Ga naar inhoud

Meerdere problemen kort achter elkaar.


Argibalt

Aanbevolen berichten

Hallo allemaal,

Er zijn in de afgelopen maand verschillende problemen opgetreden, ik heb al het een en ander geprobeerd maar dit heeft helaas niet geholpen.

De problemen die als eerst voorkwamen waren dat: Windows Update, Windows Defender en Windows probleem oplosser het begaven.

Daarna kwamen de problemen met IE, Chrome en FF.

Ik gebruikte FF als main browser maar die crashte zonder rede om de 5 min dus ben ik over gegaan op IE, nu ziet Internet explorer alle downloads voor virus aan dus voor het downloaden moet ik Chrome gebruiken, en als dat niet genoeg is kan ik Chrome ook maar 5 min gebruiken anders sluit mijn pc gewoon volledig af.

Het laatste probleem is dat ik bij alles wat ik open een error krijg van "Google updater" en "Onjuiste Installatie Kopie".

Ik hoop dat iemand mij hiermee kan helpen want dit alles bij elkaar is nogal onhandig werken.

Alvast bedankt.

Pascal.

Link naar reactie
Delen op andere sites

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Bekijk ook de instructievideo.

Link naar reactie
Delen op andere sites

Bedankt voor de reactie hierbij de log.

info.txt logfile of random's system information tool 1.09 2014-05-14 20:55:14

======Uninstall list======

-->C:\PROGRA~2\INSTAL~1\{413E7~1\Setup.exe /remove /q0

-->C:\PROGRA~2\INSTAL~1\{A6E5B~1\Setup.exe /remove /q0

-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}

Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{A0087DDE-69D0-11E2-AD57-43CA6188709B}

Adobe Flash Player 13 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe -maintain activex

Adobe Flash Player 13 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe -maintain plugin

Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"

Adobe Photoshop CS6-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}"

Adobe Reader XI (11.0.02) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001}

Adobe Shockwave Player 12.0-->"C:\Windows\system32\Adobe\Shockwave 12\uninstaller.exe"

Aeria Ignite-->msiexec.exe /x {FE2D627E-D7E0-46EA-93A6-8583420285FA}

Aeria Ignite-->MsiExec.exe /X{FE2D627E-D7E0-46EA-93A6-8583420285FA}

Age of Wonders III-->"C:\Program Files\Age of Wonders III\unins000.exe"

AMD Catalyst Install Manager-->msiexec /q/x{BC3053AC-FC4E-2073-FE89-A3C68ABFB134} REBOOT=ReallySuppress

Application Profiles-->MsiExec.exe /X{148971EC-8755-A666-D384-8F2E9E8B0DC8}

Arc-->"C:\Program Files\InstallShield Installation Information\{CED8E25B-122A-4E80-B612-7F99B93284B3}\setup.exe" -runfromtemp -l0x0409 -removeonly

Aura Kingdom-->C:\AeriaGames\AuraKingdom\Uninst.exe

Auto Clicker v1.6-->"C:\Users\Bennink\AppData\Local\Auto Clicker\unins000.exe"

avast! Pro Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall

Bandisoft MPEG-1 Decoder-->"C:\Program Files\BandiMPEG1\uninstall.exe"

Better Surf Plus-->C:\Program Files\BetterSurf\BetterSurfPlus\uninstall.exe

Catalyst Control Center - Branding-->MsiExec.exe /I{CB79256B-C0E0-40C6-8EB7-BDD796203581}

Caveland Pro-->C:\Windows\IsUninst.exe -f"C:\Program Files\Caveland Pro\Uninst.isu"

CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"

Cheat Engine 6.3-->"C:\Program Files\Cheat Engine 6.3\unins000.exe"

DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe

DAEMON Tools Ultra-->C:\Program Files\DAEMON Tools Ultra\uninst.exe

DigiSeaver-->"C:\ProgramData\DigiSeaver\HTW7US5.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""

Dragon Age II-->"C:\Program Files\Common Files\BioWare\Uninstall Dragon Age 2.exe"

Dungeon Keeper Gold-->C:\Windows\uninst.exe -fC:\WINDOWS\SYSTEM\KEEPER\DeIsL2.isu

ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

Europe MapleStory for Vista-->"C:\Program Files\NEXON\Europe MapleStory for Vista\unins000.exe"

Google Chrome-->"C:\Program Files\Google\Chrome\Application\33.0.1750.117\Installer\setup.exe" --uninstall --multi-install --chrome --system-level

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Hero of the Obelisk-->C:\Program Files\GBE Games\Hero of the Obelisk\uninst.exe

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

HydraVision-->MsiExec.exe /X{B7EC0338-EAE9-ABEA-D202-95025E66CC8C}

Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall

Java 7 Update 45-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217045FF}

K-Lite Codec Pack 10.3.5 Basic-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

LiveSupport-->"C:\Program Files\LiveSupport\unins000.exe"

Lost Saga-->C:\Program Files\Lost Saga\lsuninstall.exe

Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}

Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}

Microsoft .NET Framework 4.5-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\\Setup.exe /repair /x86

Microsoft .NET Framework 4.5-->MsiExec.exe /X{9F612429-4A00-3D44-88CF-146DA2EE1F92}

Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF}

Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}

Microsoft Midtown Madness 2-->"C:\Program Files\Microsoft Games\Midtown Madness 2\UNINSTAL.EXE" /runtemp /addremove

Microsoft Security Client-->MsiExec.exe /X{390DD8BB-BB57-4942-A029-2D913E4E9D74}

Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727-->"C:\ProgramData\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe" /uninstall

