Ga naar inhoud

iqrl_not_less_or_equal

monis71

Door monis71
in Archief Windows Algemeen

 Delen

Aanbevolen berichten

monis71 Verkenner

monis71

Geplaatst:
Geplaatst:

Hey allemaal ik heb sinds vandaag mijn pc weer aan de praat gekregen en ik zit nu met een probleempje, want ik heb nu regelmatig blue screens. net twee gehad.

hier zijn mijn parameters en bluescreens

1ste

bug check string

DRIVER_IRQL_NOT_LESS_OR_EQUAL

bug check code

0x000000d1

caused by driver

ndis.sys

Parameter 1

0x00000008

parameter 2

0x00000002

parameter 3

0x00000001

parameter 4

0x88c9c796

2de

bug check string

DRIVER_IRQL_NOT_LESS_OR_EQUAL

bug check code

0x000000d1

caused by driver

ndis.sys

Parameter 1

0x00000008

parameter 2

0x00000002

parameter 3

0x00000001

parameter 4

0x88c9c796

post-47117-1417705650,5395_thumb.jpg

Link naar reactie
Delen op andere sites
  • Reacties 28
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Geplaatste afbeeldingen

monis71 Verkenner

monis71

Geplaatst:
  • Auteur
Geplaatst: (aangepast)

Oke. Excuses voor de onduidelijkheid.

In het begin had ik problemen met traagheid van mijn pc het opstarten duurde echt heel lang en ik had al verschilldende acties ondernomen ik heb het geprobeer met ccleaner maar dat hielp nauwelijks, ook heb ik de pc nog gescand maar die had niks kunnen vinden [misschien 5,6 virussen] maar dit hielp ook niet langzamerhand werd ik gefrustreerd en had toen alle opstartprogrammas uitgezet [wat natuurlijk niet slim is]

ik heb nu ook alle opstart programmas geselecteerd en start nu gedownloade programma's handmatig op [als hij opgestart is]

een paar dagen later kon mijn PC totaal niet opstarten mijn monitor detecteerde de pc niet. Ik heb hiervoor informatie op het internet opgezocht en het bleek dus dat ik de grafische kaart er even opnieuw in moest doen. Dit hielp en nu kan hij weer normaal starten.

Ik heb nu net ook nog een schijfopruiming gedaan en hiermee ook 32GB aan troep kunnen verwijderen dit is toen wel geholpen en de opstarttijd is wel iets sneller.

Hopelijk is dit specifiek genoeg

aangepast door monis71
Link naar reactie
Delen op andere sites
clarkie Grootmeester

clarkie

Geplaatst:
Geplaatst:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites
monis71 Verkenner

monis71

Geplaatst:
  • Auteur
Geplaatst: (aangepast)

Logfile of random's system information tool 1.09 (written by random/random)

Run by Simon at 2014-01-18 14:25:54

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 226 GB (47%) free of 477 GB

Total RAM: 2047 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:26:08, on 18-1-2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16514)

Boot mode: Normal

Running processes:

C:\Windows\Explorer.EXE

C:\Windows\system32\Dwm.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\BitTorrent\BitTorrent.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Users\Simon\AppData\Roaming\Spotify\spotify.exe

C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

C:\Users\Simon\Downloads\RSIT(1).exe

C:\Program Files\trend micro\Simon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-results.info/?pid=320&r=2013/03/06&hid=563872393&lg=EN&cc=NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O1 - Hosts: ::1 localhost

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [spotify] "C:\Users\Simon\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: c:\progra~1\vaudix\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe

O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--

End of file - 7808 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\avast! Emergency Update.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf1307a9570093.job

C:\Windows\tasks\ROC_JAN2013_TB_rmv.job

C:\Windows\tasks\User_Feed_Synchronization-{9287C0DC-1146-4FBD-B357-2A7B86CF276B}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fzplg2hz.default-1389980085299

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.3.300.268 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]

"Description"=Nexon Game Controller

"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]

"Description"=NVIDIA stereo images plugin for Mozilla browsers

"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]

"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers

"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]

"Description"=This plugin detects and launches Pando Media Booster

"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-17 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-16 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-17 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-16 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-16 3764024]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []

"BitTorrent"=C:\Program Files\BitTorrent\BitTorrent.exe [2012-10-25 1398680]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]

"Spotify"=C:\Users\Simon\AppData\Roaming\Spotify\spotify.exe [2014-01-17 6118400]

"Spotify Web Helper"=C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-17 1171968]

"Akamai NetSession Interface"=C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\progra~1\vaudix\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"VIDC.I420"=lvcodec2.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"VIDC.XFR1"=xfcodec.dll

"MSVideo"=vfwwdm32.dll

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

.scr - open - C:\Windows\system32\notepad.exe "%1"

