Ga naar inhoud
  • 0

Laptop hapert constant eventjes

anoniem

Gevraagd door anoniem,

Vraag

anoniem Nieuwkomer

anoniem

Geplaatst:
Geplaatst:
Hallo ik ben nieuw op dit forum, mijn naam is Jordy en ik ben 23 jaar oud. Ik ben hier terecht gekomen omdat ik last heb van een enorm vervelend probleem, namelijk dat mijn laptop constant even hapert. Dat doet die bijvoorbeeld al bij het intikken van deze tekst, bij het typen in een Word bestand of bij het intikken van een tekstje op Facebook, maar ook tijdens het spelen van spellen, ook bij spellen die voorheen goed gewerkt hebben. Nou heb ik gezien dat de gebruiker 'roobin' een soortgelijk probleem heeft gehad als ik, maar ondanks dat ik enkele van de tips die ik heb gelezen tijdens het oplossen van zijn probleem heb uitgevoerd blijft mijn probleem bestaan en verbetert het ook niet. Ik hoop dat iemand mij hier kan helpen. Heb helaas vrij weinig verstand van computers en ben dus absoluut afhankelijk van de kenners hier.
Link naar reactie
  • Antwoorden 101
  • Aangemaakt
  • Laatste reactie

Beste reacties voor deze vraag

  • anoniem

    102

Populaire dagen

Beste reacties voor deze vraag

Populaire dagen

101 antwoorden op deze vraag

Aanbevolen berichten

  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
We gebruiken ComboFix opnieuw - maar nu met script. Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:2f7fd46159]Kladblok (of Notepad)[/b:2f7fd46159]". Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:2f7fd46159][color=#0000FF:2f7fd46159]ClearJavaCache:: File:: c:\windows\SysWow64\sho52AA.tmp DDS:: mStart Page = hxxp://nl.woofi.info[/color:2f7fd46159][/b:2f7fd46159] Sla dit kladblokbestand op je bureaublad op als [b:2f7fd46159]CFScript.txt[/b:2f7fd46159]. [b:2f7fd46159][color=#FF0000:2f7fd46159]Nu eerst de antivirus en eventuele spywarescanners deaktiveren![/color:2f7fd46159][/b:2f7fd46159] [color=#008000:2f7fd46159][b:2f7fd46159]Zorg ook ervoor dat alle andere openstaande vensters gesloten zijn, ook de webbrowser.[/b:2f7fd46159][/color:2f7fd46159] Sleep CFScript.txt in ComboFix.exe [img:2f7fd46159]http://crew.nucia.eu/smeenk/CFScript.gif[/img:2f7fd46159] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix-log dat na het opnieuw starten wordt getoond. Ingeval Combofix je computer opnieuw heeft opgestart (of jij dat hebt gedaan), vindt je het log ook in [b:2f7fd46159]C:\Combofix.txt[/b:2f7fd46159] [b:2f7fd46159]Belangrijke opmerking[/b:2f7fd46159]: [list:2f7fd46159][*:2f7fd46159][b:2f7fd46159][color=#FF0000:2f7fd46159]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:2f7fd46159][/b:2f7fd46159] [*:2f7fd46159][b:2f7fd46159][color=#0000FF:2f7fd46159]Illegal operation attempted on a registery key that has been marked for deletion.[/color:2f7fd46159][/b:2f7fd46159] [*:2f7fd46159][b:2f7fd46159][color=#FF0000:2f7fd46159]Start dan de computer opnieuw op.[/color:2f7fd46159][/b:2f7fd46159][/list:u:2f7fd46159]
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Hier het log bestandje naar het volgen van de gegeven stappen: ComboFix 12-05-23.05 - Jordy 23-05-2012 19:54:42.2.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3948.2400 [GMT 2:00] Gestart vanuit: c:\users\Jordy\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Jordy\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\SysWow64\sho52AA.tmp" . . (((((((((((((((((((( Bestanden Gemaakt van 2012-04-23 to 2012-05-23 )))))))))))))))))))))))))))))) . . 2012-05-23 18:02 . 2012-05-23 18:02 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-05-23 18:02 . 2012-05-23 18:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-23 18:02 . 2012-05-23 18:02 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2012-05-23 16:17 . 2012-05-23 16:17 0 ----a-w- c:\windows\SysWow64\sho52AA.tmp 2012-05-23 06:03 . 2012-05-23 06:05 -------- d-----w- C:\TDSSStarter 2012-05-22 10:33 . 2012-05-14 23:41 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A3340F4-0DE2-4EAB-865E-702FA2DF1F7D}\mpengine.dll 2012-05-20 16:29 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-05-20 16:29 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-05-20 16:29 . 2012-03-06 23:15 258520 ----a-w- c:\windows\system32\aswBoot.exe 2012-05-20 16:29 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-05-20 16:29 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-05-20 16:29 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-05-20 16:29 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-05-20 16:29 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr 2012-05-20 16:29 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-05-20 16:29 . 2012-05-20 16:29 -------- d-----w- c:\programdata\AVAST Software 2012-05-20 16:29 . 2012-05-20 16:29 -------- d-----w- c:\program files\AVAST Software 2012-05-20 16:22 . 2012-05-20 16:22 -------- d-----w- c:\windows\SysWow64\drivers\AVG 2012-05-20 15:53 . 2012-05-20 15:53 -------- d-----w- c:\users\Jordy\AppData\Roaming\Malwarebytes 2012-05-20 15:53 . 2012-05-20 15:53 -------- d-----w- c:\programdata\Malwarebytes 2012-05-20 10:51 . 2012-03-11 00:17 121344 ----a-w- c:\windows\system32\IntelOpenCL64.dll 2012-05-20 10:51 . 2012-03-11 00:09 86528 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll 2012-05-20 10:39 . 2012-05-20 10:39 -------- d-----w- c:\program files\Microsoft Silverlight 2012-05-20 10:39 . 2012-05-20 10:39 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2012-05-20 10:01 . 2012-05-20 10:01 12872 ----a-w- c:\windows\system32\bootdelete.exe 2012-05-20 09:53 . 2012-05-20 10:01 -------- d-----w- c:\programdata\HitmanPro 2012-05-20 09:16 . 2012-05-20 11:26 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2012-05-20 09:16 . 2012-05-20 11:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-19 21:44 . 2012-03-19 21:44 5888792 ----a-w- c:\windows\system32\GfxUI.exe 2012-03-19 21:44 . 2012-03-19 21:44 509720 ----a-w- c:\windows\system32\igfxsrvc.exe 2012-03-19 21:44 . 2012-03-19 21:44 439064 ----a-w- c:\windows\system32\igfxpers.exe 2012-03-19 21:44 . 2012-03-19 21:44 398616 ----a-w- c:\windows\system32\hkcmd.exe 2012-03-19 21:44 . 2012-03-19 21:44 276248 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe 2012-03-19 21:44 . 2012-03-19 21:44 250136 ----a-w- c:\windows\system32\igfxext.exe 2012-03-19 21:44 . 2012-03-19 21:44 184600 ----a-w- c:\windows\system32\difx64.exe 2012-03-19 21:44 . 2012-03-19 21:44 170264 ----a-w- c:\windows\system32\igfxtray.exe 2012-03-19 21:42 . 2012-03-19 21:42 90112 ----a-w- c:\windows\system32\igfxCoIn_v2696.dll 2012-03-19 21:32 . 2012-03-19 21:32 14745600 ----a-w- c:\windows\system32\drivers\igdkmd64.sys 2012-03-19 21:31 . 2012-03-19 21:31 8087040 ----a-w- c:\windows\system32\igdumd64.dll 2012-03-19 21:31 . 2012-03-19 21:31 963912 ----a-w- c:\windows\system32\igkrng600.bin 2012-03-19 21:31 . 2012-03-19 21:31 261208 ----a-w- c:\windows\system32\igfcg600m.bin 2012-03-19 21:31 . 2012-03-19 21:31 79360 ----a-w- c:\windows\system32\igdde64.dll 2012-03-19 21:26 . 2010-12-09 05:50 6120960 ----a-w- c:\windows\SysWow64\igdumd32.dll 2012-03-19 21:25 . 2012-03-19 21:25 58880 ----a-w- c:\windows\SysWow64\igdde32.dll 2012-03-19 21:22 . 2010-12-09 05:50 9605632 ----a-w- c:\windows\system32\igd10umd64.dll 2012-03-19 21:11 . 2012-03-19 21:11 7795200 ----a-w- c:\windows\SysWow64\igd10umd32.dll 2012-03-19 20:31 . 2012-03-19 20:31 18137088 ----a-w- c:\windows\system32\ig4icd64.dll 2012-03-19 20:21 . 2012-03-19 20:21 13212672 ----a-w- c:\windows\SysWow64\ig4icd32.dll 2012-03-19 20:18 . 2012-03-19 20:18 439296 ----a-w- c:\windows\system32\igfxrrom.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrsky.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrslv.lrc 2012-03-19 20:18 . 2012-03-19 20:18 439808 ----a-w- c:\windows\system32\igfxresn.lrc 2012-03-19 20:18 . 2012-03-19 20:18 439296 ----a-w- c:\windows\system32\igfxrrus.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrptg.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrplk.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrsve.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrptb.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437248 ----a-w- c:\windows\system32\igfxrtha.lrc 2012-03-19 20:18 . 2012-03-19 20:18 440320 ----a-w- c:\windows\system32\igfxrell.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrita.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrhun.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437760 ----a-w- c:\windows\system32\igfxrnor.lrc 2012-03-19 20:18 . 2012-03-19 20:18 435712 ----a-w- c:\windows\system32\igfxrheb.lrc 2012-03-19 20:18 . 2012-03-19 20:18 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc 2012-03-19 20:18 . 2012-03-19 20:18 430592 ----a-w- c:\windows\system32\igfxrkor.lrc 2012-03-19 20:18 . 2012-03-19 20:18 439808 ----a-w- c:\windows\system32\igfxrfra.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrnld.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrfin.lrc 2012-03-19 20:18 . 2012-03-19 20:18 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc 2012-03-19 20:18 . 2012-03-19 20:18 437248 ----a-w- c:\windows\system32\igfxrdan.lrc 2012-03-19 20:18 . 2012-03-19 20:18 429056 ----a-w- c:\windows\system32\igfxrcht.lrc 2012-03-19 20:18 . 2012-03-19 20:18 435712 ----a-w- c:\windows\system32\igfxrara.lrc 2012-03-19 20:18 . 2012-03-19 20:18 428544 ----a-w- c:\windows\system32\igfxrchs.lrc 2012-03-19 20:18 . 2012-03-19 20:18 126976 ----a-w- c:\windows\system32\igfxcpl.cpl 2012-03-19 20:18 . 2012-03-19 20:18 386560 ----a-w- c:\windows\system32\igfxpph.dll 2012-03-19 20:18 . 2012-03-19 20:18 410624 ----a-w- c:\windows\system32\igfxTMM.dll 2012-03-19 20:17 . 2010-12-09 05:50 28672 ----a-w- c:\windows\system32\igfxexps.dll 2012-03-19 20:17 . 2010-12-09 05:50 63488 ----a-w- c:\windows\system32\igfxsrvc.dll 2012-03-19 20:17 . 2010-12-09 05:50 110592 ----a-w- c:\windows\system32\hccutils.dll 2012-03-19 20:17 . 2012-03-19 20:17 9216 ----a-w- c:\windows\system32\IGFXDEVLib.dll 2012-03-19 20:17 . 2012-03-19 20:17 172032 ----a-w- c:\windows\system32\gfxSrvc.dll 2012-03-19 20:17 . 2010-12-09 05:50 434688 ----a-w- c:\windows\system32\igfxdev.dll 2012-03-19 20:16 . 2012-03-19 20:16 286208 ----a-w- c:\windows\system32\igfxrenu.lrc 2012-03-19 20:16 . 2012-03-19 20:16 142336 ----a-w- c:\windows\system32\igfxdo.dll 2012-03-19 20:16 . 2010-12-09 05:50 9007616 ----a-w- c:\windows\system32\igfxress.dll 2012-03-19 20:12 . 2012-03-19 20:12 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll 2012-03-19 20:11 . 2012-03-19 20:11 325120 ----a-w- c:\windows\SysWow64\igfxdv32.dll 2012-03-19 20:09 . 2012-03-19 20:09 524800 ----a-w- c:\windows\system32\iglhsip64.dll 2012-03-19 20:09 . 2012-03-19 20:09 519680 ----a-w- c:\windows\SysWow64\iglhsip32.dll 2012-03-19 20:09 . 2012-03-19 20:09 2967040 ----a-w- c:\windows\system32\igfxcmjit64.dll 2012-03-19 20:09 . 