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727-->MsiExec.exe /X{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}

Microsoft XNA Framework Redistributable 4.0 Refresh-->MsiExec.exe /I{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}

Minecraft1.7.9-->C:\Users\Bennink\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe

Mozilla Firefox 29.0.1 (x86 nl)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"

Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"

NVIDIA GAME System Software 2.8.1-->MsiExec.exe /I{4F0C7CCF-5666-474B-B02E-AC514A95EC93}

NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}

OpenOffice.org 3.4.1-->MsiExec.exe /I{C169BD5F-00C1-437C-8162-88FA6BE495D5}

Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe

Persian Wars-->C:\Windows\IsUninst.exe -f"C:\Program Files\Cryo\Persian Wars\Uninst.isu"

PunkBuster Services-->C:\Windows\system32\pbsvc_blr.exe -u

Realtek Ethernet Controller Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly

Realtek Ethernet Diagnostic Utility-->"C:\Program Files\InstallShield Installation Information\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}\setup.exe" -runfromtemp -l0x0013 -removeonly

Recettear: An Item Shop's Tale-->"C:\Program Files\Carpe Fulgur\Recettear - An Item Shops Tale\unins000.exe"

sAfeweb-->"C:\ProgramData\sAfeweb\qoV81ijyCyy.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""

save neuti-->"C:\ProgramData\save neuti\1tRG.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {939AF4BC-EC42-38D1-AE82-91D4A7ED8911} /qb+ REBOOTPROMPT=""

Settings Manager-->C:\Program Files\Settings Manager\systemk\Uninstall.exe /browser=all

Skype™ 6.3-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}

SNT-->"C:\ProgramData\SNT\CLn.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""

Software Version Updater-->C:\Users\Bennink\AppData\Local\SwvUpdater\Updater.exe /uninstall

SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"

SW-Booster-->"c:\programdata\superbapp\sw-booster\sw-booster.exe" /uninstall

swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}

SW-Sustainer 1.80-->"C:\Windows\system32\RUNDLL32.EXE" "C:\PROGRA~1\SW-BOO~1\ASSIST~1.DLL",_uninstall /un

System Requirements Lab CYRI-->MsiExec.exe /I{E77DA909-3532-4C95-AFEB-06310E88462A}

Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1043 /parameterfolder ClientLP

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

VLC media player 2.1.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Webexp Enhanced-->C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha366\uninstall.exe

WinRAR 4.20 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe

WinZipper-->C:\Program Files\WinZipper\eUninstall.exe

YoutubeAdblocker-->"C:\ProgramData\YoutubeAdblocker\YW0PFOtke3R.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: PC_van_Bennink

Event Code: 4386

Message: Opnieuw opstarten is vereist om update 2419640-19_neutral_GDR van pakket KB2419640(Security Update) op status Installatie aangevraagd(Install Requested) in te stellen

Record Number: 4334

Source Name: Microsoft-Windows-Servicing

Time Written: 20130420105642.000000-000

Event Type: Informatie

User: PC_van_Bennink\Bennink

Computer Name: PC_van_Bennink

Event Code: 4386

Message: Opnieuw opstarten is vereist om update 2419640-17_neutral_GDR van pakket KB2419640(Security Update) op status Installatie aangevraagd(Install Requested) in te stellen

Record Number: 4333

Source Name: Microsoft-Windows-Servicing

Time Written: 20130420105642.000000-000

Event Type: Informatie

User: PC_van_Bennink\Bennink

Computer Name: PC_van_Bennink

Event Code: 4376

Message: Opnieuw opstarten is vereist om pakket KB2419640(Security Update) op status Installatie aangevraagd(Install Requested) in te stellen

Record Number: 4332

Source Name: Microsoft-Windows-Servicing

Time Written: 20130420105642.000000-000

Event Type: Waarschuwing

User: PC_van_Bennink\Bennink

Computer Name: PC_van_Bennink

Event Code: 4386

Message: Opnieuw opstarten is vereist om update 2419640-15_neutral_GDR van pakket KB2419640(Security Update) op status Installatie aangevraagd(Install Requested) in te stellen

Record Number: 4331

Source Name: Microsoft-Windows-Servicing

Time Written: 20130420105642.000000-000

Event Type: Informatie

User: PC_van_Bennink\Bennink

Computer Name: PC_van_Bennink

Event Code: 4386

Message: Opnieuw opstarten is vereist om update 2419640-13_neutral_GDR van pakket KB2419640(Security Update) op status Installatie aangevraagd(Install Requested) in te stellen

Record Number: 4330

Source Name: Microsoft-Windows-Servicing

Time Written: 20130420105642.000000-000

Event Type: Informatie

User: PC_van_Bennink\Bennink

=====Application event log=====

Computer Name: 37L4247E20-07

Event Code: 5615

Message: De Windows Management Instrumentation-service is gestart

Record Number: 5

Source Name: Microsoft-Windows-WMI

Time Written: 20130420094945.000000-000

Event Type: Informatie

User:

Computer Name: WIN-BMQFCK7NTZL

Event Code: 4625

Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog.

Record Number: 4

Source Name: Microsoft-Windows-EventSystem

Time Written: 20130420094943.000000-000

Event Type: Informatie

User:

Computer Name: WIN-BMQFCK7NTZL

Event Code: 900

Message: De Software Licensing-service wordt gestart.

Record Number: 3

Source Name: Microsoft-Windows-Security-Licensing-SLC

Time Written: 20130420094942.000000-000

Event Type: Informatie

User:

Computer Name: WIN-BMQFCK7NTZL

Event Code: 1531

Message: De User Profile-service is gestart.