.scr - install -

.scr - config -

======List of files/folders created in the last 1 month======

2014-01-18 14:25:54 ----D---- C:\rsit

2014-01-18 14:25:54 ----D---- C:\Program Files\trend micro

2014-01-17 19:33:29 ----ASH---- C:\pagefile.sys

2014-01-17 18:44:21 ----D---- C:\Nexon

2014-01-17 18:29:50 ----D---- C:\Program Files\Mozilla Maintenance Service

2014-01-17 18:12:42 ----D---- C:\Program Files\Wajam

2014-01-17 15:15:59 ----D---- C:\ProgramData\Oracle

2014-01-17 15:15:53 ----D---- C:\Program Files\Common Files\Java

2014-01-17 15:15:13 ----A---- C:\Windows\system32\javaws.exe

2014-01-17 15:15:03 ----A---- C:\Windows\system32\WindowsAccessBridge.dll

2014-01-17 15:15:03 ----A---- C:\Windows\system32\javaw.exe

2014-01-17 15:15:03 ----A---- C:\Windows\system32\java.exe

2014-01-17 15:14:30 ----D---- C:\Program Files\Java

2014-01-16 23:49:01 ----A---- C:\Windows\system32\win32k.sys

2014-01-16 22:46:24 ----A---- C:\Windows\system32\drivers\aswKbd.sys

2014-01-16 22:46:21 ----A---- C:\Windows\system32\drivers\aswNdis2.sys

2014-01-16 22:42:22 ----A---- C:\Windows\system32\drivers\aswNdis.sys

2014-01-16 22:19:09 ----D---- C:\Users\Simon\AppData\Roaming\AVAST Software

2014-01-16 22:10:33 ----A---- C:\Windows\system32\drivers\aswTdi.sys

2014-01-16 22:10:27 ----A---- C:\Windows\system32\drivers\aswVmm.sys

2014-01-16 22:10:21 ----A---- C:\Windows\system32\drivers\aswSnx.sys

2014-01-16 22:10:17 ----A---- C:\Windows\system32\drivers\aswSP.sys

2014-01-16 22:10:14 ----A---- C:\Windows\system32\drivers\aswRvrt.sys

2014-01-16 22:10:10 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys

2014-01-16 22:10:08 ----A---- C:\Windows\system32\drivers\aswRdr.sys

2014-01-16 22:09:43 ----A---- C:\Windows\system32\aswBoot.exe

2014-01-16 22:09:17 ----A---- C:\Windows\avastSS.scr

2014-01-16 22:03:11 ----D---- C:\Program Files\AVAST Software

2014-01-16 22:01:42 ----A---- C:\Windows\system32\vbscript.dll

2014-01-16 22:01:42 ----A---- C:\Windows\system32\mshtmled.dll

2014-01-16 22:01:41 ----A---- C:\Windows\system32\wininet.dll

2014-01-16 22:01:41 ----A---- C:\Windows\system32\msfeeds.dll

2014-01-16 22:01:41 ----A---- C:\Windows\system32\jsproxy.dll

2014-01-16 22:01:41 ----A---- C:\Windows\system32\ieUnatt.exe

2014-01-16 22:01:41 ----A---- C:\Windows\system32\ieui.dll

2014-01-16 22:01:40 ----A---- C:\Windows\system32\url.dll

2014-01-16 22:01:40 ----A---- C:\Windows\system32\jscript9.dll

2014-01-16 22:01:40 ----A---- C:\Windows\system32\jscript.dll

2014-01-16 22:01:40 ----A---- C:\Windows\system32\iertutil.dll

2014-01-16 22:01:39 ----A---- C:\Windows\system32\urlmon.dll

2014-01-16 22:01:39 ----A---- C:\Windows\system32\mshtml.dll

2014-01-16 22:01:36 ----A---- C:\Windows\system32\ieframe.dll

2014-01-16 21:57:53 ----D---- C:\ProgramData\AVAST Software

2014-01-16 21:57:28 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2014-01-16 21:57:27 ----A---- C:\Windows\system32\cdd.dll