2012-03-19 20:09 237056 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll 2012-03-19 20:09 . 2012-03-19 20:09 2321408 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll 2012-03-19 20:09 . 2012-03-19 20:09 213504 ----a-w- c:\windows\system32\iglhcp64.dll 2012-03-19 20:09 . 2012-03-19 20:09 193024 ----a-w- c:\windows\system32\igfxcmrt64.dll 2012-03-19 20:09 . 2012-03-19 20:09 177152 ----a-w- c:\windows\SysWow64\iglhcp32.dll 2012-03-11 00:17 . 2010-12-29 08:19 20992 ----a-w- c:\windows\system32\OpenCL.dll 2012-03-11 00:09 . 2010-12-29 08:19 17920 ----a-w- c:\windows\SysWow64\OpenCL.dll 2012-03-01 06:46 . 2012-04-14 10:49 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-03-01 06:38 . 2012-04-14 10:49 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-03-01 06:33 . 2012-04-14 10:49 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-03-01 06:28 . 2012-04-14 10:49 5120 ----a-w- c:\windows\system32\wmi.dll 2012-03-01 05:37 . 2012-04-14 10:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-03-01 05:33 . 2012-04-14 10:49 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-03-01 05:29 . 2012-04-14 10:49 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-02-28 12:44 . 2011-12-04 13:26 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-02-28 06:39 . 2012-04-11 16:32 1188864 ----a-w- c:\windows\system32\wininet.dll 2012-02-28 05:38 . 2012-04-11 16:32 981504 ----a-w- c:\windows\SysWow64\wininet.dll 2012-02-28 04:31 . 2012-04-11 16:32 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-28 03:52 . 2012-04-11 16:32 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb . . ((((((((((((((((((((((((((((( SnapShot@2012-05-23_16.32.22 ))))))))))))))))))))))))))))))))))))))))) . - 2012-05-23 16:31 . 2012-05-23 16:31 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat + 2012-05-23 18:03 . 2012-05-23 18:03 13318 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat - 2009-07-14 04:54 . 2012-05-23 16:31 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-05-23 18:03 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-05-23 18:03 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-05-23 16:31 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-05-23 18:03 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-05-23 16:31 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-12-06 09:39 . 2012-05-23 17:51 48220 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-05-23 17:51 32104 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-03-16 16:28 . 2012-05-23 17:51 13008 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1781743323-2443383540-730848164-1002_UserData.bin + 2010-12-29 08:45 . 2012-05-23 18:03 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-12-29 08:45 . 2012-05-23 16:31 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-05-21 07:19 . 2012-05-23 18:03 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2012-05-21 07:19 . 2012-05-23 16:31 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-05-23 16:31 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-05-23 18:03 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-03-16 16:25 . 2012-05-23 16:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-03-16 16:25 . 2012-05-23 17:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-03-16 16:25 . 2012-05-23 16:19 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-03-16 16:25 . 2012-05-23 17:50 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2010-12-29 08:28 . 2012-05-23 16:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-12-29 08:28 . 2012-05-23 17:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-12-29 08:28 . 2012-05-23 16:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-12-29 08:28 . 2012-05-23 17:50 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-12-29 08:28 . 2012-05-23 17:50 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-12-29 08:28 . 2012-05-23 16:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2012-05-23 16:31 . 2012-05-23 16:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-05-23 18:03 . 2012-05-23 18:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-05-23 18:03 . 2012-05-23 18:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-05-23 16:31 . 2012-05-23 16:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 05:01 . 2012-05-23 16:31 399516 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-05-23 18:03 399516 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="c:\users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-08 932528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-18 407920] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-18 201584] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2010-11-12 296768] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-12-09 1025616] "MDS_Menu"="c:\program files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2010-11-27 177448] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248] R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912] R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x] R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-14 868224] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2012-01-13 103440] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-12 257344] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-11-22 1993320] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232] S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [x] S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [x] S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [x] S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [x] S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . Inhoud van de 'Gedeelde Taken' map . 2012-05-23 c:\windows\Tasks\FinalTorrent Update Checker.job - c:\program files (x86)\FinalTorrent\FTCheckForUpdates.exe [2011-03-17 15:50] . 2012-05-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002Core.job - c:\users\Jordy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-16 16:55] . 2012-05-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002UA.job - c:\users\Jordy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-16 16:55] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-26 11619432] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-11-26 2185832] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-10-14 860040] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uStart Page = about:blank uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Verzenden naar OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.254 DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - hxxps://webmail.saxion.nl/dwa85W.cab . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_USERS\S-1-5-21-1781743323-2443383540-730848164-1002\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\SysWOW64\rundll32.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe c:\program files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2012-05-23 20:09:34 - machine werd herstart ComboFix-quarantined-files.txt 2012-05-23 18:09 ComboFix2.txt 2012-05-23 16:38 . Pre-Run: 499.003.469.824 bytes beschikbaar Post-Run: 498.911.985.664 bytes beschikbaar . - - End Of File - - 223F0F8F6AA8A817413D256BFC718B1A
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Wow, bijna dubbel zoveel als in mijn Windows 7! [b:9f54581c4a]Welk programma[/b:9f54581c4a]: [color=#008000:9f54581c4a][b:9f54581c4a]OTL.com[/b:9f54581c4a][/color:9f54581c4a] [b:9f54581c4a]Waarvoor/waarom[/b:9f54581c4a]: multifunktioneel tool - analyse en fix [b:9f54581c4a]Moeilijkheidsgraad[/b:9f54581c4a]: geen. [b:9f54581c4a]Download[/b:9f54581c4a]: [url=http://oldtimer.geekstogo.com/OTL.com][b:9f54581c4a][color=red:9f54581c4a]OTL[/color:9f54581c4a][/b:9f54581c4a][/url] en plaats het bestand op het bureaublad. [b:9f54581c4a][color=#008000:9f54581c4a]OTL.com[/color:9f54581c4a] gebruiken[/b:9f54581c4a]: [list:9f54581c4a][*:9f54581c4a] [b:9f54581c4a][color=#0000FF:9f54581c4a]Sluit nu eerst alle nog openstaande programmavensters![/color:9f54581c4a][/b:9f54581c4a] [list:9f54581c4a][*:9f54581c4a]Dubblklik op [img:9f54581c4a]http://www.imgdumper.nl/uploads5/4f91108799372/4f91108798ba0-OTL-1.png[/img:9f54581c4a] [/list:u:9f54581c4a][/list:u:9f54581c4a] [list:9f54581c4a][*:9f54581c4a]Zet een vinkje bij [color=#0000FF:9f54581c4a][b:9f54581c4a]Scan All Users[/b:9f54581c4a][/color:9f54581c4a]. [*:9f54581c4a]Verander de instelling bij [b:9f54581c4a][color=#0000FF:9f54581c4a]File Age[/color:9f54581c4a][/b:9f54581c4a] naar 60. [*:9f54581c4a]Klik op [img:9f54581c4a]http://www.imgdumper.nl/uploads5/4f9112fd1172c/4f9112fd11340-OTL-3.png[/img:9f54581c4a]. [*:9f54581c4a]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef. [*:9f54581c4a]De scan zal niet heel erg lang duren. [list:9f54581c4a][*:9f54581c4a]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:9f54581c4a]OTL.Txt[/b:9f54581c4a] en [b:9f54581c4a]Extras.txt[/b:9f54581c4a]. [*:9f54581c4a]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:9f54581c4a] [*:9f54581c4a][color=#008000:9f54581c4a][b:9f54581c4a]Notabene:[/b:9f54581c4a][/color:9f54581c4a] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:9f54581c4a]
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Hier de log OTL: OTL logfile created on: 5/23/2012 8:57:01 PM - Run 1 OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Jordy\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3.86 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 58.80% Memory free 7.71 Gb Paging File | 5.92 Gb Available in Paging File | 76.74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581.07 Gb Total Space | 464.75 Gb Free Space | 79.98% Space Free | Partition Type: NTFS Computer Name: JORDY-PC | User Name: Jordy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:a78e6421fa]========== Processes (SafeList) ==========[/color:a78e6421fa] PRC - [2012/05/23 20:51:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jordy\Desktop\OTL.com PRC - [2012/05/08 15:10:45 | 000,932,528 | ---- | M] () -- C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe PRC - [2012/03/07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2010/12/09 07:27:50 | 001,025,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2010/12/09 07:27:50 | 000,287,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2010/11/27 08:34:16 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe PRC - [2010/11/26 08:54:46 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe PRC - [2010/11/26 08:54:40 | 000,181,624 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe PRC - [2010/11/12 03:21:36 | 000,296,768 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe PRC - [2010/09/28 05:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe PRC - [2010/09/18 02:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2010/09/18 02:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2010/09/14 04:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010/04/27 04:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [color=#E56717:a78e6421fa]========== Modules (No Company Name) ==========[/color:a78e6421fa] MOD - [2012/05/20 11:33:15 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6c30b231f838269283ee449bbc98b202\IAStorUtil.ni.dll MOD - [2012/05/20 11:33:15 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll MOD - [2012/05/15 18:11:28 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1a690902e9a6293de228c16fab21e2f7\System.Web.ni.dll MOD - [2012/05/15 18:11:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012/05/15 18:10:35 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll MOD - [2012/05/15 18:10:25 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll MOD - [2012/05/15 18:10:08 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012/05/15 18:10:04 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012/05/15 18:10:01 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012/05/15 18:10:00 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012/05/15 18:09:52 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012/05/09 05:04:52 | 000,441,840 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll MOD - [2012/05/09 05:04:51 | 003,921,904 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll MOD - [2012/05/09 05:03:36 | 000,553,456 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\libglesv2.dll MOD - [2012/05/09 05:03:35 | 000,117,744 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\libegl.dll MOD - [2012/05/09 05:03:25 | 000,134,656 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\avutil-51.dll MOD - [2012/05/09 05:03:24 | 000,250,368 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\avformat-54.dll MOD - [2012/05/09 05:03:23 | 002,375,680 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll MOD - [2012/05/09 04:09:13 | 008,743,584 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll MOD - [2012/05/09 04:09:13 | 008,743,584 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\APPLIC~1\190108~1.46\gcswf32.dll MOD - [2012/05/08 15:10:45 | 000,932,528 | ---- | M] () -- C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe MOD - [2010/12/29 09:57:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_nl_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2010/11/26 08:54:40 | 000,210,304 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll MOD - [2010/11/26 08:54:40 | 000,181,624 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe MOD - [2010/11/13 02:34:15 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/11/12 03:22:22 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll [color=#E56717:a78e6421fa]========== Win32 Services (SafeList) ==========[/color:a78e6421fa] SRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2012/03/07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/10/14 04:27:30 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/10/08 12:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R) SRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/01/29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/03/19 23:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R) SRV - [2012/01/13 12:21:16 | 000,103,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service) SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/08/12 17:13:26 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2011/05/02 12:37:49 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011/03/20 17:44:30 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010/12/29 10:23:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/12/09 07:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010/11/22 20:23:00 | 001,993,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010/11/12 03:21:52 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2010/10/06 06:08:48 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010/10/06 06:08:44 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010/09/28 04:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service) SRV - [2010/09/14 04:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717:a78e6421fa]========== Driver Services (SafeList) ==========[/color:a78e6421fa] DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2012/03/19 23:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2012/03/07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2012/03/07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2012/03/07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2012/03/07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2012/03/07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2012/03/07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2011/12/06 04:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/12/12 06:43:54 | 000,085,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/12/11 18:12:54 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/12/11 18:12:50 | 000,067,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/12/11 03:46:56 | 000,035,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/12/06 12:14:40 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/12/06 12:14:40 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/12/06 12:14:40 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/12/02 08:36:04 | 000,411,688 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/11/22 20:23:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/11/09 12:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/10/08 12:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/09/30 07:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/09/30 07:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/09/14 04:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/07/29 15:30:48 | 001,383,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/07/09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/06/25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2010/04/20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2009/11/01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2009/07/14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2009/07/14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b:a78e6421fa]64bit:[/b:a78e6421fa] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717:a78e6421fa]========== Standard Registry (SafeList) ==========[/color:a78e6421fa] [color=#E56717:a78e6421fa]========== Internet Explorer ==========[/color:a78e6421fa] IE:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6CF1003B-BFD2-4A06-AC83-B3B31130CD60} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6CF1003B-BFD2-4A06-AC83-B3B31130CD60}: "URL" = http://nl.woofi.info IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2880292 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=241e43f500000000000018f46ab7481d IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo.com/search?fr=vmn&type=vmn-ada-vmntbcleaner-1_0-ya-ch-rp&q={searchTerms} IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{69530022-CC23-4D73-B931-641CCC723C0D}: "URL" = http://search.avg.com/?d=4dfc6dc7&i=23&tp=chrome&q={searchTerms}&lng={language}&nt=1 IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{6CF1003B-BFD2-4A06-AC83-B3B31130CD60}: "URL" = http://nl.woofi.info IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2880292 IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:a78e6421fa]========== FireFox ==========[/color:a78e6421fa] FF:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jordy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jordy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/02/23 16:10:45 | 000,000,000 | ---D | M] [color=#E56717:a78e6421fa]========== Chrome ==========[/color:a78e6421fa] CHR - default_search_provider: Search the web (Babylon) (Enabled) CHR - default_search_provider: search_url = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=241e43f500000000000018f46ab7481d CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Jordy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Zoeken = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ CHR - Extension: Gmail = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/05/23 20:04:07 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b:a78e6421fa]64bit:[/b:a78e6421fa] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b:a78e6421fa]64bit:[/b:a78e6421fa] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O3:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O4:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002..\Run: [Spotify Web Helper] C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [AVG search provider] "C:\Program Files (x86)\AVG\AVG10\SearchProvider.exe" /AFTERINST File not found O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe () O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [spchecker] "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\__avast! sandbox\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://webmail.saxion.nl/dwa85W.cab (IBM Lotus iNotes 8.5 Control) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}: DhcpNameServer = 192.168.1.254 O18:[b:a78e6421fa]64bit:[/b:a78e6421fa] - Protocol\Handler\base64 - No CLSID value found O18:[b:a78e6421fa]64bit:[/b:a78e6421fa] - Protocol\Handler\chrome - No CLSID value found O18:[b:a78e6421fa]64bit:[/b:a78e6421fa] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b:a78e6421fa]64bit:[/b:a78e6421fa] - Protocol\Handler\livecall - No CLSID value found O18:[b:a78e6421fa]64bit:[/b:a78e6421fa] - Protocol\Handler\ms-help - No CLSID value found O18:[b:a78e6421fa]64bit:[/b:a78e6421fa] - Protocol\Handler\msnim - No CLSID value found O18:[b:a78e6421fa]64bit:[/b:a78e6421fa] - Protocol\Handler\prox - No CLSID value found O18:[b:a78e6421fa]64bit:[/b:a78e6421fa] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b:a78e6421fa]64bit:[/b:a78e6421fa] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b:a78e6421fa]64bit:[/b:a78e6421fa] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\base64 - No CLSID value found O18 - Protocol\Handler\chrome - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\prox - No CLSID value found O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O20:[b:a78e6421fa]64bit:[/b:a78e6421fa] - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b:a78e6421fa]64bit:[/b:a78e6421fa] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM\..comfile [open] -- "%1" %* O35:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b:a78e6421fa]64bit:[/b:a78e6421fa] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found O37 - HKLM\...exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717:a78e6421fa]========== Files/Folders - Created Within 30 Days ==========[/color:a78e6421fa] [2012/05/23 20:51:38 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Jordy\Desktop\OTL.com [2012/05/23 20:13:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/05/23 18:22:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/05/23 18:22:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/05/23 18:22:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/05/23 18:22:19 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2012/05/23 18:22:13 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/05/23 18:21:34 | 004,525,103 | R--- | C] (Swearware) -- C:\Users\Jordy\Desktop\ComboFix.exe [2012/05/23 08:03:00 | 000,000,000 | ---D | C] -- C:\TDSSStarter [2012/05/22 12:24:59 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Jordy\Desktop\dds.com [2012/05/20 18:32:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security [2012/05/20 18:29:44 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012/05/20 18:29:44 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012/05/20 18:29:42 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012/05/20 18:29:42 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012/05/20 18:29:42 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012/05/20 18:29:42 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012/05/20 18:29:42 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012/05/20 18:29:25 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012/05/20 18:29:24 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012/05/20 18:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012/05/20 18:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012/05/20 18:22:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG [2012/05/20 17:53:09 | 000,000,000 | ---D | C] -- C:\Users\Jordy\AppData\Roaming\Malwarebytes [2012/05/20 17:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/05/20 14:07:25 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012/05/20 12:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012/05/20 12:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012/05/20 12:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012/05/20 12:01:21 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2012/05/20 11:53:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2012/05/20 11:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012/05/20 11:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717:a78e6421fa]========== Files - Modified Within 30 Days ==========[/color:a78e6421fa] [2012/05/23 20:51:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jordy\Desktop\OTL.com [2012/05/23 20:42:02 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002UA.job [2012/05/23 20:20:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/05/23 20:20:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/05/23 20:12:53 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\FinalTorrent Update Checker.job [2012/05/23 20:12:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/05/23 20:11:52 | 3104,624,640 | -HS- | M] () -- C:\hiberfil.sys [2012/05/23 20:04:07 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/05/23 18:20:59 | 004,525,103 | R--- | M] (Swearware) -- C:\Users\Jordy\Desktop\ComboFix.exe [2012/05/23 02:21:52 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002Core.job [2012/05/22 14:39:15 | 001,579,838 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/05/22 14:39:15 | 000,712,352 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat [2012/05/22 14:39:15 | 000,625,462 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/05/22 14:39:15 | 000,138,912 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat [2012/05/22 14:39:15 | 000,110,842 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/05/22 12:25:24 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Jordy\Desktop\dds.com [2012/05/20 18:33:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012/05/20 18:32:21 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2012/05/20 18:22:25 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm [2012/05/20 16:45:39 | 000,007,605 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Resmon.ResmonCfg [2012/05/20 13:03:47 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/05/20 12:55:30 | 000,017,748 | ---- | M] () -- C:\Windows\SysNative\results.xml [2012/05/20 12:01:21 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2012/05/15 18:07:21 | 000,427,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717:a78e6421fa]========== Files Created - No Company Name ==========[/color:a78e6421fa] [2012/05/23 18:22:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/05/23 18:22:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/05/23 18:22:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/05/23 18:22:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/05/23 18:22:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/05/20 18:32:21 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2012/05/20 18:29:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012/05/20 18:22:25 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm [2012/05/20 16:45:39 | 000,007,605 | ---- | C] () -- C:\Users\Jordy\AppData\Local\Resmon.ResmonCfg [2012/03/19 23:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012/03/19 23:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012/03/19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012/03/19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011/03/20 17:44:37 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/03/20 17:44:30 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011/03/20 17:44:30 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/03/16 20:50:19 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2011/03/16 19:44:40 | 001,607,656 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/12/29 10:19:13 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2010/12/09 07:50:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [color=#E56717:a78e6421fa]========== LOP Check ==========[/color:a78e6421fa] [2011/04/19 15:05:50 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\com.w3i.FlipToast [2011/11/14 20:58:30 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\DAEMON Tools Lite [2011/03/19 00:41:25 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\FinalTorrent [2011/11/01 13:27:11 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\HTC [2011/10/25 17:31:47 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2011/04/18 20:39:39 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\PowerCinema [2011/04/19 15:05:02 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\RegistryKeys [2012/05/21 18:25:25 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\SoftGrid Client [2012/05/15 14:39:33 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\Spotify [2012/05/20 12:39:46 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\SystemRequirementsLab [2011/03/16 19:45:13 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\TP [2011/03/18 19:15:14 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\WhiteSmoke [2011/06/09 19:00:39 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\Windows Live Writer [2012/05/23 20:12:53 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\FinalTorrent Update Checker.job [color=#E56717:a78e6421fa]========== Purity Check ==========[/color:a78e6421fa] [color=#E56717:a78e6421fa]========== Alternate Data Streams ==========[/color:a78e6421fa] @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:4D066AD2 @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D < End of report >
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
En hier de Extras.. : OTL logfile created on: 5/23/2012 8:57:01 PM - Run 1 OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Jordy\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3.86 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 58.80% Memory free 7.71 Gb Paging File | 5.92 Gb Available in Paging File | 76.74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581.07 Gb Total Space | 464.75 Gb Free Space | 79.98% Space Free | Partition Type: NTFS Computer Name: JORDY-PC | User Name: Jordy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:271cfb05af]========== Processes (SafeList) ==========[/color:271cfb05af] PRC - [2012/05/23 20:51:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jordy\Desktop\OTL.com PRC - [2012/05/08 15:10:45 | 000,932,528 | ---- | M] () -- C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe PRC - [2012/03/07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2010/12/09 07:27:50 | 001,025,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2010/12/09 07:27:50 | 000,287,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2010/11/27 08:34:16 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe PRC - [2010/11/26 08:54:46 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe PRC - [2010/11/26 08:54:40 | 000,181,624 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe PRC - [2010/11/12 03:21:36 | 000,296,768 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe PRC - [2010/09/28 05:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe PRC - [2010/09/18 02:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2010/09/18 02:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2010/09/14 04:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010/04/27 04:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [color=#E56717:271cfb05af]========== Modules (No Company Name) ==========[/color:271cfb05af] MOD - [2012/05/20 11:33:15 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6c30b231f838269283ee449bbc98b202\IAStorUtil.ni.dll MOD - [2012/05/20 11:33:15 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll MOD - [2012/05/15 18:11:28 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1a690902e9a6293de228c16fab21e2f7\System.Web.ni.dll MOD - [2012/05/15 18:11:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012/05/15 18:10:35 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll MOD - [2012/05/15 18:10:25 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll MOD - [2012/05/15 18:10:08 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012/05/15 18:10:04 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012/05/15 18:10:01 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012/05/15 18:10:00 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012/05/15 18:09:52 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012/05/09 05:04:52 | 000,441,840 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll MOD - [2012/05/09 05:04:51 | 003,921,904 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll MOD - [2012/05/09 05:03:36 | 000,553,456 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\libglesv2.dll MOD - [2012/05/09 05:03:35 | 000,117,744 