Record Number: 2

Source Name: Microsoft-Windows-User Profiles Service

Time Written: 20130420094942.000000-000

Event Type: Informatie

User: NT AUTHORITY\SYSTEEM

Computer Name: 37L4247E20-07

Event Code: 2

Message: Client van Certificate Services is gestopt.

Record Number: 1

Source Name: Microsoft-Windows-CertificateServicesClient

Time Written: 20090411134648.021600-000

Event Type: Informatie

User: NT AUTHORITY\SYSTEEM

=====Security event log=====

Computer Name: PC_van_Bennink

Event Code: 5061

Message: Cryptografische bewerking.

Onderwerp:

Beveiligings-id: S-1-5-21-3379452383-879285089-2603850794-1000

Accountnaam: Bennink

Accountdomein: PC_van_Bennink

Aanmeldings-id: 0x1cf8f

Cryptografieparameters:

Naam provider: Microsoft Software Key Storage Provider

Naam algoritme: RSA

Sleutelnaam: CertContainer

Sleuteltype: Computersleutel.

Cryptografische bewerking:

Bewerking: Sleutel openen.

Retourcode: 0x0

Record Number: 488055

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20131228221739.598400-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Bennink

Event Code: 5058

Message: Bewerking sleutelbestand.

Onderwerp:

Beveiligings-id: S-1-5-21-3379452383-879285089-2603850794-1000

Accountnaam: Bennink

Accountdomein: PC_van_Bennink

Aanmeldings-id: 0x1cf8f

Cryptografieparameters:

Naam provider: Microsoft Software Key Storage Provider

Naam algoritme: Niet beschikbaar

Sleutelnaam: CertContainer

Sleuteltype: Computersleutel.

Gegevens over bewerking:

Pad naar bestand: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ab603ab15b202d8d2891a35c748137a0_c94fc06c-74da-4965-b077-db3dca8aeee7

Bewerking: Blijvende sleutel uit bestand lezen.

Retourcode: 0x0

Record Number: 488054

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20131228221739.598400-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Bennink

Event Code: 5061

Message: Cryptografische bewerking.

Onderwerp:

Beveiligings-id: S-1-5-21-3379452383-879285089-2603850794-1000

Accountnaam: Bennink

Accountdomein: PC_van_Bennink

Aanmeldings-id: 0x1cf8f

Cryptografieparameters:

Naam provider: Microsoft Software Key Storage Provider

Naam algoritme: RSA

Sleutelnaam: CertContainer

Sleuteltype: Computersleutel.

Cryptografische bewerking:

Bewerking: Sleutel openen.

Retourcode: 0x0

Record Number: 488053

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20131228221429.400400-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Bennink

Event Code: 5058

Message: Bewerking sleutelbestand.

Onderwerp:

Beveiligings-id: S-1-5-21-3379452383-879285089-2603850794-1000

Accountnaam: Bennink

Accountdomein: PC_van_Bennink

Aanmeldings-id: 0x1cf8f

Cryptografieparameters:

Naam provider: Microsoft Software Key Storage Provider

Naam algoritme: Niet beschikbaar

Sleutelnaam: CertContainer

Sleuteltype: Computersleutel.

Gegevens over bewerking:

Pad naar bestand: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ab603ab15b202d8d2891a35c748137a0_c94fc06c-74da-4965-b077-db3dca8aeee7

Bewerking: Blijvende sleutel uit bestand lezen.

Retourcode: 0x0

Record Number: 488052

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20131228221429.400400-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Bennink

Event Code: 5061

Message: Cryptografische bewerking.

Onderwerp:

Beveiligings-id: S-1-5-21-3379452383-879285089-2603850794-1000

Accountnaam: Bennink

Accountdomein: PC_van_Bennink

Aanmeldings-id: 0x1cf8f

Cryptografieparameters:

Naam provider: Microsoft Software Key Storage Provider

Naam algoritme: RSA

Sleutelnaam: CertContainer

Sleuteltype: Computersleutel.

Cryptografische bewerking:

Bewerking: Sleutel openen.

Retourcode: 0x0

Record Number: 488051

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20131228221429.398400-000

Event Type: Controle geslaagd

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 7, GenuineIntel

"PROCESSOR_REVISION"=1707

"NUMBER_OF_PROCESSORS"=4

"TRACE_FORMAT_SEARCH_PATH"=\\winseqfe\release\Windows6.0\lh_sp2rtm\6002.18005.090410-1830\x86fre\symbols.pri\TraceFormat

"DFSTRACINGON"=FALSE

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

- - - Updated - - -

Bedankt voor de reactie hierbij de log.

info.txt logfile of random's system information tool 1.09 2014-05-14 20:55:14

======Uninstall list======

-->C:\PROGRA~2\INSTAL~1\{413E7~1\Setup.exe /remove /q0

-->C:\PROGRA~2\INSTAL~1\{A6E5B~1\Setup.exe /remove /q0

-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}

Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{A0087DDE-69D0-11E2-AD57-43CA6188709B}

Adobe Flash Player 13 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe -maintain activex

Adobe Flash Player 13 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe -maintain plugin

Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"

Adobe Photoshop CS6-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}"

Adobe Reader XI (11.0.02) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001}

Adobe Shockwave Player 12.0-->"C:\Windows\system32\Adobe\Shockwave 12\uninstaller.exe"

Aeria Ignite-->msiexec.exe /x {FE2D627E-D7E0-46EA-93A6-8583420285FA}

Aeria Ignite-->MsiExec.exe /X{FE2D627E-D7E0-46EA-93A6-8583420285FA}

Age of Wonders III-->"C:\Program Files\Age of Wonders III\unins000.exe"