2014-01-16 21:57:22 ----A---- C:\Windows\system32\FntCache.dll

2014-01-16 21:57:22 ----A---- C:\Windows\system32\DWrite.dll

2014-01-16 21:57:22 ----A---- C:\Windows\system32\d3d10warp.dll

2014-01-16 21:57:22 ----A---- C:\Windows\system32\d3d10level9.dll

2014-01-16 21:57:22 ----A---- C:\Windows\system32\d3d10_1core.dll

2014-01-16 21:57:22 ----A---- C:\Windows\system32\d2d1.dll

2014-01-16 21:57:21 ----A---- C:\Windows\system32\d3d10core.dll

2014-01-16 21:57:21 ----A---- C:\Windows\system32\d3d10_1.dll

2014-01-16 21:57:21 ----A---- C:\Windows\system32\d3d10.dll

======List of files/folders modified in the last 1 month======

2014-01-18 14:26:09 ----SHD---- C:\System Volume Information

2014-01-18 14:25:54 ----RD---- C:\Program Files

2014-01-18 14:25:37 ----D---- C:\Windows\Temp

2014-01-18 14:23:13 ----D---- C:\Users\Simon\AppData\Roaming\Skype

2014-01-18 14:22:45 ----D---- C:\Users\Simon\AppData\Roaming\Spotify

2014-01-18 14:21:24 ----D---- C:\Users\Simon\AppData\Roaming\BitTorrent

2014-01-18 14:17:55 ----D---- C:\ProgramData\NVIDIA

2014-01-18 14:17:37 ----D---- C:\Windows\Minidump

2014-01-18 14:17:21 ----D---- C:\Windows

2014-01-17 19:48:51 ----SHD---- C:\Windows\Installer

2014-01-17 19:48:50 ----HD---- C:\Config.Msi

2014-01-17 19:48:00 ----D---- C:\Program Files\Google

2014-01-17 18:30:02 ----D---- C:\Program Files\Mozilla Firefox

2014-01-17 18:22:16 ----D---- C:\Windows\System32

2014-01-17 18:22:16 ----D---- C:\Windows\inf

2014-01-17 18:22:16 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-01-17 18:03:57 ----D---- C:\Windows\system32\WDI

2014-01-17 17:53:11 ----RSD---- C:\Windows\assembly

2014-01-17 17:51:07 ----D---- C:\Windows\Microsoft.NET

2014-01-17 17:45:56 ----D---- C:\Windows\Debug

2014-01-17 16:34:27 ----D---- C:\Windows\system32\catroot2

2014-01-17 16:30:40 ----D---- C:\ProgramData\Skype

2014-01-17 16:30:30 ----RD---- C:\Program Files\Skype

2014-01-17 16:21:25 ----D---- C:\Windows\system32\drivers

2014-01-17 16:21:16 ----HD---- C:\ProgramData

2014-01-17 16:06:04 ----D---- C:\Windows\winsxs

2014-01-17 16:05:17 ----D---- C:\ProgramData\Microsoft Help

2014-01-17 15:54:07 ----D---- C:\Program Files\Microsoft Silverlight

2014-01-17 15:24:53 ----D---- C:\Program Files\Common Files

2014-01-17 15:22:44 ----D---- C:\Windows\system32\MRT

2014-01-17 15:22:32 ----D---- C:\Program Files\Nero

2014-01-17 15:12:55 ----D---- C:\ProgramData\MFAData

2014-01-17 15:01:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2014-01-17 00:22:35 ----D---- C:\Windows\system32\migration

2014-01-17 00:22:35 ----D---- C:\Program Files\Internet Explorer

2014-01-16 23:47:55 ----D---- C:\Windows\system32\catroot

2014-01-16 23:09:46 ----D---- C:\Windows\Tasks

2014-01-16 21:43:15 ----D---- C:\Windows\pss

2014-01-06 16:20:08 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2014-01-16 12112]

R0 aswNdis2;avast! Firewall NDIS Driver; C:\Windows\system32\drivers\aswNdis2.sys [2014-01-16 252336]

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-16 49944]

R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-16 180248]

R1 aswKbd;aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [2014-01-16 26136]

R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr.sys [2014-01-16 54832]

R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-16 775952]

R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-16 410528]

R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2014-01-16 57672]

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-16 67824]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-26 8939296]

R3 rt61x86;Ralink RT61 Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr61.sys [2007-05-11 357376]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]

S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]

S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2009-04-30 2687512]

S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-18 9216]

S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]

R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-16 50344]

R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-01-16 113704]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]

R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2008-01-18 21504]

R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-18 21504]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2013-06-24 75136]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-18 21504]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-05 116648]

S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-17 257928]

S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-09-30 1044816]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-05 116648]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]

S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

aangepast door kape
dubbellog verwijderd
Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0};c
 {F274614C-63F8-47D5-A4D1-FBDDE494F8D1};c
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}];r
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r
 "AppInit_DLLs"=-;r
 C:\Program Files\Wajam;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites
monis71 Verkenner

monis71

Geplaatst:
  • Auteur
Geplaatst:

Zoek.exe v5.0.0.0 Updated 18-Januari-2014

Tool run by Simon on za 18-01-2014 at 16:35:15,52.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Simon\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

18-1-2014 16:37:47 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Hewlett-Packard deleted successfully

C:\Program Files\MSXML 4.0 deleted successfully

C:\Program Files\World_of_Tanks deleted successfully

C:\ProgramData\HPSSUPPLY deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\Users\Simon\AppData\Roaming\PerformerSoft deleted successfully

C:\Windows\serviceprofiles\Localservice\AppData\Roaming\Xfire deleted successfully

C:\Users\Simon\AppData\Local\Avg2013 deleted successfully

C:\Users\Simon\AppData\Local\LogiShrd deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3778264253-1432092012-1002964992-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully

HKEY_USERS\S-1-5-21-3778264253-1432092012-1002964992-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_18-01-2014_1644_.backup

ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fzplg2hz.default-1389980085299

user.js not found

---- Lines wajam modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"c:\\\\

---- FireFox user.js and prefs.js backups ----

prefs_18-01-2014_1644_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\Program Files\Wajam deleted

