9-BA32-34CE7FB6D218}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{27DDBEE9-838F-40A0-9E60-B06541F815A8}" = rport=138 | protocol=17 | dir=out | app=system | "{30C7C8F5-7A35-4EA8-ABF6-74E03D090AB4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4DB573FC-F718-4F66-A0BB-FD79AB3A2B92}" = rport=445 | protocol=6 | dir=out | app=system | "{4DE14A23-51DB-424C-9469-250A81A65D9F}" = rport=139 | protocol=6 | dir=out | app=system | "{66C073DA-14EF-47E7-8A0E-D977BE7C4E1F}" = lport=137 | protocol=17 | dir=in | app=system | "{6707C146-0F08-4377-A825-ED13E7ECDE8C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6F2E9F33-5F62-4FE5-A4D1-E72BFA866BDD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{6F98D465-C2B2-49FA-A375-EFA44A6F8AF6}" = rport=137 | protocol=17 | dir=out | app=system | "{83E7BAD9-7E5B-44FA-88BC-172D2BBAC347}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{998B5B4C-7540-4298-8946-4B9255709216}" = lport=2869 | protocol=6 | dir=in | app=system | "{9DFAB428-E5D1-4279-A684-20B3A13FB1FE}" = lport=138 | protocol=17 | dir=in | app=system | "{A1E10B8C-65D1-4C90-869A-F43AD94C210E}" = lport=445 | protocol=6 | dir=in | app=system | "{AB0FDD52-7C12-41E4-B925-3058E1FB578D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{AF6AD98A-5D92-4535-9777-E4A90CDD35AD}" = rport=10243 | protocol=6 | dir=out | app=system | "{C82E0EA6-4E37-459B-8261-03EFD6404EC2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D4BEA4E6-05A6-4569-B206-58A6990B1236}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E811D20A-151D-480B-AF85-6AA7220F7922}" = lport=10243 | protocol=6 | dir=in | app=system | "{F852DB1D-287B-412A-9FD7-3FA71CA84993}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | [color=#E56717:6e13e4c6eb]========== Vista Active Application Exception List ==========[/color:6e13e4c6eb] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07ADB104-CB4C-40D4-AC16-8A6E08CDDD11}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{09FAAAF0-4013-46DC-9240-21FC3DEB8755}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{1AEFABAA-E1C5-44FC-A560-61D4A69FE340}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{25DF4A92-5AA4-44FA-9E93-C769DEA15817}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{275776DF-447C-48CC-A020-9994EB0EDA9E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{2833F88B-1BA3-439F-B0DE-311CE94E84F2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2A0B3E57-76F5-444F-841A-25A344D270FB}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{2C5473D2-48E3-48A8-8D6D-946687488288}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{31CF8DE5-FBAF-46BD-923B-14FA7A08A4F7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{52669D32-3EA3-4CD1-A93C-62E349517412}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{53108EEE-A051-4505-8593-D81CE373FFC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{58334161-9CFB-4148-9BA4-8449BA4F2E5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5AE8F2BE-4C6E-45F1-88A7-36A0AC668080}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{8BCD0CB5-4429-445D-AF4D-A5354E572597}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{9DF1AB82-5FA5-4212-8B70-8613A725F58D}" = protocol=6 | dir=out | app=system | "{AB050893-5865-43AE-B6DA-2C5E7587492F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{B66AD3F8-800A-4343-AFB5-DABAA4AA4430}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C73E8A8B-C8F8-4984-8651-DEB1D0A59896}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{CCC11F98-40D4-4E9E-A87E-0C3D8ED13B10}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D2A05E63-D933-4F2A-A6E3-13E31F4998C6}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{E8B44872-A602-419A-BD6B-441F991627CC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E8FA1DCD-D5BF-4CE9-9F0B-E5A58E410BC6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{F0B3F74D-FE6C-40E7-A2E1-73D67DA0C17F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{FC5ACAC2-C81C-4D7C-B5FB-2FC0D105BDCE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | [color=#E56717:6e13e4c6eb]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:6e13e4c6eb] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64) "{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit) "{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-configuratiescherm 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafisch stuurprogramma 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.1111 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "99841829BE839365AA67B2AD0E50D371F59F8A1E" = Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) "Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "SynTPDeinstKey" = Synaptics Pointing Device Driver
  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{16D5D9E9-C8DE-4014-A09C-B9B5ABA0F7FA}" = Lenovo MuteSync "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros WLAN Client Installation Program "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{4677B88C-CE16-4CBB-A2CB-B76E9D456C7F}" = Nsd "{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48F851E7-DD0C-4A35-AD7A-57878023E987}" = Lenovo CAPOSD "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010 "{90140000-0015-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010 "{90140000-0016-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010 "{90140000-0018-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010 "{90140000-0019-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010 "{90140000-001A-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010 "{90140000-001B-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 "{90140000-001F-0413-0000-0000000FF1CE}_Office14.SingleImage_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0413-1000-0000000FF1CE}_Office14.SingleImage_{B9427E36-0B0A-48F4-8A51-1C178708A28E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010 "{90140000-002C-0413-0000-0000000FF1CE}_Office14.SingleImage_{D3B92058-CF96-445F-A297-F7ED19C4E841}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010 "{90140000-006E-0413-0000-0000000FF1CE}_Office14.SingleImage_{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010 "{90140000-00A1-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-1043-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Nederlands "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = Lenovo EasyCamera "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4 "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime "{FDB0A81A-1173-4B15-BEA4-89FEA0474F17}" = Intelligent Touchpad "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "avast" = avast! Free Antivirus "ESET Online Scanner" = ESET Online Scanner v3 "Google Chrome" = Google Chrome "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam "InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "InstallShield_{48F851E7-DD0C-4A35-AD7A-57878023E987}" = Lenovo CAPOSD "InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management "InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater "InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100 "Mozilla Firefox 18.0.1 (x86 nl)" = Mozilla Firefox 18.0.1 (x86 nl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.SingleImage" = Microsoft Office Home and Student 2010 "VeriFace" = VeriFace "WinLiveSuite" = Windows Live Essentials [color=#E56717:527785e2db]========== Last 20 Event Log Errors ==========[/color:527785e2db] [ Application Events ] Error - 25-1-2013 9:40:31 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328 Description = An error has occurred (---query ManualSetMs key success failed with 0, The Code is:0x424.). Error - 25-1-2013 9:40:38 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328 Description = An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.). Error - 25-1-2013 9:40:38 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328 Description = An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.). Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328 Description = An error has occurred (---IKEEXT failed with 27346, The Code is:0x598.). Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328 Description = An error has occurred (---IKEEXT failed with 27346, The Code is:0x599.). Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328 Description = An error has occurred (---Dhcp failed with 27346, The Code is:0x598.). Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328 Description = An error has occurred (---Dhcp failed with 27346, The Code is:0x599.). Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328 Description = An error has occurred (---EventSystem failed with 27346, The Code is:0x598.). Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328 Description = An error has occurred (---EventSystem failed with 27346, The Code is:0x599.). Error - 25-1-2013 9:40:39 | Computer Name = Trix-PC | Source = NSDSvc | ID = 131328 Description = An error has occurred (---WSearch failed with 27346, The Code is:0x598.). [ Media Center Events ] Error - 11-1-2013 13:43:56 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0 Description = 18:43:56 - Fout bij verbinden met internet. 18:43:56 - Kan geen contact maken met server.. Error - 11-1-2013 14:44:01 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0 Description = 19:44:01 - Fout bij verbinden met internet. 19:44:01 - Kan geen contact maken met server.. Error - 11-1-2013 17:56:02 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0 Description = 22:56:02 - Fout bij verbinden met internet. 22:56:02 - Kan geen contact maken met server.. Error - 20-1-2013 14:41:02 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0 Description = 19:41:02 - Fout bij verbinden met internet. 19:41:02 - Kan geen contact maken met server.. Error - 20-1-2013 14:41:10 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0 Description = 19:41:07 - Fout bij verbinden met internet. 19:41:07 - Kan geen contact maken met server.. Error - 31-1-2013 21:14:45 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0 Description = 2:14:45 - Fout bij verbinden met internet. 2:14:45 - Kan geen contact maken met server.. Error - 31-1-2013 22:14:54 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0 Description = 3:14:54 - Fout bij verbinden met internet. 3:14:54 - Kan geen contact maken met server.. Error - 31-1-2013 23:15:05 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0 Description = 4:15:05 - Fout bij verbinden met internet. 4:15:05 - Kan geen contact maken met server.. Error - 1-2-2013 13:20:43 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0 Description = 18:20:43 - Fout bij verbinden met internet. 18:20:43 - Kan geen contact maken met server.. Error - 3-2-2013 17:33:52 | Computer Name = Trix-PC | Source = MCUpdate | ID = 0 Description = 22:33:51 - Fout bij verbinden met internet. 22:33:51 - Kan geen contact maken met server.. [ System Events ] Error - 4-2-2013 10:25:13 | Computer Name = Trix-PC | Source = DCOM | ID = 10005 Description = Error - 4-2-2013 10:25:19 | Computer Name = Trix-PC | Source = DCOM | ID = 10005 Description = Error - 4-2-2013 10:25:21 | Computer Name = Trix-PC | Source = DCOM | ID = 10005 Description = Error - 4-2-2013 10:25:21 | Computer Name = Trix-PC | Source = DCOM | ID = 10005 Description = Error - 4-2-2013 10:49:32 | Computer Name = Trix-PC | Source = DCOM | ID = 10010 Description = Error - 4-2-2013 10:51:23 | Computer Name = Trix-PC | Source = BTHUSB | ID = 327697 Description = Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd. Error - 4-2-2013 10:51:27 | Computer Name = Trix-PC | Source = Service Control Manager | ID = 7038 Description = De nvUpdatusService-service kan niet als .