AMD Catalyst Install Manager-->msiexec /q/x{BC3053AC-FC4E-2073-FE89-A3C68ABFB134} REBOOT=ReallySuppress

Application Profiles-->MsiExec.exe /X{148971EC-8755-A666-D384-8F2E9E8B0DC8}

Arc-->"C:\Program Files\InstallShield Installation Information\{CED8E25B-122A-4E80-B612-7F99B93284B3}\setup.exe" -runfromtemp -l0x0409 -removeonly

Aura Kingdom-->C:\AeriaGames\AuraKingdom\Uninst.exe

Auto Clicker v1.6-->"C:\Users\Bennink\AppData\Local\Auto Clicker\unins000.exe"

avast! Pro Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall

Bandisoft MPEG-1 Decoder-->"C:\Program Files\BandiMPEG1\uninstall.exe"

Better Surf Plus-->C:\Program Files\BetterSurf\BetterSurfPlus\uninstall.exe

Catalyst Control Center - Branding-->MsiExec.exe /I{CB79256B-C0E0-40C6-8EB7-BDD796203581}

Caveland Pro-->C:\Windows\IsUninst.exe -f"C:\Program Files\Caveland Pro\Uninst.isu"

CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"

Cheat Engine 6.3-->"C:\Program Files\Cheat Engine 6.3\unins000.exe"

DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe

DAEMON Tools Ultra-->C:\Program Files\DAEMON Tools Ultra\uninst.exe

DigiSeaver-->"C:\ProgramData\DigiSeaver\HTW7US5.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""

Dragon Age II-->"C:\Program Files\Common Files\BioWare\Uninstall Dragon Age 2.exe"

Dungeon Keeper Gold-->C:\Windows\uninst.exe -fC:\WINDOWS\SYSTEM\KEEPER\DeIsL2.isu

ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

Europe MapleStory for Vista-->"C:\Program Files\NEXON\Europe MapleStory for Vista\unins000.exe"

Google Chrome-->"C:\Program Files\Google\Chrome\Application\33.0.1750.117\Installer\setup.exe" --uninstall --multi-install --chrome --system-level

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Hero of the Obelisk-->C:\Program Files\GBE Games\Hero of the Obelisk\uninst.exe

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

HydraVision-->MsiExec.exe /X{B7EC0338-EAE9-ABEA-D202-95025E66CC8C}

Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall

Java 7 Update 45-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217045FF}

K-Lite Codec Pack 10.3.5 Basic-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

LiveSupport-->"C:\Program Files\LiveSupport\unins000.exe"

Lost Saga-->C:\Program Files\Lost Saga\lsuninstall.exe

Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}

Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}

Microsoft .NET Framework 4.5-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\\Setup.exe /repair /x86

Microsoft .NET Framework 4.5-->MsiExec.exe /X{9F612429-4A00-3D44-88CF-146DA2EE1F92}

Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF}

Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}

Microsoft Midtown Madness 2-->"C:\Program Files\Microsoft Games\Midtown Madness 2\UNINSTAL.EXE" /runtemp /addremove

Microsoft Security Client-->MsiExec.exe /X{390DD8BB-BB57-4942-A029-2D913E4E9D74}

Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727-->"C:\ProgramData\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe" /uninstall

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727-->MsiExec.exe /X{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}

Microsoft XNA Framework Redistributable 4.0 Refresh-->MsiExec.exe /I{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}

Minecraft1.7.9-->C:\Users\Bennink\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe

Mozilla Firefox 29.0.1 (x86 nl)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"

Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"

NVIDIA GAME System Software 2.8.1-->MsiExec.exe /I{4F0C7CCF-5666-474B-B02E-AC514A95EC93}

NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}

OpenOffice.org 3.4.1-->MsiExec.exe /I{C169BD5F-00C1-437C-8162-88FA6BE495D5}

Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe

Persian Wars-->C:\Windows\IsUninst.exe -f"C:\Program Files\Cryo\Persian Wars\Uninst.isu"

PunkBuster Services-->C:\Windows\system32\pbsvc_blr.exe -u

Realtek Ethernet Controller Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly

Realtek Ethernet Diagnostic Utility-->"C:\Program Files\InstallShield Installation Information\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}\setup.exe" -runfromtemp -l0x0013 -removeonly

Recettear: An Item Shop's Tale-->"C:\Program Files\Carpe Fulgur\Recettear - An Item Shops Tale\unins000.exe"

sAfeweb-->"C:\ProgramData\sAfeweb\qoV81ijyCyy.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""

save neuti-->"C:\ProgramData\save neuti\1tRG.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {939AF4BC-EC42-38D1-AE82-91D4A7ED8911} /qb+ REBOOTPROMPT=""

Settings Manager-->C:\Program Files\Settings Manager\systemk\Uninstall.exe /browser=all

Skype™ 6.3-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}

SNT-->"C:\ProgramData\SNT\CLn.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""

Software Version Updater-->C:\Users\Bennink\AppData\Local\SwvUpdater\Updater.exe /uninstall

SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"

SW-Booster-->"c:\programdata\superbapp\sw-booster\sw-booster.exe" /uninstall

swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}

SW-Sustainer 1.80-->"C:\Windows\system32\RUNDLL32.EXE" "C:\PROGRA~1\SW-BOO~1\ASSIST~1.DLL",_uninstall /un

System Requirements Lab CYRI-->MsiExec.exe /I{E77DA909-3532-4C95-AFEB-06310E88462A}

Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1043 /parameterfolder ClientLP