C:\Program Files\Mozilla Firefox\user.js deleted

C:\ProgramData\SearceH--NewTab deleted

C:\ProgramData\SoftSafe deleted

C:\ProgramData\IBUpdaterService deleted

C:\ProgramData\InstallMate deleted

C:\Users\Simon\AppData\Local\Wajam deleted

C:\Users\Simon\AppData\Local\cache deleted

C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam deleted

C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted

C:\Windows\tasks\ROC_JAN2013_TB_rmv.job deleted

C:\end deleted

C:\Windows\system32\roboot.exe deleted

C:\Users\Simon\Downloads\VaudiX.exe deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2014-01-17 17:06:16 4B0B1250C5A09EEF4B299478A0567579 252758863 ----a-w- C:\Windows\MEMORY.DMP

2014-01-16 21:09:17 4D5FD79A075B9BD9ACEFD6FAA753318A 43152 ----a-w- C:\Windows\avastSS.scr

====== C:\Users\Simon\AppData\Local\Temp ====

2014-01-17 17:40:03 9FD3CEFFEC3C5CB701AB301028014D78 319488 ----a-w- C:\Users\Simon\AppData\Local\Temp\NGMResource.dll

2014-01-17 17:40:02 0AF2FC1A37EFDD0E3F5493B43B97026C 911256 ----a-w- C:\Users\Simon\AppData\Local\Temp\NGMDll.dll

2014-01-17 17:12:24 F9005FA4D997A635233B7C378BFA74DC 941936 ----a-w- C:\Users\Simon\AppData\Local\Temp\Wajam\tmp\1\wajam_install.exe

2014-01-17 16:07:15 F8D176DB5B14AED7C9B25E0640226BD1 258352 ----a-w- C:\Users\Simon\AppData\Local\Temp\unicows.dll

2014-01-17 16:06:32 F087FB796852B34B92E793C853273676 3567616 ----a-w- C:\Users\Simon\AppData\Local\Temp\NGMSetup.exe

2014-01-17 14:39:37 38C870D739E52FC4E1AA1AB61D8A1D36 16339456 ----a-w- C:\Users\Simon\AppData\Local\Temp\RarSFX0\installer_msi_win.msi

====== Java Cache =====

====== C:\Windows\system32 =====

2014-01-18 13:26:37 C2E35F6FCBD5B4DB2B52B32D1153EC04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2014-01-18 13:26:37 ADB9477A9C95C79FDF5DC214225603B0 420864 ----a-w- C:\Windows\System32\vbscript.dll

2014-01-18 13:26:37 2429485305BCCFB1014B19BFB512E8F9 73216 ----a-w- C:\Windows\System32\mshtmled.dll

2014-01-18 13:26:35 E8F37AF4D09972684D9EE1786901F540 176640 ----a-w- C:\Windows\System32\ieui.dll

2014-01-18 13:26:34 822E4743E61687933629AE3A8DECABC2 65024 ----a-w- C:\Windows\System32\jsproxy.dll

2014-01-18 13:26:33 A0C6AFE2C9C74573F5C0776CDE1128B1 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-01-18 13:26:33 36E4D129029784EE37A2C14393B6A4E8 607744 ----a-w- C:\Windows\System32\msfeeds.dll

2014-01-18 13:26:32 C05A60DB2ED385E9BB5CF7AE773A3D9B 717824 ----a-w- C:\Windows\System32\jscript.dll

2014-01-18 13:26:32 4CC9DF09C3D915BA0A101A11DB684F26 1129472 ----a-w- C:\Windows\System32\wininet.dll

2014-01-18 13:26:31 BDA52464C16707EAA513C8A2920ACE1F 231936 ----a-w- C:\Windows\System32\url.dll

2014-01-18 13:26:31 795202EFA9ED73F99C96235C1DC6A1AC 1806848 ----a-w- C:\Windows\System32\jscript9.dll

2014-01-18 13:26:30 B787EE3F327ABAC1EC47313B3A673598 1796096 ----a-w- C:\Windows\System32\iertutil.dll

2014-01-18 13:26:28 5AAFA41F2A09D68F43741EF13937650A 1105408 ----a-w- C:\Windows\System32\urlmon.dll

2014-01-18 13:26:28 06FDA396980A0157469A334E1BFEAF17 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-01-18 13:26:27 C89906FA43A58FD4CFC7EA06D885A597 12344320 ----a-w- C:\Windows\System32\mshtml.dll

2014-01-18 13:26:23 B231416DD7569B5C16F2DD2D2D64BB5A 9739264 ----a-w- C:\Windows\System32\ieframe.dll

2014-01-17 14:15:13 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\System32\javaws.exe

2014-01-17 14:15:03 FD80D0AE205EC54D1A204DDBD6B766DA 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll

2014-01-17 14:15:03 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\System32\javaw.exe

2014-01-17 14:15:03 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\System32\java.exe

2014-01-16 22:49:01 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys

2014-01-16 22:48:59 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe

2014-01-16 22:48:59 2497FD012104DFF64BF01DA98ECF6F75 131072 ----a-w- C:\Windows\System32\wshom.ocx