\UpdatusUser met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout: %%1330 Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd. Error - 4-2-2013 10:51:27 | Computer Name = Trix-PC | Source = Service Control Manager | ID = 7000 Description = De NVIDIA Update Service Daemon-service kan vanwege de volgende fout niet worden gestart: %%1069 Error - 4-2-2013 10:51:32 | Computer Name = Trix-PC | Source = BTHUSB | ID = 327697 Description = Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd. Error - 4-2-2013 13:25:32 | Computer Name = Trix-PC | Source = BTHUSB | ID = 327697 Description = Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd. < End of report > Ik herken wel de Bluetooth erin, daar hebben we mee geprobeerd om gegevens via zo'n smartphone proberen uit te wisselen, dat lukte niet, dus met kabel, dat ging wel. Bvd! Groetjes Holly
  • Het OTL-log laat feitelijk niks bijzonders zien, is Windows met McAfee antivirus gekomen? [color=#FF0000:bf89584732][b:bf89584732]Stap •1•[/b:bf89584732][/color:bf89584732] [b:bf89584732]Welk programma[/b:bf89584732]: [color=#008000:bf89584732][b:bf89584732]Junkware Removal Tool by Thisisu[/b:bf89584732][/color:bf89584732] [b:bf89584732]Waarvoor/waarom[/b:bf89584732]: Scanner om Windows o.a. te ontdoen van malafide toolbars. [b:bf89584732]Moeilijkheidsgraad[/b:bf89584732]: Geen. [b:bf89584732]Downloadlokatie[/b:bf89584732]: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen! [b:bf89584732]Download[/b:bf89584732]: [url=http://thisisudax.org/downloads/JRT.exe][color=#FF0000:bf89584732][b:bf89584732]JRT.exe[/b:bf89584732][/color:bf89584732] [/url]. [b:bf89584732]Opmerkingen[/b:bf89584732]: [list:bf89584732][*:bf89584732][color=#FF0000:bf89584732][b:bf89584732] Alle openstaande programma's en webpagina's dienen afgesloten te zijn[/b:bf89584732][/color:bf89584732]. [*:bf89584732] [b:bf89584732][color=#008000:bf89584732]Het is raadzaam de actieve beveiligingssoftware te deaktiveren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.[/color:bf89584732][/b:bf89584732]: [*:bf89584732][url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608][b:bf89584732][color=#0000FF:bf89584732]Hier[/color:bf89584732][/b:bf89584732][/url] en [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607][b:bf89584732][color=#0000FF:bf89584732]hier[/color:bf89584732][/b:bf89584732][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [*:bf89584732]Dat tijdens de scan van [color=#008000:bf89584732][b:bf89584732]JRT.exe[/b:bf89584732][/color:bf89584732] tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.[/list:u:bf89584732] [b:bf89584732][color=#008000:bf89584732]Junkware Removal Tool by Thisisu[/color:bf89584732] opstarten[/b:bf89584732]: [list:bf89584732][*:bf89584732][b:bf89584732][color=#0000FF:bf89584732]Windows 2000[/color:bf89584732][/b:bf89584732] en [color=#0000FF:bf89584732][b:bf89584732]Windows XP[/b:bf89584732][/color:bf89584732]: dubbelklik op [color=#008000:bf89584732][b:bf89584732]JRT.exe[/b:bf89584732][/color:bf89584732]. [*:bf89584732][color=#0000FF:bf89584732][b:bf89584732]Windows Vista[/b:bf89584732][/color:bf89584732], [color=#0000FF:bf89584732][b:bf89584732]Windows 7[/b:bf89584732][/color:bf89584732] en [color=#0000FF:bf89584732][b:bf89584732]Windows 8[/b:bf89584732][/color:bf89584732]: via rechtsklik op [color=#008000:bf89584732][b:bf89584732]JRT.exe[/b:bf89584732][/color:bf89584732] en kies voor "Als Administrator uitvoeren". [*:bf89584732][color=#008000:bf89584732][b:bf89584732]JRT.exe[/b:bf89584732][/color:bf89584732] zal daarna Windows gaan scannen. [*:bf89584732]Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig. [*:bf89584732]Als de scan voltooid is zal een logje ([color=#0000FF:bf89584732][b:bf89584732]JRT.txt[/b:bf89584732][/color:bf89584732]) op het bureaublad opgeslagen worden en automatisch openen. [*:bf89584732]Post de inhoud van dit log in je volgende bericht.[/list:u:bf89584732] [color=#FF0000:bf89584732][b:bf89584732]Stap •2•[/b:bf89584732][/color:bf89584732] [b:bf89584732]Welk programma[/b:bf89584732]: [color=#008000:bf89584732][b:bf89584732]ComboFix[/b:bf89584732][/color:bf89584732] [b:bf89584732]Waarvoor/waarom[/b:bf89584732]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en op te schonen. [b:bf89584732]Moeilijkheidsgraad[/b:bf89584732]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:bf89584732]Downloadlokatie[/b:bf89584732]: Dit programma absoluut naar het bureaublad downloaden! [b:bf89584732]Download ComboFix via één van deze locaties[/b:bf89584732]: [list:bf89584732][*:bf89584732][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:bf89584732]Bleepingcomputer[/b:bf89584732][/url] [*:bf89584732][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:bf89584732]ForoSpyware[/b:bf89584732][/url] [*:bf89584732][url=http://subs.geekstogo.com/ComboFix.exe][b:bf89584732]Geekstogo[/b:bf89584732][/url][/list:u:bf89584732] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:bf89584732][color=#0000FF:bf89584732]Hier[/color:bf89584732][/b:bf89584732][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor je ComboFix start gedeaktiveert zijn! [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608][b:bf89584732][color=#0000FF:bf89584732]Hier[/color:bf89584732][/b:bf89584732][/url] en [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607][b:bf89584732][color=#0000FF:bf89584732]hier[/color:bf89584732][/b:bf89584732][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:bf89584732]Opmerkingen[/b:bf89584732]: [list:bf89584732][*:bf89584732]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:bf89584732] [b:bf89584732]ComboFix opstarten[/b:bf89584732]: [list:bf89584732][*:bf89584732][b:bf89584732][color=#0000FF:bf89584732]Windows 2000[/color:bf89584732][/b:bf89584732] en [color=#0000FF:bf89584732][b:bf89584732]Windows XP[/b:bf89584732][/color:bf89584732]: dubbelklik op ComboFix.exe. [*:bf89584732][color=#0000FF:bf89584732][b:bf89584732]Windows Vista[/b:bf89584732][/color:bf89584732] en [color=#0000FF:bf89584732][b:bf89584732]Windows 7[/b:bf89584732][/color:bf89584732]: via rechtsklik op ComboFix.exe en kies voor "Als Administrator uitvoeren".