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

VLC media player 2.1.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Webexp Enhanced-->C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha366\uninstall.exe

WinRAR 4.20 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe

WinZipper-->C:\Program Files\WinZipper\eUninstall.exe

YoutubeAdblocker-->"C:\ProgramData\YoutubeAdblocker\YW0PFOtke3R.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: PC_van_Bennink

Event Code: 4386

Message: Opnieuw opstarten is vereist om update 2419640-19_neutral_GDR van pakket KB2419640(Security Update) op status Installatie aangevraagd(Install Requested) in te stellen

Record Number: 4334

Source Name: Microsoft-Windows-Servicing

Time Written: 20130420105642.000000-000

Event Type: Informatie

User: PC_van_Bennink\Bennink

Computer Name: PC_van_Bennink

Event Code: 4386

Message: Opnieuw opstarten is vereist om update 2419640-17_neutral_GDR van pakket KB2419640(Security Update) op status Installatie aangevraagd(Install Requested) in te stellen

Record Number: 4333

Source Name: Microsoft-Windows-Servicing

Time Written: 20130420105642.000000-000

Event Type: Informatie

User: PC_van_Bennink\Bennink

Computer Name: PC_van_Bennink

Event Code: 4376

Message: Opnieuw opstarten is vereist om pakket KB2419640(Security Update) op status Installatie aangevraagd(Install Requested) in te stellen

Record Number: 4332

Source Name: Microsoft-Windows-Servicing

Time Written: 20130420105642.000000-000

Event Type: Waarschuwing

User: PC_van_Bennink\Bennink

Computer Name: PC_van_Bennink

Event Code: 4386

Message: Opnieuw opstarten is vereist om update 2419640-15_neutral_GDR van pakket KB2419640(Security Update) op status Installatie aangevraagd(Install Requested) in te stellen

Record Number: 4331

Source Name: Microsoft-Windows-Servicing

Time Written: 20130420105642.000000-000

Event Type: Informatie

User: PC_van_Bennink\Bennink

Computer Name: PC_van_Bennink

Event Code: 4386

Message: Opnieuw opstarten is vereist om update 2419640-13_neutral_GDR van pakket KB2419640(Security Update) op status Installatie aangevraagd(Install Requested) in te stellen

Record Number: 4330

Source Name: Microsoft-Windows-Servicing

Time Written: 20130420105642.000000-000

Event Type: Informatie

User: PC_van_Bennink\Bennink

=====Application event log=====

Computer Name: 37L4247E20-07

Event Code: 5615

Message: De Windows Management Instrumentation-service is gestart

Record Number: 5

Source Name: Microsoft-Windows-WMI

Time Written: 20130420094945.000000-000

Event Type: Informatie

User:

Computer Name: WIN-BMQFCK7NTZL

Event Code: 4625

Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog.

Record Number: 4

Source Name: Microsoft-Windows-EventSystem

Time Written: 20130420094943.000000-000

Event Type: Informatie

User:

Computer Name: WIN-BMQFCK7NTZL

Event Code: 900

Message: De Software Licensing-service wordt gestart.

Record Number: 3

Source Name: Microsoft-Windows-Security-Licensing-SLC

Time Written: 20130420094942.000000-000

Event Type: Informatie

User:

Computer Name: WIN-BMQFCK7NTZL

Event Code: 1531

Message: De User Profile-service is gestart.

Record Number: 2

Source Name: Microsoft-Windows-User Profiles Service

Time Written: 20130420094942.000000-000

Event Type: Informatie

User: NT AUTHORITY\SYSTEEM

Computer Name: 37L4247E20-07

Event Code: 2

Message: Client van Certificate Services is gestopt.

Record Number: 1

Source Name: Microsoft-Windows-CertificateServicesClient

Time Written: 20090411134648.021600-000

Event Type: Informatie

User: NT AUTHORITY\SYSTEEM

=====Security event log=====

Computer Name: PC_van_Bennink

Event Code: 5061

Message: Cryptografische bewerking.

Onderwerp:

Beveiligings-id: S-1-5-21-3379452383-879285089-2603850794-1000

Accountnaam: Bennink

Accountdomein: PC_van_Bennink

Aanmeldings-id: 0x1cf8f

Cryptografieparameters:

Naam provider: Microsoft Software Key Storage Provider

Naam algoritme: RSA

Sleutelnaam: CertContainer

Sleuteltype: Computersleutel.

Cryptografische bewerking:

Bewerking: Sleutel openen.

Retourcode: 0x0

Record Number: 488055

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20131228221739.598400-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Bennink

Event Code: 5058

Message: Bewerking sleutelbestand.

Onderwerp:

Beveiligings-id: S-1-5-21-3379452383-879285089-2603850794-1000

Accountnaam: Bennink

Accountdomein: PC_van_Bennink

Aanmeldings-id: 0x1cf8f

Cryptografieparameters:

Naam provider: Microsoft Software Key Storage Provider

Naam algoritme: Niet beschikbaar

Sleutelnaam: CertContainer

Sleuteltype: Computersleutel.

Gegevens over bewerking:

Pad naar bestand: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ab603ab15b202d8d2891a35c748137a0_c94fc06c-74da-4965-b077-db3dca8aeee7

Bewerking: Blijvende sleutel uit bestand lezen.

Retourcode: 0x0

Record Number: 488054

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20131228221739.598400-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Bennink

Event Code: 5061

Message: Cryptografische bewerking.