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\libegl.dll MOD - [2012/05/09 05:03:25 | 000,134,656 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\avutil-51.dll MOD - [2012/05/09 05:03:24 | 000,250,368 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\avformat-54.dll MOD - [2012/05/09 05:03:23 | 002,375,680 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll MOD - [2012/05/09 04:09:13 | 008,743,584 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll MOD - [2012/05/09 04:09:13 | 008,743,584 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Google\Chrome\APPLIC~1\190108~1.46\gcswf32.dll MOD - [2012/05/08 15:10:45 | 000,932,528 | ---- | M] () -- C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe MOD - [2010/12/29 09:57:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_nl_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2010/11/26 08:54:40 | 000,210,304 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll MOD - [2010/11/26 08:54:40 | 000,181,624 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe MOD - [2010/11/13 02:34:15 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/11/12 03:22:22 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll [color=#E56717:271cfb05af]========== Win32 Services (SafeList) ==========[/color:271cfb05af] SRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2012/03/07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/10/14 04:27:30 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/10/08 12:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel(R) SRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/01/29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/03/19 23:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R) SRV - [2012/01/13 12:21:16 | 000,103,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service) SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/08/12 17:13:26 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2011/05/02 12:37:49 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011/03/20 17:44:30 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010/12/29 10:23:31 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/12/09 07:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010/11/22 20:23:00 | 001,993,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010/11/12 03:21:52 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2010/10/06 06:08:48 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010/10/06 06:08:44 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010/09/28 04:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service) SRV - [2010/09/14 04:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717:271cfb05af]========== Driver Services (SafeList) ==========[/color:271cfb05af] DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2012/03/19 23:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2012/03/07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2012/03/07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2012/03/07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2012/03/07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2012/03/07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2012/03/07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2011/12/06 04:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/12/12 06:43:54 | 000,085,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/12/11 18:12:54 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/12/11 18:12:50 | 000,067,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/12/11 03:46:56 | 000,035,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/12/06 12:14:40 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/12/06 12:14:40 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/12/06 12:14:40 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/12/02 08:36:04 | 000,411,688 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/11/22 20:23:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/11/09 12:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/10/08 12:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/09/30 07:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/09/30 07:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/09/14 04:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/07/29 15:30:48 | 001,383,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/07/09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/06/25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2010/04/20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2009/11/01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2009/07/14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2009/07/14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b:271cfb05af]64bit:[/b:271cfb05af] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717:271cfb05af]========== Standard Registry (SafeList) ==========[/color:271cfb05af] [color=#E56717:271cfb05af]========== Internet Explorer ==========[/color:271cfb05af] IE:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6CF1003B-BFD2-4A06-AC83-B3B31130CD60} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6CF1003B-BFD2-4A06-AC83-B3B31130CD60}: "URL" = http://nl.woofi.info IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2880292 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=241e43f500000000000018f46ab7481d IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo.com/search?fr=vmn&type=vmn-ada-vmntbcleaner-1_0-ya-ch-rp&q={searchTerms} IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{69530022-CC23-4D73-B931-641CCC723C0D}: "URL" = http://search.avg.com/?d=4dfc6dc7&i=23&tp=chrome&q={searchTerms}&lng={language}&nt=1 IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{6CF1003B-BFD2-4A06-AC83-B3B31130CD60}: "URL" = http://nl.woofi.info IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2880292 IE - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:271cfb05af]========== FireFox ==========[/color:271cfb05af] FF:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jordy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jordy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/02/23 16:10:45 | 000,000,000 | ---D | M] [color=#E56717:271cfb05af]========== Chrome ==========[/color:271cfb05af] CHR - default_search_provider: Search the web (Babylon) (Enabled) CHR - default_search_provider: search_url = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=241e43f500000000000018f46ab7481d CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Jordy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Zoeken = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ CHR - Extension: Gmail = C:\Users\Jordy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/05/23 20:04:07 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b:271cfb05af]64bit:[/b:271cfb05af] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b:271cfb05af]64bit:[/b:271cfb05af] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O3:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O4:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002..\Run: [Spotify Web Helper] C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [AVG search provider] "C:\Program Files (x86)\AVG\AVG10\SearchProvider.exe" /AFTERINST File not found O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe () O4 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000..\RunOnce: [spchecker] "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\__avast! sandbox\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1781743323-2443383540-730848164-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1781743323-2443383540-730848164-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://webmail.saxion.nl/dwa85W.cab (IBM Lotus iNotes 8.5 Control) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0438393-9870-45F9-8A53-E2AE997C72BA}: DhcpNameServer = 192.168.1.254 O18:[b:271cfb05af]64bit:[/b:271cfb05af] - Protocol\Handler\base64 - No CLSID value found O18:[b:271cfb05af]64bit:[/b:271cfb05af] - Protocol\Handler\chrome - No CLSID value found O18:[b:271cfb05af]64bit:[/b:271cfb05af] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b:271cfb05af]64bit:[/b:271cfb05af] - Protocol\Handler\livecall - No CLSID value found O18:[b:271cfb05af]64bit:[/b:271cfb05af] - Protocol\Handler\ms-help - No CLSID value found O18:[b:271cfb05af]64bit:[/b:271cfb05af] - Protocol\Handler\msnim - No CLSID value found O18:[b:271cfb05af]64bit:[/b:271cfb05af] - Protocol\Handler\prox - No CLSID value found O18:[b:271cfb05af]64bit:[/b:271cfb05af] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b:271cfb05af]64bit:[/b:271cfb05af] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b:271cfb05af]64bit:[/b:271cfb05af] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\base64 - No CLSID value found O18 - Protocol\Handler\chrome - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\prox - No CLSID value found O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O20:[b:271cfb05af]64bit:[/b:271cfb05af] - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b:271cfb05af]64bit:[/b:271cfb05af] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM\..comfile [open] -- "%1" %* O35:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b:271cfb05af]64bit:[/b:271cfb05af] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found O37 - HKLM\...exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717:271cfb05af]========== Files/Folders - Created Within 30 Days ==========[/color:271cfb05af] [2012/05/23 20:51:38 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Jordy\Desktop\OTL.com [2012/05/23 20:13:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/05/23 18:22:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/05/23 18:22:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/05/23 18:22:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/05/23 18:22:19 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2012/05/23 18:22:13 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/05/23 18:21:34 | 004,525,103 | R--- | C] (Swearware) -- C:\Users\Jordy\Desktop\ComboFix.exe [2012/05/23 08:03:00 | 000,000,000 | ---D | C] -- C:\TDSSStarter [2012/05/22 12:24:59 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Jordy\Desktop\dds.com [2012/05/20 18:32:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security [2012/05/20 18:29:44 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012/05/20 18:29:44 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012/05/20 18:29:42 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012/05/20 18:29:42 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012/05/20 18:29:42 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012/05/20 18:29:42 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012/05/20 18:29:42 