[/list:u:bf89584732] [b:bf89584732]ComboFix is opgestart[/b:bf89584732]: [list:bf89584732][*:bf89584732]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:bf89584732]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:bf89584732]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:bf89584732]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:bf89584732]Post de inhoud van dit logbestand in je volgende bericht. [*:bf89584732]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:bf89584732] [b:bf89584732]Belangrijke opmerking[/b:bf89584732]: [list:bf89584732][*:bf89584732][b:bf89584732][color=#0000FF:bf89584732]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:bf89584732][/b:bf89584732] [*:bf89584732][b:bf89584732][color=#FF0000:bf89584732]Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.[/color:bf89584732][/b:bf89584732] [*:bf89584732][b:bf89584732][color=#008000:bf89584732]Start dan de computer opnieuw op.[/color:bf89584732][/b:bf89584732][/list:u:bf89584732]
  • Hallo Abraham54, OTL niets bijzonders, dat stemt me al wat vrolijker. De McAfee was idd met de laptop gratis een paar maanden, zodra die voorbij was meteen Avast geinstalleerd (na verwijderen McAfee). En firewall Defender, maar miss toch beter weer Armor? Internet is een beetje een knipperlicht, maar kon de progjes downloaden en heb ze offline laten runnen. Hierbij de rapporten van de scans (1st JRT en dan ComboFix): ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.6.2 (02.02.2013:2) OS: Windows 7 Home Premium x64 Ran by Trix on di 05-02-2013 at 1:20:44,73 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1344933989-1830536301-1791700931-1001\software\microsoft\internet explorer\searchscopes\\DefaultScope ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\partner" ~~~ FireFox Successfully deleted: [File] "C:\Users\Trix\AppData\Roaming\mozilla\firefox\profiles\tpdjclsh.default\extensions\jid0-irAmugmQgdURBSCIFZAcjR8ZQMg@jetpack.xpi" Emptied folder: C:\Users\Trix\AppData\Roaming\mozilla\firefox\profiles\tpdjclsh.default\minidumps [15 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on di 05-02-2013 at 1:35:16,46 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ComboFix 13-02-03.03 - Trix 05-02-2013 1:51.1.8 - x64 Gestart vanuit: c:\users\Trix\Desktop\ComboFix.exe . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Trix\AppData\Local\Microsoft\Windows\Temporary Internet Files\{1852468D-124F-4A2D-97B3-8DEF46CADE06}.xps c:\users\Trix\AppData\Local\Microsoft\Windows\Temporary Internet Files\{31C7B559-98CE-4B7A-B2C2-539B95B4DCC2}.xps c:\users\Trix\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F02143D1-F36B-442E-8DBF-735D41691659}.xps . . (((((((((((((((((((( Bestanden Gemaakt van 2013-01-05 to 2013-02-05 )))))))))))))))))))))))))))))) . . 2013-02-05 00:20 . 2013-02-05 00:20 -------- d-----w- c:\windows\ERUNT 2013-02-05 00:19 . 2013-02-05 00:20 -------- d-----w- C:\JRT 2013-02-04 17:27 . 2013-02-04 17:27 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4879592-1236-4E28-A827-4BBF8CAEB3CF}\offreg.dll 2013-02-04 00:28 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4879592-1236-4E28-A827-4BBF8CAEB3CF}\mpengine.dll 2013-02-03 00:33 . 2013-02-03 00:33 -------- d-----w- c:\users\Trix\AppData\Roaming\Ahead 2013-02-03 00:33 . 2013-02-03 00:33 -------- d-----w- c:\programdata\Ahead 2013-02-03 00:33 . 2013-02-03 22:03 -------- d-----w- c:\program files (x86)\Common Files\Ahead 2013-02-02 02:31 . 2013-02-02 02:32 -------- d-----w- c:\programdata\xml_param 2013-02-02 02:12 . 2013-02-02 02:21 -------- d-----w- c:\users\Trix\AppData\Roaming\MC Burner 2013-01-24 23:41 . 2013-01-24 23:41 -------- d-----w- c:\users\Trix\AppData\Roaming\CyberLink 2013-01-24 23:41 . 2013-01-24 23:41 -------- d-----w- c:\users\Public\CyberLink 2013-01-09 16:10 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe 2013-01-10 11:51 . 2012-10-16 17:03 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-10 11:51 . 2012-10-16 17:03 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-01-10 00:42 . 2012-10-16 14:51 67599240 ----a-w- c:\windows\system32\MRT.exe 2012-12-16 17:11 . 2012-12-21 09:32 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-21 09:32 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-21 09:32 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-21 09:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-14 15:49 . 2012-10-16 16:53 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-14 01:42 . 2012-12-14 01:42 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll 2012-12-14 01:42 . 2012-12-14 01:42 437760 ----a-w- c:\windows\system32\igfxrnor.lrc 2012-12-14 01:42 . 2012-12-14 01:42 21850112 ----a-w- c:\windows\SysWow64\igdfcl32.dll 2012-12-14 01:42 . 2012-12-14 01:42 196096 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll 2012-12-14 01:42 . 2012-12-14 01:42 384512 ----a-w- c:\windows\system32\igfxpph.dll 2012-12-14 01:42 . 2012-02-06 08:57 12615680 ----a-w- c:\windows\system32\igdumd64.dll 2012-12-14 01:42 . 2012-12-14 01:42 64512 ----a-w- c:\windows\SysWow64\igdde32.dll 2012-12-14 01:42 . 2012-12-14 01:42 440320 ----a-w- c:\windows\system32\igfxrell.lrc 2012-12-14 01:42 . 2012-12-14 01:42 437760 ----a-w- c:\windows\system32\igfxrptb.lrc 2012-12-14 01:42 . 2012-12-14 01:42 437248 ----a-w- c:\windows\system32\igfxrtha.lrc 2012-12-14 01:42 . 