Onderwerp:

Beveiligings-id: S-1-5-21-3379452383-879285089-2603850794-1000

Accountnaam: Bennink

Accountdomein: PC_van_Bennink

Aanmeldings-id: 0x1cf8f

Cryptografieparameters:

Naam provider: Microsoft Software Key Storage Provider

Naam algoritme: RSA

Sleutelnaam: CertContainer

Sleuteltype: Computersleutel.

Cryptografische bewerking:

Bewerking: Sleutel openen.

Retourcode: 0x0

Record Number: 488053

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20131228221429.400400-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Bennink

Event Code: 5058

Message: Bewerking sleutelbestand.

Onderwerp:

Beveiligings-id: S-1-5-21-3379452383-879285089-2603850794-1000

Accountnaam: Bennink

Accountdomein: PC_van_Bennink

Aanmeldings-id: 0x1cf8f

Cryptografieparameters:

Naam provider: Microsoft Software Key Storage Provider

Naam algoritme: Niet beschikbaar

Sleutelnaam: CertContainer

Sleuteltype: Computersleutel.

Gegevens over bewerking:

Pad naar bestand: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ab603ab15b202d8d2891a35c748137a0_c94fc06c-74da-4965-b077-db3dca8aeee7

Bewerking: Blijvende sleutel uit bestand lezen.

Retourcode: 0x0

Record Number: 488052

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20131228221429.400400-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Bennink

Event Code: 5061

Message: Cryptografische bewerking.

Onderwerp:

Beveiligings-id: S-1-5-21-3379452383-879285089-2603850794-1000

Accountnaam: Bennink

Accountdomein: PC_van_Bennink

Aanmeldings-id: 0x1cf8f

Cryptografieparameters:

Naam provider: Microsoft Software Key Storage Provider

Naam algoritme: RSA

Sleutelnaam: CertContainer

Sleuteltype: Computersleutel.

Cryptografische bewerking:

Bewerking: Sleutel openen.

Retourcode: 0x0

Record Number: 488051

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20131228221429.398400-000

Event Type: Controle geslaagd

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 7, GenuineIntel

"PROCESSOR_REVISION"=1707

"NUMBER_OF_PROCESSORS"=4

"TRACE_FORMAT_SEARCH_PATH"=\\winseqfe\release\Windows6.0\lh_sp2rtm\6002.18005.090410-1830\x86fre\symbols.pri\TraceFormat

"DFSTRACINGON"=FALSE

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Ik heb me vergist, dit is de log.txt

Logfile of random's system information tool 1.09 (written by random/random)

Run by Bennink at 2014-05-14 20:54:52

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 71 GB (15%) free of 477 GB

Total RAM: 3070 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:55:11, on 14-5-2014

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16490)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Users\Bennink\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\cmd.exe

C:\Users\Bennink\AppData\Local\Akamai\netsession_win.exe

C:\Users\Bennink\AppData\Local\Akamai\netsession_win.exe

C:\Users\Bennink\Downloads\RSIT.exe

C:\Program Files\trend micro\Bennink.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Linkey - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\PROGRA~1\Linkey\IEEXTE~1\iedll.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: ArcPluginIEBHO - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: DigiSeaver - {AB8FFC2E-4259-C731-3F62-C9125BCD780D} - C:\ProgramData\DigiSeaver\HTW7US5.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [Microsoft Windows Hosting Service] C:\Users\Bennink\AppData\Local\Temp\csrss.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"

O4 - HKCU\..\Run: [bitTorrent] "C:\Users\Bennink\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Bennink\AppData\Local\Akamai\netsession_win.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe

O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Bennink\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [spotify] "C:\Users\Bennink\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [MurGee.com Auto Clicker] C:\Users\Bennink\AppData\Local\Auto Clicker\AutoClicker.exe :silent

O4 - HKCU\..\Run: [LiveSupport] "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log

O4 - HKLM\..\Policies\Explorer\Run: [5292] c:\progra~2\dxqkge.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.clonewarsadventures.com

O15 - Trusted Zone: *.freerealms.com

O15 - Trusted Zone: *.soe.com

O15 - Trusted Zone: *.sony.com

O16 - DPF: {89F434A7-4A49-4394-AC02-007480331AE2} (NetmarbleSystemIDInfo Class) - http://download.netmarble.net/ActiveX/NMAutoUpdateX/SystemIDInfo/NMSystemIDInfo_1.0.0.3.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe

O23 - Service: Arc Service (ArcService) - Perfect World Entertainment Inc - C:\Program Files\Perfect World Entertainment\Arc\ArcService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Disc Soft Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Microsoft Antimalware Service (MsMpSvc) - Unknown owner - c:\Program Files\Microsoft Security Client\MsMpEng.exe

O23 - Service: @c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243 (NisSrv) - Unknown owner - c:\Program Files\Microsoft Security Client\NisSrv.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Systemk Service (SystemkService) - Aztec Media Inc - C:\Program Files\Settings Manager\systemk\SystemkService.exe

O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files\WinZipper\winzipersvc.exe

--

End of file - 8843 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\SW-Booster-S-1095609242.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Bennink\AppData\Roaming\Mozilla\Firefox\Profiles\aw8b9i9m.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"xz123@ya456.com"=C:\Program Files\BetterSurf\ff

"12x3q@3244516.com"=C:\Program Files\Better-Surf\ff

"ext@bettersurfplus.com"=C:\Program Files\BetterSurf\BetterSurfPlus\ff

"ext@WebexpEnhancedV1alpha366.net"=C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha366\ff

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 13.0.0.214 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]

"Description"=Nexon Game Controller

"Path"=C:\ProgramData\NexonEU\NGM\npnxgameEU.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ogplanet.com/npOGPPlugin]