2014-01-16 22:48:59 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe

2014-01-16 22:48:58 F9D5C623E913CDAA198ECF0E6D2AA54A 36864 ----a-w- C:\Windows\System32\wshcon.dll

2014-01-16 22:48:58 DDEA43CDF00D6987F633F80AE4B7F2CE 172032 ----a-w- C:\Windows\System32\scrrun.dll

2014-01-16 22:48:55 57390AF2F8939AB038FC4A5D10B50D52 335360 ----a-w- C:\Windows\System32\SysFxUI.dll

2014-01-16 22:48:49 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll

2014-01-16 22:48:36 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll

2014-01-16 22:47:44 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL

2014-01-16 22:47:43 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2014-01-16 22:47:43 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF

2014-01-16 22:46:47 09EA40F4DAD2EDB3587E5E0BAA9C3E15 158208 ----a-w- C:\Windows\System32\imagehlp.dll

2014-01-16 21:09:43 A46118A8987612525FC548AE33222DE4 270240 ----a-w- C:\Windows\System32\aswBoot.exe

2014-01-16 20:57:27 D6F0260D9051C0B60998F4CDBE9B2CC6 37376 ----a-w- C:\Windows\System32\cdd.dll

2014-01-16 20:57:22 F64812456BD11244322F0B0F1B236841 486400 ----a-w- C:\Windows\System32\d3d10level9.dll

2014-01-16 20:57:22 E828C391BB999BD85C15DA20B51CDF9C 683008 ----a-w- C:\Windows\System32\d2d1.dll

2014-01-16 20:57:22 9BD443B52350D2784544B637F103EBCF 1069056 ----a-w- C:\Windows\System32\DWrite.dll

2014-01-16 20:57:22 52673DCDFA7687EABC0C779894D0F4FF 1172480 ----a-w- C:\Windows\System32\d3d10warp.dll

2014-01-16 20:57:22 2AFA3A46986AE935DAECEBC7E66314CF 798208 ----a-w- C:\Windows\System32\FntCache.dll

2014-01-16 20:57:22 2434237DFBC70483B63A667B9573891E 219648 ----a-w- C:\Windows\System32\d3d10_1core.dll

2014-01-16 20:57:21 E0F15C8A63D2FCC40D0A6F9354DF0118 1029120 ----a-w- C:\Windows\System32\d3d10.dll

2014-01-16 20:57:21 2067598D57CCD988A88BBBDDD6EAE13D 189952 ----a-w- C:\Windows\System32\d3d10core.dll

2014-01-16 20:57:21 1D1C3BBA2191F0F5B14555757DDB729A 160768 ----a-w- C:\Windows\System32\d3d10_1.dll

2014-01-16 20:57:18 A136094368CA45BA50BF4E2703E93B82 293376 ----a-w- C:\Windows\System32\atmfd.dll

2014-01-16 20:57:17 D1F8FE7C788C437DDE311E9F0C09005E 34304 ----a-w- C:\Windows\System32\atmlib.dll

====== C:\Windows\system32\drivers =====

2014-01-16 22:48:55 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys

2014-01-16 22:48:55 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys

2014-01-16 21:46:24 0EEFB7741B46099FE1AA124F57BEEE41 26136 ----a-w- C:\Windows\System32\drivers\aswKbd.sys

2014-01-16 21:46:21 764E639C0BFCCFD0F84E2CE3FF5951BE 252336 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys

2014-01-16 21:42:22 7B948E3657BEA62E437BC46CA6EF6012 12112 ----a-w- C:\Windows\System32\drivers\aswNdis.sys

2014-01-16 21:10:33 875D2B1054F2ECD8F575D6CBE78DD7BA 57672 ----a-w- C:\Windows\System32\drivers\aswTdi.sys

2014-01-16 21:10:27 1B0662514A68C3A42E60D240C5ABEF28 180248 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2014-01-16 21:10:21 0F639D0526820BA7872C963813E0EB8D 775952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2014-01-16 21:10:17 7BA7543EA7936A7ADA615F6DE7C95494 410528 ----a-w- C:\Windows\System32\drivers\aswSP.sys

2014-01-16 21:10:14 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2014-01-16 21:10:10 6F1505608202BBD179095A6A150D103F 67824 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2014-01-16 21:10:08 B269C41DF93EFF71DF0986BD982D1C46 54832 ----a-w- C:\Windows\System32\drivers\aswRdr.sys

2014-01-16 20:57:34 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2014-01-16 20:57:28 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

====== C:\Windows\Tasks ======

2014-01-16 22:09:46 555AD80268693DECBC9382D838F167EB 1042 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf1307a9570093.job

2014-01-16 21:16:26 54334861AD7C7F10D4DEDCE94D940943 350 ---ha-w- C:\Windows\Tasks\avast! Emergency Update.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-18 13:25:54 -------- d-----w- C:\Program Files\trend micro