2012-12-14 01:42 435712 ----a-w- c:\windows\system32\igfxrheb.lrc 2012-12-14 01:42 . 2012-12-14 01:42 435712 ----a-w- c:\windows\system32\igfxrara.lrc 2012-12-14 01:42 . 2012-12-14 01:42 431104 ----a-w- c:\windows\system32\igfxrkor.lrc 2012-12-14 01:42 . 2012-12-14 01:42 429056 ----a-w- c:\windows\system32\igfxrcht.lrc 2012-12-14 01:42 . 2012-12-14 01:42 330752 ----a-w- c:\windows\SysWow64\igfxdv32.dll 2012-12-14 01:42 . 2012-12-14 01:42 28672 ----a-w- c:\windows\system32\igfxexps.dll 2012-12-14 01:42 . 2012-12-14 01:42 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll 2012-12-14 01:42 . 2012-12-14 01:42 11174912 ----a-w- c:\windows\SysWow64\igd10umd32.dll 2012-12-14 01:42 . 2012-02-06 08:57 64000 ----a-w- c:\windows\system32\igfxsrvc.dll 2012-12-14 01:42 . 2012-02-06 08:57 110592 ----a-w- c:\windows\system32\hccutils.dll 2012-12-14 01:42 . 2012-12-14 01:42 640512 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll 2012-12-14 01:42 . 2012-12-14 01:42 512112 ----a-w- c:\windows\system32\igfxsrvc.exe 2012-12-14 01:42 . 2012-12-14 01:42 438784 ----a-w- c:\windows\system32\igfxrnld.lrc 2012-12-14 01:42 . 2012-12-14 01:42 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc 2012-12-14 01:42 . 2012-12-14 01:42 3121152 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll 2012-12-14 01:42 . 2012-12-14 01:42 255088 ----a-w- c:\windows\system32\igfxext.exe 2012-12-14 01:42 . 2012-12-14 01:42 483840 ----a-w- c:\windows\system32\igfx11cmrt64.dll 2012-12-14 01:42 . 2012-12-14 01:42 439808 ----a-w- c:\windows\system32\igfxresn.lrc 2012-12-14 01:42 . 2012-12-14 01:42 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc 2012-12-14 01:42 . 2012-12-14 01:42 428544 ----a-w- c:\windows\system32\igfxrchs.lrc 2012-12-14 01:42 . 2012-12-14 01:42 241664 ----a-w- c:\windows\system32\IntelOpenCL64.dll 2012-12-14 01:42 . 2012-02-06 08:57 9007616 ----a-w- c:\windows\system32\igfxress.dll 2012-12-14 01:42 . 2012-02-06 08:57 12858368 ----a-w- c:\windows\system32\igd10umd64.dll 2012-12-14 01:42 . 2012-12-14 01:42 80384 ----a-w- c:\windows\system32\igdde64.dll 2012-12-14 01:42 . 2012-12-14 01:42 754652 ----a-w- c:\windows\system32\igcodeckrng700.bin 2012-12-14 01:42 . 2012-12-14 01:42 598384 ----a-w- c:\windows\system32\igvpkrng700.bin 2012-12-14 01:42 . 2012-12-14 01:42 459264 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll 2012-12-14 01:42 . 2012-12-14 01:42 439296 ----a-w- c:\windows\system32\igfxrrus.lrc 2012-12-14 01:42 . 2012-12-14 01:42 438784 ----a-w- c:\windows\system32\igfxrptg.lrc 2012-12-14 01:42 . 2012-12-14 01:42 286208 ----a-w- c:\windows\system32\igfxrenu.lrc 2012-12-14 01:42 . 2012-12-14 01:42 142336 ----a-w- c:\windows\system32\igfxdo.dll 2012-12-14 01:42 . 2012-02-06 08:57 11049472 ----a-w- c:\windows\SysWow64\igdumd32.dll 2012-12-14 01:42 . 2012-12-14 01:42 56832 ----a-w- c:\windows\system32\Intel_OpenCL_ICD64.dll 2012-12-14 01:42 . 2012-12-14 01:42 5353888 ----a-w- c:\windows\system32\drivers\igdkmd64.sys 2012-12-14 01:42 . 2012-12-14 01:42 439296 ----a-w- c:\windows\system32\igfxrrom.lrc 2012-12-14 01:42 . 2012-12-14 01:42 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc 2012-12-14 01:42 . 2012-12-14 01:42 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll 2012-12-14 01:42 . 2012-12-14 01:42 185968 ----a-w- c:\windows\system32\difx64.exe 2012-12-14 01:42 . 2012-12-14 01:42 11633152 ----a-w- c:\windows\system32\ig7icd64.dll 2012-12-14 01:42 . 2012-02-06 08:58 56832 ----a-w- c:\windows\system32\OpenCL.dll 2012-12-14 01:42 . 2012-12-14 01:42 8621056 ----a-w- c:\windows\SysWow64\ig7icd32.dll 2012-12-14 01:42 . 2012-12-14 01:42 518656 ----a-w- c:\windows\system32\igfxcmrt64.dll 2012-12-14 01:42 . 2012-12-14 01:42 438272 ----a-w- c:\windows\system32\igfxrfin.lrc 2012-12-14 01:42 . 2012-12-14 01:42 437760 ----a-w- c:\windows\system32\igfxrsve.lrc 2012-12-14 01:42 . 2012-12-14 01:42 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc 2012-12-14 01:42 . 2012-12-14 01:42 27457536 ----a-w- c:\windows\system32\igdfcl64.dll 2012-12-14 01:42 . 2012-12-14 01:42 116224 ----a-w- c:\windows\system32\igfxCoIn_v2932.dll 2012-12-14 01:42 . 2012-12-14 01:42 442880 ----a-w- c:\windows\system32\igfxdev.dll 2012-12-14 01:42 . 2012-12-14 01:42 438784 ----a-w- c:\windows\system32\igfxrita.lrc 2012-12-14 01:42 . 2012-12-14 01:42 438272 ----a-w- c:\windows\system32\igfxrhun.lrc 2012-12-14 01:42 . 2012-12-14 01:42 437248 ----a-w- c:\windows\system32\igfxrdan.lrc 2012-12-14 01:42 . 2012-12-14 01:42 27643904 ----a-w- c:\windows\SysWow64\igdrcl32.dll 2012-12-14 01:42 . 2012-12-14 01:42 126976 ----a-w- c:\windows\system32\igfxcpl.cpl 2012-12-14 01:42 . 2012-12-14 01:42 441968 ----a-w- c:\windows\system32\igfxpers.exe 2012-12-14 01:42 . 2012-12-14 01:42 439808 ----a-w- c:\windows\system32\igfxrfra.lrc 2012-12-14 01:42 . 2012-12-14 01:42 410112 ----a-w- c:\windows\system32\igfxTMM.dll 2012-12-14 01:42 . 2012-12-14 01:42 3581440 ----a-w- c:\windows\system32\igdbcl64.dll 2012-12-14 01:42 . 2012-12-14 01:42 172144 ----a-w- c:\windows\system32\igfxtray.exe 2012-12-14 01:42 . 2012-12-14 01:42 5906032 ----a-w- c:\windows\system32\GfxUI.exe 2012-12-14 01:42 . 2012-12-14 01:42 56320 ----a-w- c:\windows\SysWow64\Intel_OpenCL_ICD32.dll 2012-12-14 01:42 . 2012-12-14 01:42 438784 ----a-w- c:\windows\system32\igfxrsky.lrc 2012-12-14 01:42 . 2012-12-14 01:42 438784 ----a-w- c:\windows\system32\igfxrplk.lrc 2012-12-14 01:42 . 2012-12-14 01:42 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc 2012-12-14 01:42 . 2012-12-14 01:42 3511296 ----a-w- c:\windows\system32\igfxcmjit64.dll 2012-12-14 01:42 . 2012-12-14 01:42 2898944 ----a-w- c:\windows\SysWow64\igdbcl32.dll 2012-12-14 01:42 . 2012-12-14 01:42 27664896 ----a-w- c:\windows\system32\igdrcl64.dll 2012-12-14 01:42 . 