"Description"=OGPlanet Game Plugin

"Path"=C:\Windows\system32\npOGPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]

"Description"=This plugin detects and launches Pando Media Booster

"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin]

"Description"=Arc PlayNow plugin for Mozilla browsers

"Path"=C:\Program Files\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}]

Linkey - C:\PROGRA~1\Linkey\IEEXTE~1\iedll.dll [2014-04-08 182800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-10 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F}]

ArcPluginIEBHO Class - C:\Program Files\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll [2014-03-26 117072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-22 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB8FFC2E-4259-C731-3F62-C9125BCD780D}]

DigiSeaver - C:\ProgramData\DigiSeaver\HTW7US5.dll [2014-04-17 425472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-10 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [2013-12-06 747264]

"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]

"Microsoft Windows Hosting Service"=C:\Users\Bennink\AppData\Local\Temp\csrss.exe []

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]

"Aeria Ignite"=C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [2013-06-06 1925656]

"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

"AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-22 3873704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

"5292"=c:\progra~2\dxqkge.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [2013-03-28 389120]

"BitTorrent"=C:\Users\Bennink\AppData\Roaming\BitTorrent\BitTorrent.exe [2014-05-10 1238864]

"Akamai NetSession Interface"=C:\Users\Bennink\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472]

"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

"KPeerNexonEU"=C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2013-05-01 438272]

"DAEMON Tools Ultra Agent"=C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [2013-05-23 3123744]

"Spotify Web Helper"=C:\Users\Bennink\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-10-23 1140736]

"Spotify"=C:\Users\Bennink\AppData\Roaming\Spotify\spotify.exe [2013-10-23 4752384]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-04-19 18678376]

"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2013-05-13 3093624]

"MurGee.com Auto Clicker"=C:\Users\Bennink\AppData\Local\Auto Clicker\AutoClicker.exe [2014-03-11 100728]

"AdobeBridge"= []

"LiveSupport"=C:\Program Files\LiveSupport\LiveSupport.exe [2014-03-18 1005056]

C:\Users\Bennink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OpenOffice.org 3.4.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"EnableLUA"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

"301548880"=0x504B0304CE5EEC795045F9114D07000000300000E269F63D73594F6202C9694280CC96A28BBD63516FD3C2D5F7A2FF87AC3A990C3EC3B2ED7B07716237A0DFB1DFB651F67E31CB2E7649F98D5E55E9B25B1A579794989B176C357BDCC11226BD6ECB7DE8A63EA216AB2A6F3BD651DA5FAA614C3BA48E87CC21C53A1354637B181014AF26C92A0ADBD1208EB42D8B55201D9D7B98423E41AF179DDEBE3EF4931015A2FC7B58A77630D30AF187EFCA692A305FCA408B0F84A60A0242FE94CF438CB216C9AD12C3969908DF6593A382EF2F1FB27A6747D5E0867A216AF309D7E397C00933F25264653E8824F1DFA27DB2EC64C86F7403DD00D7DB84BDD336E4F6AC5C84480B88D554E4A12FBF8D0B1E17061AADF7FA3EBE3E66F6E5193DD47DBE4B6FA2B5F36978356B8EC3FB66FCEF4D7E5DD575DAB2ED92EFB281EDF5083FBA9393C06BED52F2A0BF7024B8F3EE5FA6E58247A1872DCF32345CC268BE7090FC8BCA9031CE0EB9835E98CC5DA0DDB58B2AA38881D3B649600449633A0D1EA900691FFD79C68431A4A801FD923F9464B2CD1D7CF271B49DB22B64BEA8D763D7ED10441DB4AF5AF2F14B3E2625806B35DC1E3370E7C9D948450FF997C32B477E51F3503508A858988495C1577C9C771F422CA4A3A34FC40202CAB3EC70B9861A4C090FC11B8B97F2EB97C8E63D924903DC305A23C5AF9EA18A5B5F2D31B3C93456598012280033381391F3714E6BE80461F80A63A2B66A8C624A42D13B0D94D2A552018C2A92A847CB3D063165A6A65A3F6544C3E4EB3745828289DFE27F1709125C65538129EFEFD347436EC0E568AF39425BE10BAB7D777D5C405B5E9F2A204C189D040050E7DBD8AAE22D251C041B5EAD104E43A5EC430568D8FA7123096EE44BE719039204A44F19C41615DFEF33586DA39AC570127C6F6A6C593C105DD159F1FE27F684FE31D12E9D141EBBB9BCCF1B9E4C709EC75BFDB65F65F59A61EC7F1281E74299E363B0C0B48F5C68B005479C7212B276C937F6E50086FF9FA01AEB3174439C531478633F9BB9710924B2445DE3F019B959F073829327E6EC21810D0F75BB04B58E08E3CD2F76208402CC78A1BAAFEE71DC5CD48116FDB03A45D03189B3F41B12430CF44702588CC854A2C01A4C46E0EA07FEF803BD82A14F6118C1E15E1A6F3138BBE12B6FA9D040F35381380AB91715090C941ED1168429137B9BDFA5EB1933B2FC172DF71DBB33693373709B05C504A50DDA99CF6059F54D9BC8B3D578CA2507D1AB9C0331E8B11AA786A465722EF9B10824AECFC7972B670176153EE0342F14247363127C36A946A57610682F9C8294D14F9C11F6B8638510DA26E64C255907262FD6B8699C23A4B817BA820461557A935F4F953183050C119291B573F483D4F23E4A76C34F3BD83EC3F4BD0E0AF0C336982DF6AA91D1F394A713B3F52FDD1A9C1F84BD764805D2B671500ADDD862B5FD461CA270FC2CEBDC60CF12484818177F457E001042A034767F87C0F0F4E3BB561A405E839B327842E9A0902799EFAF53EE7AA46F004DF217838D944E4908D11C26191832C5BB5A32B62F64821F721538D361A6D2CF2DD96793005522B34F90B1D32E3120450827D3961C3C42CB618651EA41F727454047F1BA936FEE2EF93B921ADD680C1B6888E93FAA225B2DBBA9265643860AB105EBFD430B381F0903825B75EDE1D60BBC286D468BD031A0AD6F5C3BF6F0B92B17A41851FC3FB43773D51A7E07F46A95CCED70778A8B5D3CC463242EBD0FE0F63E46F7934C48F27CAE082B59476384482044B29E37C8CB1F39BAF0D8EE95133C2340205F9DAF18B2F9BD64F94BCC83987721B96451F4D8D83E71C916780CFBDB9F03B44DCB380B1A2E0DA69AD52CE9C6C7AFFF2DD41B41C50C3E590BF830458A1FB3C4DEBF4E43AAFD18E6A32CD7BF7ACEAAE18928629291820CD84F61A8CDA2DDCC38A7FC3CDA32D6580A36B92A668090931F54B28516EB6014D2E1FF2CB4D48D8CB17BD1E023D78CEEB25E9477205D8AB3501960DCA31F1E521A3B35E20F95EDC6D5C5806D784C118392608B2FF083A1D338D3266D60D0476C1CCE2E7424ED2957529C4A49D5642B1400EFE3550F5FAD307A9BBB05B3B521B2430ADD241ACB8E6726F03EBF803016643DA16571C379841ED7BBEF2DACE29AE310FB921B7F662AE27DC7F3910A431144F0C14E35A72023A517510320E1B42D942736F05F9899566E8BCE12BDDA8AC87672E32FA899D56374CF9C2B11E1C1A6AEC317965D467EA6F2D0E1A85D91E1AD6D8E6C00DF00DF68AA0E2CFDD0C85E85A0D5D832F917A4F21480294879E17641E9D752EA256D45F9168C612FC8F34052A9FD080C6A3302C77C558C7CE415D3436477694BD80C428FF160516271E44372E923D2432B8710A8A514FA30066BD5555D64E576BE5A823407623749651380C5CE859B6F090A686155A2F2FD804AF3BB7FD1AD171205233FA1047842804DAF24D99BD0C371CFDFD2223A64D6F1F2AF995240DF3D62A7172AC416A980EE43ED005282243CE5A48D174192DA3F0D1FAACC4135685BC5E55AFD4E56B03244213A492F88EA0B4A0E8342ECB2635698F193B44A5D16FB7C14FD6E2B41F319D0083CBFD22B0B1C3E193F9A62909EC6E7293EA9707C170A0441150D248A46BC1C