2014-01-17 17:29:50 -------- d-----w- C:\Program Files\Mozilla Maintenance Service

2014-01-17 14:15:53 -------- d-----w- C:\Program Files\Common Files\Java

2014-01-17 14:14:30 -------- d-----w- C:\Program Files\Java

======= C: =====

2014-01-18 15:13:17 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS

2014-01-18 15:13:17 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS

====== C:\Users\Simon\AppData\Roaming ======

2014-01-17 15:34:43 -------- d-----w- C:\Users\Simon\AppData\Local\Akamai

2014-01-17 14:12:24 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013

====== C:\Users\Simon ======

2014-01-18 13:24:47 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Simon\Downloads\RSIT(1).exe

2014-01-18 13:24:16 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Simon\Downloads\RSIT.exe

2014-01-17 18:48:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

2014-01-17 17:11:48 3A41815E8B51F2C408C90D56D6D5BF2A 930440 ----a-w- C:\Users\Simon\Downloads\cbsidlm-cbsi176-Realtek_Semiconductor_Corp_AC97_Sound_Driver_version_51005490zip-ORG-150026.exe

2014-01-17 14:37:23 83ED9EFA73B67792AA06517683D7453D 10028912 ----a-w- C:\Users\Simon\Downloads\NexonEU_Installer.exe

2014-01-17 14:15:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-01-16 21:17:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

2014-01-16 20:57:44 C38ECB679347C514F8DCBC2A76FF1D33 4689480 ----a-w- C:\Users\Simon\Downloads\avast_free_antivirus_setup_online.exe

====== C: exe-files ==

2014-01-18 14:54:44 AAFC3766298F70C80F37F1F2656D787D 3746784 ----a-w- C:\Nexon\Warrock EU\system\WarRock.exe

2014-01-18 14:53:51 C55A40E86096B2C417D21D38A933175F 267264 ----a-w- C:\Nexon\Warrock EU\data\HShield\Update\autoup.exe

2014-01-18 14:52:51 4891462CD522559C07DDCD7ECC571476 1023960 ----a-w- C:\Nexon\Warrock EU\data\HShield\AhnRpt.exe

2014-01-18 13:26:33 3348D1B1D702E333CE99F7E0FD313460 468480 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-01-18 13:26:31 43E6F2A7FB182F2D7CB0CE5B8F1005CF 757488 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-01-18 13:25:55 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Simon.exe

2014-01-18 13:24:47 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Simon\Downloads\RSIT(1).exe

2014-01-18 13:24:16 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Simon\Downloads\RSIT.exe

2014-01-17 18:01:25 96E2B3F79EC2687F14F55ABE35898EA2 8105472 ----a-w- C:\Nexon\Warrock EU\WRUpdater.exe

2014-01-17 18:01:24 A3F10D8892D037894139389288782992 108079 ----a-w- C:\Nexon\Warrock EU\uninstall.exe

2014-01-17 18:01:24 6E7A3219DAB80C1B4FDC2AFEAB2E0904 1397760 ----a-w- C:\Nexon\Warrock EU\WRLauncher.exe

2014-01-17 17:45:05 D766FB6A5381E166DDE4CFE46BF1A96D 159592 ----a-w- C:\Nexon\Warrock EU\data\HShield\HSUpdate.exe

2014-01-17 17:30:02 99F20CB58E61DAAD19935122AEE8B376 106212 ----a-w- C:\Program Files\Mozilla Maintenance Service\Uninstall.exe

2014-01-17 17:29:50 3B9398E0146855B1DC0E3D9769C80F01 119408 ----a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

2014-01-17 17:29:15 FD3E66E1EAD5DA5EC23174D29B8376D6 283128 ----a-w- C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XOIIS3IW\Firefox Setup Stub 26.0.exe

2014-01-17 17:12:26 F9005FA4D997A635233B7C378BFA74DC 941936 ----a-w- C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZP5SPZ3Q\wajam_install[1].exe

2014-01-17 17:12:24 F9005FA4D997A635233B7C378BFA74DC 941936 ----a-w- C:\Users\Simon\AppData\Local\Temp\Wajam\tmp\1\wajam_install.exe

2014-01-17 17:11:48 3A41815E8B51F2C408C90D56D6D5BF2A 930440 ----a-w- C:\Users\Simon\Downloads\cbsidlm-cbsi176-Realtek_Semiconductor_Corp_AC97_Sound_Driver_version_51005490zip-ORG-150026.exe

2014-01-17 16:06:32 F087FB796852B34B92E793C853273676 3567616 ----a-w- C:\Users\Simon\AppData\Local\Temp\NGMSetup.exe

2014-01-17 15:34:50 9BD2E3C86EFAAD38D9230445462361B7 4415736 ----a-w- C:\Users\Simon\AppData\Local\Akamai\ControlPanel.exe

2014-01-17 14:37:23 83ED9EFA73B67792AA06517683D7453D 10028912 ----a-w- C:\Users\Simon\Downloads\NexonEU_Installer.exe