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012/05/20 18:29:25 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012/05/20 18:29:24 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012/05/20 18:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012/05/20 18:29:15 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012/05/20 18:22:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG [2012/05/20 17:53:09 | 000,000,000 | ---D | C] -- C:\Users\Jordy\AppData\Roaming\Malwarebytes [2012/05/20 17:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/05/20 14:07:25 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012/05/20 12:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012/05/20 12:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012/05/20 12:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012/05/20 12:01:21 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2012/05/20 11:53:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2012/05/20 11:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012/05/20 11:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717:271cfb05af]========== Files - Modified Within 30 Days ==========[/color:271cfb05af] [2012/05/23 20:51:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jordy\Desktop\OTL.com [2012/05/23 20:42:02 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002UA.job [2012/05/23 20:20:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/05/23 20:20:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/05/23 20:12:53 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\FinalTorrent Update Checker.job [2012/05/23 20:12:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/05/23 20:11:52 | 3104,624,640 | -HS- | M] () -- C:\hiberfil.sys [2012/05/23 20:04:07 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/05/23 18:20:59 | 004,525,103 | R--- | M] (Swearware) -- C:\Users\Jordy\Desktop\ComboFix.exe [2012/05/23 02:21:52 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1781743323-2443383540-730848164-1002Core.job [2012/05/22 14:39:15 | 001,579,838 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/05/22 14:39:15 | 000,712,352 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat [2012/05/22 14:39:15 | 000,625,462 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/05/22 14:39:15 | 000,138,912 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat [2012/05/22 14:39:15 | 000,110,842 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/05/22 12:25:24 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Jordy\Desktop\dds.com [2012/05/20 18:33:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012/05/20 18:32:21 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2012/05/20 18:22:25 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm [2012/05/20 16:45:39 | 000,007,605 | ---- | M] () -- C:\Users\Jordy\AppData\Local\Resmon.ResmonCfg [2012/05/20 13:03:47 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/05/20 12:55:30 | 000,017,748 | ---- | M] () -- C:\Windows\SysNative\results.xml [2012/05/20 12:01:21 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2012/05/15 18:07:21 | 000,427,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717:271cfb05af]========== Files Created - No Company Name ==========[/color:271cfb05af] [2012/05/23 18:22:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/05/23 18:22:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/05/23 18:22:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/05/23 18:22:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/05/23 18:22:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/05/20 18:32:21 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2012/05/20 18:29:42 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012/05/20 18:22:25 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavifw.avm [2012/05/20 16:45:39 | 000,007,605 | ---- | C] () -- C:\Users\Jordy\AppData\Local\Resmon.ResmonCfg [2012/03/19 23:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012/03/19 23:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012/03/19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012/03/19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011/03/20 17:44:37 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/03/20 17:44:30 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011/03/20 17:44:30 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/03/16 20:50:19 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2011/03/16 19:44:40 | 001,607,656 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/12/29 10:19:13 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2010/12/09 07:50:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [color=#E56717:271cfb05af]========== LOP Check ==========[/color:271cfb05af] [2011/04/19 15:05:50 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\com.w3i.FlipToast [2011/11/14 20:58:30 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\DAEMON Tools Lite [2011/03/19 00:41:25 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\FinalTorrent [2011/11/01 13:27:11 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\HTC [2011/10/25 17:31:47 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2011/04/18 20:39:39 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\PowerCinema [2011/04/19 15:05:02 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\RegistryKeys [2012/05/21 18:25:25 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\SoftGrid Client [2012/05/15 14:39:33 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\Spotify [2012/05/20 12:39:46 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\SystemRequirementsLab [2011/03/16 19:45:13 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\TP [2011/03/18 19:15:14 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\WhiteSmoke [2011/06/09 19:00:39 | 000,000,000 | ---D | M] -- C:\Users\Jordy\AppData\Roaming\Windows Live Writer [2012/05/23 20:12:53 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\FinalTorrent Update Checker.job [color=#E56717:271cfb05af]========== Purity Check ==========[/color:271cfb05af] [color=#E56717:271cfb05af]========== Alternate Data Streams ==========[/color:271cfb05af] @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:4D066AD2 @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D < End of report > OTL Extras logfile created on: 5/23/2012 8:57:01 PM - Run 1 OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Jordy\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3.86 Gb Total Physical Memory | 2.27 Gb Available Physical Memory | 58.80% Memory free 7.71 Gb Paging File | 5.92 Gb Available in Paging File | 76.74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581.07 Gb Total Space | 464.75 Gb Free Space | 79.98% Space Free | Partition Type: NTFS Computer Name: JORDY-PC | User Name: Jordy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:271cfb05af]========== Extra Registry (SafeList) ==========[/color:271cfb05af] [color=#E56717:271cfb05af]========== File Associations ==========[/color:271cfb05af] [b:271cfb05af]64bit:[/b:271cfb05af] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .bat [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .cmd [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .cpl [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .hta [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .inf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .ini [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .url [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .js [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .jse [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .pif [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .reg [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .txt [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .vbe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .vbs [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .wsf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .wsh [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found [color=#E56717:271cfb05af]========== Shell Spawning ==========[/color:271cfb05af] [b:271cfb05af]64bit:[/b:271cfb05af] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- Reg Error: Key error. batfile [open] -- Reg Error: Key error. batfile [print] -- Reg Error: Key error. chm.file [open] -- Reg Error: Key error. cmdfile [edit] -- Reg Error: Key error. cmdfile [open] -- Reg Error: Key error. cmdfile [print] -- Reg Error: Key error. comfile [open] -- Reg Error: Key error. cplfile [cplopen] -- Reg Error: Key error. exefile [open] -- Reg Error: Key error. helpfile [open] -- Reg Error: Key error. hlpfile [open] -- Reg Error: Key error. htafile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- Reg Error: Key error. htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- Reg Error: Key error. http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- Reg Error: Key error. inffile [open] -- Reg Error: Key error. inffile [print] -- Reg Error: Key error. inifile [open] -- Reg Error: Key error. inifile [print] -- Reg Error: Key error. InternetShortcut [open] -- Reg Error: Key error. InternetShortcut [print] -- Reg Error: Key error. jsfile [edit] -- Reg Error: Key error. jsfile [open] -- Reg Error: Key error. jsfile [print] -- Reg Error: Key error. jsefile [edit] -- Reg Error: Key error. jsefile [open] -- Reg Error: Key error. jsefile [print] -- Reg Error: Key error. piffile [open] -- Reg Error: Key error. regfile [edit] -- Reg Error: Key error. regfile [open] -- Reg Error: Key error. regfile [merge] -- Reg Error: Key error. regfile [print] -- Reg Error: Key error. scrfile [config] -- Reg Error: Key error. scrfile [install] -- Reg Error: Key error. scrfile [open] -- Reg Error: Key error. txtfile [edit] -- Reg Error: Key error. txtfile [open] -- Reg Error: Key error. txtfile [print] -- Reg Error: Key error. txtfile [printto] -- Reg Error: Key error. vbefile [edit] -- Reg Error: Key error. vbefile [open] -- Reg Error: Key error. vbefile [print] -- Reg Error: Key error. vbsfile [edit] -- Reg Error: Key error. vbsfile [open] -- Reg Error: Key error. vbsfile [print] -- Reg Error: Key error. wsffile [edit] -- Reg Error: Key error. wsffile [open] -- Reg Error: Key error. wsffile [print] -- Reg Error: Key error. wshfile [open] -- Reg Error: Key error. Unknown [openas] -- Reg Error: Key error. Folder [open] -- Reg Error: Key error. Folder [explore] -- Reg Error: Key error. Drive [find] -- Reg Error: Key error. Applications\iexplore.exe [open] -- Reg Error: Key error. [color=#E56717:271cfb05af]========== Security Center Settings ==========[/color:271cfb05af] [b:271cfb05af]64bit:[/b:271cfb05af] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [b:271cfb05af]64bit:[/b:271cfb05af] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b:271cfb05af]64bit:[/b:271cfb05af] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b:271cfb05af]64bit:[/b:271cfb05af] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717:271cfb05af]========== System Restore Settings ==========[/color:271cfb05af] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717:271cfb05af]========== Firewall Settings ==========[/color:271cfb05af] [b:271cfb05af]64bit:[/b:271cfb05af] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b:271cfb05af]64bit:[/b:271cfb05af] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b:271cfb05af]64bit:[/b:271cfb05af] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717:271cfb05af]========== Authorized Applications List ==========[/color:271cfb05af] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717:271cfb05af]========== Vista Active Open Ports Exception List ==========[/color:271cfb05af] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00C79957-20B9-44B5-8440-66CAB005F0B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{05FB11B8-0A7E-4CE0-8B69-5578757DED16}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{09831E0B-A013-4A95-8961-3DE7AE5C3D5A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{0AE0C594-B7EC-492E-9BDF-0954F4385E71}" = lport=139 | protocol=6 | dir=in | app=system | "{13AF11F9-5A4C-4B16-85FD-2202A956D47C}" = lport=10243 | protocol=6 | dir=in | app=system | "{17344F56-C4AD-4E66-A4E0-93EF51B3EF56}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{1DB82160-49E7-44B3-B1DD-FBD5256A52B1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{202E6B45-9084-41DA-B91C-EB72F53F17F5}" = rport=138 | protocol=17 | dir=out | app=system | "{316035C6-FA04-4CDD-8415-564B44B717D8}" = lport=138 | protocol=17 | dir=in | app=system | "{39D8368D-D7F2-405B-9FF4-ADEFAECF25C5}" = lport=137 | protocol=17 | dir=in | app=system | "{3AD4787D-426D-493A-960F-83838A79CD9C}" = lport=445 | protocol=6 | dir=in | app=system | "{527ECF6F-AE43-422B-BF0C-94BECDAAC29E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{67D55EB3-06CD-4179-9629-655CA4AE887A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6D327779-91F6-4C41-B285-6D6154427B58}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BD2B2049-A08D-4AA2-AE85-EADF0183D882}" = rport=445 | protocol=6 | dir=out | app=system | "{BF4EF355-CD20-4166-B7E2-8662EFF29D30}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C210EBA3-9AEE-43E9-9BEB-1AFFA388E203}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C5C62038-657A-4A38-B961-9B2D31D137D5}" = rport=137 | protocol=17 | dir=out | app=system | "{C9CDC2BC-378B-4174-AB99-527C5A2D1960}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D434F023-D635-4966-B156-601316D4F2A9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E69032D9-7911-4F35-8241-D163312D8E19}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F28A7C3B-90FF-4E75-B9F3-BB65861A770B}" = rport=139 | protocol=6 | dir=out | app=system | "{F3956E52-24CD-4924-8A43-2421A53AEA71}" = lport=2869 | protocol=6 | dir=in | app=system | "{F9E7C779-15CA-4F22-B144-3BC7F9130F58}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{FABAD750-BB88-42AE-B575-1E3BD42A948F}" = rport=10243 | protocol=6 | dir=out | app=system | "{FBFAB750-44E8-47BD-A3C8-288986133808}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | [color=#E56717:271cfb05af]========== Vista Active Application Exception List ==========[/color:271cfb05af] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0CF37AD0-C727-42F9-8CC4-7C181803C7BA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{0E772C5E-FC2C-492D-B5E4-CEC5C4A21C95}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | "{24159907-9B96-4EB2-BEF0-30B9F929B34C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{27BADE41-2482-478B-B151-B4F9992CC7BF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{31587243-00BF-4472-A89A-F7BFEDB3E668}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{31F4377E-41A2-4DE8-8C02-85877147E55F}" = protocol=6 | dir=out | app=system | "{3AABDC20-7255-470E-A263-BE010481F8B0}" = dir=in | app=c:\program files (x86)\finaltorrent\finaltorrent.exe | "{423236C1-F4A5-4647-8580-83F5875
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Je hebt een Acer. Dus de Windows in die PC van jouw zit volgestopt met Acer crapware, waarvan het overgrote deel nutteloos aktieve processen in Windows zet. Wat je kan doen is het volgende: Behalve E-Powermanagent en E-Recovery mag je de rest van alle Acer software via Start\Configuratiescherm\Programma's en onderdelen verwijderen. Daarna herstart jij de PC en laat je weten hoeveel processen er dan nog over zijn.
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Processen: 90 (was trouwens 82, voordat ik internet opstartte) Processorgebruik: 0% Fysiek geheugen: 40% P.s. bij de bestanden van Acer die ik heb verwijderd zag ik ook een hele lijst met bestanden van Oberon Media staan. Volgens mij is dat ook allemaal onzin van Acer, maar heb geprobeerd ze te verwijderen maar dat wou op de één of andere manier niet lukken.
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Processen is nog steeds hoog hoor. Maar we gaan kijken waar dat Oberon Media precies zit! [b:2f1d03b3bc]Welk programma[/b:2f1d03b3bc]: Zoek.exe [b:2f1d03b3bc]Waarvoor/waarom[/b:2f1d03b3bc]: multifunktioneel tool [b:2f1d03b3bc]Moeilijkheidsgraad[/b:2f1d03b3bc]: geen. [b:2f1d03b3bc]Download[/b:2f1d03b3bc]: [url=http://home.kpn.nl/stefsmeenk/zoek.exe][b:2f1d03b3bc]zoek.exe[/b:2f1d03b3bc][/url] [b:2f1d03b3bc]"Zoek.exe" gebruiken[/b:2f1d03b3bc]: [list:2f1d03b3bc][*:2f1d03b3bc] [b:2f1d03b3bc][color=#0000FF:2f1d03b3bc]Sluit nu eerst alle nog openstaande programmavensters![/color:2f1d03b3bc][/b:2f1d03b3bc] [*:2f1d03b3bc]Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe ([url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608][b:2f1d03b3bc][color=#0000FF:2f1d03b3bc]hier[/color:2f1d03b3bc][/b:2f1d03b3bc][/url] of [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607][color=#0000FF:2f1d03b3bc][b:2f1d03b3bc]hier[/b:2f1d03b3bc][/color:2f1d03b3bc][/url]) kan je lezen hoe je dat doet. [list:2f1d03b3bc][*:2f1d03b3bc][b:2f1d03b3bc][color=#0000FF:2f1d03b3bc]Windows 2000[/color:2f1d03b3bc][/b:2f1d03b3bc] en [color=#0000FF:2f1d03b3bc][b:2f1d03b3bc]Windows XP[/b:2f1d03b3bc][/color:2f1d03b3bc]: start het tool middels dubbelklik op "[i:2f1d03b3bc]Zoek.exe[/i:2f1d03b3bc]". [*:2f1d03b3bc][color=#0000FF:2f1d03b3bc][b:2f1d03b3bc]Windows Vista[/b:2f1d03b3bc][/color:2f1d03b3bc] en [color=#0000FF:2f1d03b3bc][b:2f1d03b3bc]Windows 7[/b:2f1d03b3bc][/color:2f1d03b3bc]: start het tool middels rechtsklik op "[i:2f1d03b3bc]Zoek.exe[/i:2f1d03b3bc]" en dan kiezen voor [i:2f1d03b3bc][b:2f1d03b3bc]Als Administrator uitvoeren[/b:2f1d03b3bc][/i:2f1d03b3bc].[/list:u:2f1d03b3bc] [*:2f1d03b3bc]Vervolgens zal er een nieuw venster openen. [*:2f1d03b3bc]Met je muis selecteer je nu de volgende keuze "[b:2f1d03b3bc][color=#0000FF:2f1d03b3bc]Custom search[/color:2f1d03b3bc][/b:2f1d03b3bc]"(2e keuzerondje onder het invulvenster) [*:2f1d03b3bc]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege invulvenster [b:2f1d03b3bc][color=#0000FF:2f1d03b3bc] Oberon Media; [/color:2f1d03b3bc][/b:2f1d03b3bc] [*:2f1d03b3bc]Klik nu op de knop "[b:2f1d03b3bc][color=#0000FF:2f1d03b3bc]Run script[/color:2f1d03b3bc][/b:2f1d03b3bc]". [*:2f1d03b3bc]Wacht vervolgens geduldig af tot er een logje opent. [*:2f1d03b3bc]Post dan de inhoud van het geopende logje in het volgende bericht.[/list:u:2f1d03b3bc]
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Het is niet veel, maar hier de resultaten van het logje: Zoek.exe Version 3.0.0.2 Updated 15-05-2012 Tool run by Jordy on wo 23-05-2012 at 22:25:54,48. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running from: C:\Users\Jordy\Downloads\zoek.exe ==== Folders Found ====================== ==== Files Found ======================
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
We gaan even wat anders doen: [b:1ccdb4047b]Welk programma[/b:1ccdb4047b]: Trend Micro [b:1ccdb4047b]Hijack This Versie 2.0.4[/b:1ccdb4047b] [b:1ccdb4047b]Waarvoor/waarom[/b:1ccdb4047b]: maakt een duidelijk overzicht van Windows door middel van een scan. [b:1ccdb4047b]Moeilijkheidsgraad[/b:1ccdb4047b]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven. [b:1ccdb4047b]Download[/b:1ccdb4047b] de [url=http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi][b:1ccdb4047b]HijackThis Installer[/b:1ccdb4047b][/url] [b:1ccdb4047b]Installatie[/b:1ccdb4047b]: [list:1ccdb4047b][*:1ccdb4047b]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:1ccdb4047b] Gebruikers van [b:1ccdb4047b]Windows Vista[/b:1ccdb4047b] en [b:1ccdb4047b]Windows 7[/b:1ccdb4047b] gaan daarna naar de installatielokatie van HijackThis. [list:1ccdb4047b][*:1ccdb4047b]Vervolgens met rechts hijackthis.exe aanklikken en dan Eigenschappen kiezen. [*:1ccdb4047b]Klik nu op de tab Comptabiliteit en zet dan een vinkje bij Als Administrator uitvoeren. [*:1ccdb4047b]Als laatste wordt dan nog op [b:1ccdb4047b]Toepassen[/b:1ccdb4047b] en [b:1ccdb4047b]OK[/b:1ccdb4047b] geklikt[/list:u:1ccdb4047b] [b:1ccdb4047b]Hijack This gebruiken[/b:1ccdb4047b]: [list:1ccdb4047b][*:1ccdb4047b]Sluit eerst alle openstaande programma's en de webbrowsers. [*:1ccdb4047b]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile' [list:1ccdb4047b][*:1ccdb4047b]Start HijackThis op met het scanvenster, klik dan eerst op de knop 'Main Menu'[/list:u:1ccdb4047b] [*:1ccdb4047b]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'. [*:1ccdb4047b]Kopieer en plak de inhoud van het Hijack This-logfile in je volgende bericht. [*:1ccdb4047b]Hierna mag je Hijack This weer sluiten[/list:u:1ccdb4047b]
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Hier het logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:46:03, on 23-5-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1" O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Jordy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-21-1781743323-2443383540-730848164-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1781743323-2443383540-730848164-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1781743323-2443383540-730848164-1000\..\RunOnce: [spchecker] "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1781743323-2443383540-730848164-1000\..\RunOnce: [AVG search provider] "C:\Program Files (x86)\AVG\AVG10\SearchProvider.exe" /AFTERINST (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} (IBM Lotus iNotes 8.5 Control) - https://webmail.saxion.nl/dwa85W.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file) O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file) O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASP.NET-statusservice (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11887 bytes
Link naar reactie
  • 0
anoniem Nieuwkomer