2012-12-14 01:42 175104 ----a-w- c:\windows\system32\gfxSrvc.dll 2012-12-14 01:42 . 2012-02-06 08:58 56320 ----a-w- c:\windows\SysWow64\OpenCL.dll 2012-12-14 01:42 . 2012-12-14 01:42 437760 ----a-w- c:\windows\system32\igfxrslv.lrc 2012-12-14 01:42 . 2012-12-14 01:42 399984 ----a-w- c:\windows\system32\hkcmd.exe 2012-12-14 01:42 . 2012-12-14 01:42 277616 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe 2012-12-14 01:42 . 2012-12-14 01:42 216064 ----a-w- c:\windows\system32\iglhcp64.dll 2012-12-12 22:00 . 2012-12-12 22:01 916456 ----a-w- c:\windows\system32\deployJava1.dll 2012-12-12 22:00 . 2012-12-12 22:01 289768 ----a-w- c:\windows\system32\javaws.exe 2012-12-12 22:00 . 2012-12-12 22:01 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-12-12 22:00 . 2012-12-12 22:01 189416 ----a-w- c:\windows\system32\javaw.exe 2012-12-12 22:00 . 2012-12-12 22:01 188904 ----a-w- c:\windows\system32\java.exe 2012-12-12 22:00 . 2012-12-12 22:01 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2012-11-30 04:45 . 2013-01-09 16:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-11-14 07:06 . 2012-12-12 21:27 17811968 ----a-w- c:\windows\system32\mshtml.dll 2012-11-14 06:32 . 2012-12-12 21:27 10925568 ----a-w- c:\windows\system32\ieframe.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-05-27 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608] "331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864] "Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-06-01 506712] "MuteSync"="c:\program files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe" [2012-02-04 343040] "Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272] "YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488] "YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448] "UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504] "VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-05-27 329056] "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504] "CAPOSD"="c:\progra~2\Lenovo\LENOVO~2\CAPOSD.exe" [2012-02-09 1876992] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe [2011-12-24 120160] R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-12-13 36000] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-12-13 259744] R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-12-13 109216] R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-12-13 166048] R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-12-13 59040] R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-12-13 283296] R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-12-13 290464] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2011-10-24 313960] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-16 1255736] R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [2012-05-27 57952] S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-27 16152] S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-05-27 39008] S0 NSD;NSD;c:\windows\system32\drivers\nsd.sys [2011-12-24 24160] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [2012-05-27 13408] S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600] S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-12-13 106144] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448] S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-08 128280] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800] S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-12-13 158880] S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-05-27 30816] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-12-13 29344] S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088] S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264] S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-27 356120] S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-27 787736] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352] S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832] . . Inhoud van de 'Gedeelde Taken' map . 2013-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-27 12:58] . 2013-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-27 12:58] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc] @="{771C7324-DA80-49D3-8017-753B0AF60951}" [HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}] 2012-05-27 12:55 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-12-13 792224] "AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-12-13 657568] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-31 12446824] "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712] "OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-05-27 789856] "UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504] "Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-05-27 8079408] "EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-05-27 6200368] "Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-05-27 206176] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN uLocal Page = c:\windows\system32\blank.htm mStart Page = hxxp://lenovo.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 FF - ProfilePath - c:\users\Trix\AppData\Roaming\Mozilla\Firefox\Profiles\tpdjclsh.default\ FF - prefs.js: browser.startup.homepage - about:home FF - ExtSQL: 2012-12-19 16:16; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zi.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zi.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zi.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zi.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-02-05 01:55:14 ComboFix-quarantined-files.txt 2013-02-05 00:55 . Pre-Run: 607.358.894.080 bytes beschikbaar Post-Run: 607.215.222.784 bytes beschikbaar . - - End Of File - - 189BF25BEFA07434C38FA10521960F97 Bvd! Groetjes Holly
  • Hoe gaat het inmiddels?