2014-01-17 14:14:40 F4BA3A5D5FDE0A321CD7C4A74749CE5B 15784 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe

2014-01-17 14:14:40 EBAB810C999D8C31F0D5D8B28B3EEDD1 15784 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe

2014-01-17 14:14:40 C422AF851B98378A39B51D99FE707E64 146344 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe

2014-01-17 14:14:40 ACA236A716C2291E40ED069F2CBB3D35 49064 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe

2014-01-17 14:14:40 6E2BECF6E17FF8DC850C058A38A50C4F 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe

2014-01-17 14:14:40 6E1B0EEBF3D1CC7ECF4104E1473900FF 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe

2014-01-17 14:14:40 397A6EA17BB97800939DE44D7BFEEC04 15784 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe

2014-01-17 14:14:40 18BC25C50200C3DD4E67611D2467DAA2 15784 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe

2014-01-17 14:14:40 0E37C7C174521E16CEA0A6BC46F03BCD 16296 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe

2014-01-17 14:14:39 ED1F5F1906F8D963612A4831CDB331D6 15784 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe

2014-01-17 14:14:39 B9436A665A8621073A12338B16D7BFD4 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe

2014-01-17 14:14:39 A8F2A6D5782AA0166D8367FF674DDF77 52648 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe

2014-01-17 14:14:39 762E372DCFDAE32FAE52C1A50A0029C2 15784 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe

2014-01-17 14:14:39 6EEAD2C8A5CAC1F0F2066ABD77BA9092 15784 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe

2014-01-17 14:14:39 49A5F3169A23C00F9F2023DFE04D7AF6 15784 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe

2014-01-17 14:14:36 FBC27FD8E76C53E6E8066944BBE2BF73 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe

2014-01-17 14:14:36 E9BFEA5B2F3F7598DA990F9728768790 66984 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe

2014-01-17 14:14:36 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe

2014-01-17 14:14:36 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe

2014-01-17 14:14:36 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Program Files\Java\jre7\bin\java.exe

2014-01-17 14:14:36 5877E6618DA03EE8E7A869F57EE6ACE5 15784 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe

2014-01-17 14:11:43 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Simon\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe

2014-01-16 22:15:49 30E11BF11AF1A52333CDC66CFAF6B4A3 25469280 ----a-w- C:\Program Files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.2.2041\GoogleEarth-Win-Bundle-7.1.2.2041.exe

2014-01-16 22:06:09 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe

2014-01-16 22:05:58 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateBroker.exe

2014-01-16 22:04:13 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateSetup.exe

2014-01-16 20:57:44 C38ECB679347C514F8DCBC2A76FF1D33 4689480 ----a-w- C:\Users\Simon\Downloads\avast_free_antivirus_setup_online.exe

2014-01-16 20:55:31 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

2014-01-16 20:55:27 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe

2014-01-16 20:54:56 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdate.exe

2014-01-16 20:54:15 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe

=== C: other files ==

2014-01-18 15:13:17 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS

2014-01-18 15:13:17 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS

2014-01-17 18:00:24 BF96460BF04A4DC9F4F54AD8CC0D4A06 4684209 ----a-w- C:\Nexon\Warrock EU\texture\UI\Temp\Temp.zip

2014-01-17 17:12:21 11F3766263BF70B47BF02AD6A4308FA7 22872125 ----a-w- C:\Users\Simon\Downloads\Realtek%20Semiconductor%20Corp.%20AC'97%20Sound%20Driver%20version%205.10.0.5490.zip

2014-01-17 14:14:41 863EB6802B1C3B7630290871599BE0BD 18636 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip

2014-01-16 22:49:01 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys

2014-01-16 22:48:55 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\portcls.sys

2014-01-16 22:48:55 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys

2014-01-16 22:48:55 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\drmk.sys

2014-01-16 22:48:55 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys

2014-01-16 21:46:24 0EEFB7741B46099FE1AA124F57BEEE41 26136 ----a-w- C:\Windows\System32\drivers\aswKbd.sys

2014-01-16 21:46:21 764E639C0BFCCFD0F84E2CE3FF5951BE 252336 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys

2014-01-16 21:42:22 7B948E3657BEA62E437BC46CA6EF6012 12112 ----a-w- C:\Windows\System32\DriverStore\FileRepository\aswndispt.inf_b14f6baf\aswNdis.sys

2014-01-16 21:42:22 7B948E3657BEA62E437BC46CA6EF6012 12112 ----a-w- C:\Windows\System32\drivers\aswNdis.sys

2014-01-16 21:10:33 875D2B1054F2ECD8F575D6CBE78DD7BA 57672 ----a-w- C:\Windows\System32\drivers\aswTdi.sys

2014-01-16 21:10:27 1B0662514A68C3A42E60D240C5ABEF28 180248 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2014-01-16 21:10:21 0F639D0526820BA7872C963813E0EB8D 775952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2014-01-16 21:10:17 7BA7543EA7936A7ADA615F6DE7C95494 410528 ----a-w- C:\Windows\System32\drivers\aswSP.sys