anoniem

Geplaatst:
  • Auteur
Geplaatst:
Je hebt het prima gedaan hoor. Je gaat naar [b:4b5bb23fc1]Uitvoeren[/b:4b5bb23fc1] Uitvoeren kan ook gestart worden door gelijktijdig de "Windowstoets + R-toets" in te drukken. De opdracht luidt: [b:4b5bb23fc1][color=blue:4b5bb23fc1]msconfig[/color:4b5bb23fc1][/b:4b5bb23fc1] In het nieuwe venster [b:4b5bb23fc1]Systeemconfiguratie[/b:4b5bb23fc1] klik je op de tab [b:4b5bb23fc1]Opstarten[/b:4b5bb23fc1]. Hieronder staat een lijst van tools die opstarten, maar die je mag uitvinken: [b:4b5bb23fc1]IAStorIcon SuiteTray EgisTecPMMUpdate EgisUpdate Adobe Reader Speed Launcher MDS_Menu ArcadeMovieService Spotify Web Helper[/b:4b5bb23fc1] Klik daarna op de knoppen [b:4b5bb23fc1]Toepassen[/b:4b5bb23fc1] en [b:4b5bb23fc1]OK[/b:4b5bb23fc1]. In het nieuwe vensterje klik je vervolgens op [b:4b5bb23fc1]Nu opnieuw opstarten[/b:4b5bb23fc1]
Link naar reactie

Om een reactie te plaatsen, moet je eerst inloggen

Gast
Antwoord op deze vraag...

×   Geplakt als verrijkte tekst.   Herstel opmaak

  Er zijn maximaal 75 emoji toegestaan.

×   Je link werd automatisch ingevoegd.   Tonen als normale link

×   Je vorige inhoud werd hersteld.   Leeg de tekstverwerker

×   Je kunt afbeeldingen niet direct plakken. Upload of voeg afbeeldingen vanaf een URL in

×
Ga naar vragenoverzicht
×
×
  • Nieuwe aanmaken...