  • Hallo Abraham54, de laptop werkt m.i. een stuk stabieler nu, t knipperen & lang laden is weg (met opstarten gaat ie weer goed en mijn desktopitems blijven staan). Internet blijft traag en knipperlicht, maar dat kan ook i.v.m. vele wifi in woonwijk...soms wel 12 netwerken gedetecteerd, een boel dus. Dan soms nog wel verbinding maar laden de pagina's met geen mogelijkheid. Heb in mijn email gekke e-mailadressen gevonden, die raar zijn en ik niet ken. (dat kan van eerder zijn, toen er een backdoor was geconstateerd door u, toen is er ook misbruik van mijn ID en email gemaakt helaas). Wat kwam er uit de ComboFix en JRT? Zag iets met registersleutels van IE? Ik gebruik IE niet, kan ik die uitzetten? Of is dat een gekke vraag? Bvd! Groetjes Holly
  • Ik weet niet of je via Softonic download, dat niet meer doen vanwege de vieze wrapper die Softonic gebruikt. Doe nu maar het volgende: Download [url=http://www.tweaking.com/content/page/windows_repair_all_in_one.html][b:3ebf249e9b][color=#FF0000:3ebf249e9b]Windows Repair All in One[/color:3ebf249e9b][/b:3ebf249e9b][/url]. [color=#008000:3ebf249e9b][b:3ebf249e9b]Lees deze lange handleiding A.U.B. helemaal door voordat u begint.[/b:3ebf249e9b][/color:3ebf249e9b] [b:3ebf249e9b][color=#008000:3ebf249e9b]Notabene:[/color:3ebf249e9b] sluit voordat [color=#FF0000:3ebf249e9b]Windows Repair All in One[/color:3ebf249e9b] de fix gaat doen, eerst [color=#FF0000:3ebf249e9b]alle[/color:3ebf249e9b] andere openstaande vensters![/b:3ebf249e9b] [list:3ebf249e9b] [*:3ebf249e9b] Dubbelklik op "[b:3ebf249e9b][color=#008000:3ebf249e9b]tweaking.com_windows_repair_aio_setup.exe[/color:3ebf249e9b][/b:3ebf249e9b]" om de installatie daarvan te starten. [*:3ebf249e9b] [color=#0000FF:3ebf249e9b][b:3ebf249e9b]Windows Vista, 7 & 8[/b:3ebf249e9b][/color:3ebf249e9b]: rechtsklik op de setup.exe en dan kiezen voor Als Administrator uitvoeren. [*:3ebf249e9b] Klik in het scherm dat verschijnt op "[b:3ebf249e9b]Next[/b:3ebf249e9b]" om het programma op de computer te installeren. [*:3ebf249e9b] Volg de verder instructies van de installatie op, wanneer de installatie gereed is klikt u op "[b:3ebf249e9b]Next[/b:3ebf249e9b]" en daarna op "[b:3ebf249e9b]Finish[/b:3ebf249e9b]" [*:3ebf249e9b] Hierna wordt het programma automatisch opgestart. [*:3ebf249e9b] Indien wordt aangegeven, dat er een [b:3ebf249e9b]update[/b:3ebf249e9b] beschikbaar is, klikt u op [b:3ebf249e9b]JA[/b:3ebf249e9b] om hier mee akkoord te gaan. [list:3ebf249e9b] [*:3ebf249e9b] Indien u niet beschikt over een werkende internetverbinding, dan kiest u de optie "[b:3ebf249e9b]NEE[/b:3ebf249e9b]".[/list:u:3ebf249e9b] [*:3ebf249e9b] In het scherm wat nu verschijnt klik u op "[b:3ebf249e9b]Next[/b:3ebf249e9b]" zoals op de onderstaande afbeelding. [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e858705fe93/50e858705e33a-WRAIO-b.png[/img:3ebf249e9b] [*:3ebf249e9b] Klik in het vervolg scherm / tabblad [b:3ebf249e9b]Step1[/b:3ebf249e9b] wederom op "[b:3ebf249e9b]Next[/b:3ebf249e9b]" [*:3ebf249e9b] Klik in het volgende scherm [b:3ebf249e9b]Step2[/b:3ebf249e9b] wederom op "[b:3ebf249e9b]Next[/b:3ebf249e9b]" [*:3ebf249e9b] Bij het volgende scherm [b:3ebf249e9b]Step3[/b:3ebf249e9b] klikt u op "[b:3ebf249e9b]Do it[/b:3ebf249e9b]" om de System File Checker uit te voeren zoals u kunt zien op de onderstaande afbeelding. [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e859733bd22/50e859733a1c7-WRAIO-c.png[/img:3ebf249e9b] [*:3ebf249e9b] Er zal nu automatisch een CMD / DOS achtig scherm openen, druk hier op een toets om door te gaan. [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e859d3a0b45/50e859d39eff0-WRAIO-d.png[/img:3ebf249e9b] [*:3ebf249e9b] Als deze scan gereed is klikt u wederom op "[b:3ebf249e9b]Next[/b:3ebf249e9b]" [*:3ebf249e9b] Klik in het volgende scherm [b:3ebf249e9b]Step4[/b:3ebf249e9b] wederom op "[b:3ebf249e9b]Next[/b:3ebf249e9b]" [*:3ebf249e9b] Klik hierna onder het tabblad [b:3ebf249e9b]Start repairs[/b:3ebf249e9b] op de knop [b:3ebf249e9b]Start[/b:3ebf249e9b] zoals op de onderstaande afbeelding. [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e85bad2cdb8/50e85bad2ae7c-WRAIO-e.png[/img:3ebf249e9b] [*:3ebf249e9b] Er zal nu een melding verschijnen met de mededeling om een herstelpunt en register back-up aan te maken, klik hier op [b:3ebf249e9b]JA[/b:3ebf249e9b]. [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e85c0027382/50e85c00267cc-WRAIO-f.png[/img:3ebf249e9b] [*:3ebf249e9b] Hierna verschijnt het volgende scherm. [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e85c55ebef8/50e85c55e8459-WRAIO-g.png[/img:3ebf249e9b] [*:3ebf249e9b] Voer nu verder niets uit op de computer, laat het programma zijn werk doen. [*:3ebf249e9b] Als het bovenstaande scherm is gesloten druk dan nogmaals op [b:3ebf249e9b]Start[/b:3ebf249e9b]. [*:3ebf249e9b] Standaard staan nu alle items aangevinkt, laat deze zo staan en klik op de knop [b:3ebf249e9b]start[/b:3ebf249e9b] zoals u kunt zien op de onderstaande afbeelding. [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e85d423523e/50e85d4231b8f-WRAIO-h.png[/img:3ebf249e9b] [*:3ebf249e9b] Laat het programma nu zijn werk doen en doe verder niets op het systeem, er zullen nu van allerlei CMD schermen verschijnen klik deze dan ook nooit weg. [*:3ebf249e9b] Ik het rode kader op de onderstaande afbeelding ziet u de voorgang van de tool. [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e85f3bddd01/50e85f3bd67d4-WRAIO-i.png[/img:3ebf249e9b] [*:3ebf249e9b] Als het erop lijkt alsof de tool niets meer doet, laat het systeem dan nog steeds met rust en wacht af tot het volgende scherm verschijnt. [*:3ebf249e9b] Wanneer in een volgende scherm daarom gevraagd wordt, klikt u op "[b:3ebf249e9b]JA[/b:3ebf249e9b]" [img:3ebf249e9b]http://www.imgdumper.nl/uploads6/50e8621861f05/50e862186134e-WRAIO-j.png[/img:3ebf249e9b] [*:3ebf249e9b] De computer wordt nu vanzelf na 30 seconden opnieuw opgestart.[/list:u:3ebf249e9b]