2014-01-16 21:10:14 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2014-01-16 21:10:10 6F1505608202BBD179095A6A150D103F 67824 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2014-01-16 21:10:08 B269C41DF93EFF71DF0986BD982D1C46 54832 ----a-w- C:\Windows\System32\drivers\aswRdr.sys

2014-01-16 20:57:34 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2014-01-16 20:57:28 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-3778264253-1432092012-1002964992-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"BitTorrent"="C:\Program Files\BitTorrent\BitTorrent.exe /MINIMIZED"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"Spotify"="C:\Users\Simon\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Akamai NetSession Interface"="C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"BitTorrent"="C:\Program Files\BitTorrent\BitTorrent.exe /MINIMIZED"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"Spotify"="C:\Users\Simon\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Simon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Akamai NetSession Interface"="C:\Users\Simon\AppData\Local\Akamai\netsession_win.exe"

==== Startup Folders ======================

2014-01-16 20:43:15 796 ----a-w- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk

2014-01-16 20:25:42 1972 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\Windows\tasks\avast\Undetermined Task.exe []

C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf1307a9570093.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [05-05-2012 10:06]

C:\Windows\tasks\User_Feed_Synchronization-{9287C0DC-1146-4FBD-B357-2A7B86CF276B}.job --ah----- C:\Windows\system32\msfeedssync.exe [08-05-2012 08:50]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [16-01-2014 22:44]

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{336D0C35-8A85-403a-B9D2-65C292C39087}"="C:\Program Files\Web Assistant\Firefox" []

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}"="C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fzplg2hz.default-1389980085299

- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\fzplg2hz.default-1389980085299

FFF2362F6B4A46D4BC1D147E79A7547B - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll - Nexon Game Controller

A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U51

9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13

C36444D7301A8C881FC7296B092609C7 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update

3220B1254AEF7A191187EC03F51B3D61 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

B2576571746839180833E048AC2CCA5C - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In

D7EFF0B98C370E03D7E2593399D9B669 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision

75A1232EAC640B782CDD2132B5271AA8 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION

90ABBBFFD282900CFAAABAB53BEDEBDB - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll - Shockwave Flash

AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[16-01-2014 22:07]

idjfaelbjmndhmadhkkgbkhhcknahgjm - C:\ProgramData\wxDfast\idjfaelbjmndhmadhkkgbkhhcknahgjm.crx[]

jpmbfleldcgkldadpdinhjjopdfpjfjp - C:\Users\Simon\AppData\Local\Wajam\Chrome\wajam.crx[]

Google Docs - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

SearceH--NewTab - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jflcgomhbjegjjkdfeogegeggkkmooml

VauudoIex - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\knngeimaanbhddjoapjmafaehglmkcim

Gmail - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jflcgomhbjegjjkdfeogegeggkkmooml deleted successfully

C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jflcgomhbjegjjkdfeogegeggkkmooml_0.localstorage deleted successfully

C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jflcgomhbjegjjkdfeogegeggkkmooml_0.localstorage-journal deleted successfully

C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\knngeimaanbhddjoapjmafaehglmkcim deleted successfully

C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_knngeimaanbhddjoapjmafaehglmkcim_0.localstorage deleted successfully

C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_knngeimaanbhddjoapjmafaehglmkcim_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://websearch.pu-results.info/?pid=320&r=2013/03/06&hid=563872393&lg=EN&cc=NL"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.nl/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3778264253-1432092012-1002964992-1000\Software\Mozilla\Firefox\Extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{581DD4AC-2949-14C1-5CB6-A23C0C4378E8} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7F67FEF1-FEEB-4899-E573-64C996A6292B} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\idjfaelbjmndhmadhkkgbkhhcknahgjm deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam deleted successfully

==== Empty IE Cache ======================

C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0PKAW7E will be deleted at reboot

C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Simon\AppData\Local\Mozilla\Firefox\Profiles\fzplg2hz.default-1389980085299\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=169 folders=28 4138754 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Simon\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Simon\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0PKAW7E" not found

==== EOF on za 18-01-2014 at 17:03:14,80 ======================

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  C:\MSDOS.SYS;f
 C:\IO.SYS;f
 C:\Users\Simon\Downloads\RSIT.exe;f

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites
monis71 Verkenner

monis71

Geplaatst:
  • Auteur
Geplaatst:

Zoek.exe v5.0.0.0 Updated 18-Januari-2014

Tool run by Simon on za 18-01-2014 at 19:05:46,22.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Simon\Desktop\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-01-18-160314.log 34893 bytes

==== Deleting Files \ Folders ======================

"C:\MSDOS.SYS" deleted

"C:\IO.SYS" deleted

"C:\Users\Simon\Downloads\RSIT.exe" deleted

==== C:\zoek_backup content ======================

C:\zoek_backup (files=170 folders=28 4920290 bytes)

==== EOF on za 18-01-2014 at 19:08:51,58 ======================

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.