  • Hallo Abraham54, Nope, geen Softonic, daar waarschuwde u me vorig jaar voor. Heb wel gedownload via deze twee sites maar werkte niet en weer uninstall gedaan, toen werkte ook de boel niet meer, toen systeemherstelpunt gedaan, toen was het weer ok. http://www.aimersoft.com/drm-music-converter.html en http://computertotaal.nl/software/23463-freemake-audio-converter-1-1-0.html Google wel, ALS ik dan zou kiezen om iets te downloaden zoek ik bijv freeware op deze site van C!T. Majorgeeks en Bleebingcomputer en Softpedia acht ik ook veilig. Scan met MBAM, heb Esetonline scanner. Houd Adobe en Java up2date (check regelmatig in FF). Heb ook Secunia-scan gedaan. Was alles ok. Nu de scan runde zag ik in rood een zin staan: antivirus uitschakelen. Dit had ik niet gedaan...zag het niet in de instructies van u, daarnaast zag ik het ook pas toen de scan runde. Gewacht tot het schermpje om de pc opnieuw op te starten....daarna bleef t scherm weer zwart... na 8-10min wachten de uitknop ingedrukt gehouden&in save modus opgestart. Dat werkte, toen weer gewoon opstarten. Het duurde zo'n tien min. eer het op wou starten... ik maakte me wel een beetje zorgen... Download zelf weinig meer vind ik (soms muziekjes van YouTube), doch had ik in Mediacenter een cd willen maken en mp3 naar wav om willen zetten, wat niet niet is gelukt. Daarom had ik van een bedrijf een trial gedownload, waar ik spijt van had, uninstalled de boel, nog meer spijt toen t vastliep. Idem met de freeware van de burner van C!T. Toch als de pc op een bepaalde manier reageert is het net of ik het gevoel krijg dat er iets niet klopt en iets fout zit. Ik kreeg geen rapport van de scan...of staat die ergens opgeslagen? Bvd Groetjes Holly
  • Nee, je krijgt geen log, maar gaat het nu wel beter. En de downloadsites zijn goed en betrouwbaar.
  • Hallo Abraham54, yes, het knippert niet meer, loopt niet vast (verkenner reageert niet bijv.), geen zwart scherm meer gezien, dus zal eea goed gerepaired zijn gelukkig. Waren het beschadigingen of een virus of malware? Heb gevinkt in de FF dat ik niet gevolgd wil worden, geen cookies of historie bewaren, heb wel wat bladwijzers. Verder vind ik de ATF-cleaner fijn. Is dat raadzaam om te blijven gebruiken? Doe mijn best om alles schoon te houden. Flagfox aan, Dr.Web sitechecker, Adblock, dat scheelt ook dat je niet per ongeluk met de muis op een advertentie komt (ik gebruik de touchpad van de laptop nl.). Is mijn klapkoffer nu weer schoon? Nog opruimen dan? Bvd! Groetjes Holly
  • Lees nu eerst onderstaande eens: [color=#008000:15894cd5ca][b:15894cd5ca]Optimaliseringstips[/b:15894cd5ca][/color:15894cd5ca] Wat je kan doen is het volgende: a) Windows goed opruimen en daarna goed opgeruimd houden en b) Windows goed defragmenteren en daarna regelmatig de defragmentering na opruimen weer ter hand nemen! Wat betreft het opruimen: kijk daarvoor hier: http://www.nationaalcomputerforum.nl/showthread.php?t=99605 Er is denk ik geen betere opschoner voor Windows dan WinSysClean. Ik gebruik WinSysClean als sinds 2001 en heb met iedere nieuwe versie gemerkt dat het tool nog beter reinigt. Schrik niet mocht WinSysClean de eerste keer een hoop troep vinden. 'Windows zelf houdt namelijk ervan een hoop bestanden in de tijdelijke mappen aan te houden en laat dan alleen de oudste bestanden eventueel verwijderen. WinSysClean zorgt er nu voor dat alles wordt opgeruimd. En dat alleen al bevordert het tempo van Windows, want dan hoeft die troep niet meer meegedragen te worden. Overigens: hetzelfde geldt voor al die programma's die je niet meer gebruikt! Wat betreft het defragmenteren: ga O&O Free Defrag gebruiken. O&O Defrag Free Edition als 32-bit- dan wel 64-bit editie - [url=http://www.softpedia.com/progDownload/O-O-Defrag-Free-Download-179765.html]Downloadlink[/url] Start na installatie O&O Defrag Free Edition, deze gratis defragmenteerder werkt efficiënter dan het Windows tool. Standaard is "Smart defrag" al ingesteld, dit houdt in dat veel gebruikte bestanden naar voren worden geplaatst waardoor alles sneller gaat! De eerste defragmentering kan enige tijd in beslag nemen; daarop volgende keren zal het sneller gaan. Laat maar weten of deze "vertroeteltips" hebben geholpen.
  • Hallo Abraham54, De 'vertroeteltools' gedownload, ga ermee aan de slag, laat het natuurlijk horen hoe het verloopt. Hopelijk helpt het met opschonen en sneller maken. Dat is altijd welkom :) Dank wederom. Groetjes Holly.
  • Hallo Abraham54, de defragmentatie is gelukt. Heb dus wel eens last v lezen (dyslectie) en had per ongeluk de 32bits gedaan, die doet t dan dus niet. De 64 bits gedaan, die deed het. Duurde wel even, maar is gelukt. 0,17% gewin na de defragmentatie. Vroeg me af wat het verschil is tussen de cleaner die u aangeeft en CcCleaner van Piriform? Houd zelf niet zo van het registreren enzo, wat zijn de voor&nadelen tov Ccleaner? Bvd Groet Holly

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.