"3212083974"=0x504B0304C239B7F8068374BFB511000000400000E269F63D73594F6202C9694280CC96A28BBD63516FE3C2D5F7A2FF87AC3A990C3EC3B2ED7B07716237A0DFB1DFB651F67E31CB2E7649F98D5E55E9B25B1A579794989B176C357BDCC11226BD6ECB7DE8A63EA2165F6B31EAD6B0A2A96A6E9D04B9B39F194EF52D48B088D4B6597F685A70FF6912914F86D8235681747DA26CFD83223D3D248872C51095484634EBF976E4595F734BD35CAF42B38DCF9E878AF0BE0A5E84B22940F721E8BBCDCBAA3E53607359252DB16C0D6C38A142261BB4896D12A48C006CC3C21FDF717C155B2AF0375D2545EE286C2AECB2955206EF25C82DC686F7EB83BB3072E94E1E59254B11A2E3628E1D98E177375B54E682A1C77F986E1907FFCB784ACCACB124189751D7EBBAFC91D3A127F134A85E27F8C201D9082F621F5FFFAC09D2AAB94A62F90BD74D6C96A8DB6D42E4E98316449D202A4E24857673E2A50B7DFD9D5AF72A21A19A922ACC9675BA933A1C6AD4E0A11470FBB82EED7A79C5CA2DBB0BEC5B2B43BAA37373D3EF494726D7CF4A4AA8A3D6A5C206CED49148C0100BFA96B707BE91B855151D8DA8E0723DD1303325011B3951C9DF7B10E9B153BCED98376C4D7517F2E0E23A986914B2B0F978454441C47B5797D924CE9CD186D74D308099EE52F226E92DE6B50E4A0691F75CFA9CE733494B8CAFAEB4BE4C65F6C9DFFA34A3C2ED9D14F5844164BE79B7A90495290350177B03AEFA777FF519B624E3C75C219260AC447BBA9A6DB56F34B340A5F75837FAB3C33831A3BC39C2914AEB87A39545BD7ED52450EB7E94D5380E2BABCE3F8EE6E3CDC9D4ED54D9889D9DBD0DC879CAA2B121048A308A7F873252DAD24EA8F8911EA0A3B202DE930A9FC882CF1349FFE229016B2EBFD7821B8986D31DECCBC296BA54FD6D864C915F1D77AC0734D96FE0BA43A669FAB128026C7F90E9E1E0A7047F5A2378E4DE0966EB6C217B3483194B2B21A3FA8A1CBEF1D66A3FC8A5C863BCEA6157981A11449BAE3357F3287501CB9C24E0AFB156F5DDFD6855CD8B7B43FEABD9412C1C208B5DE2330C469A59DE5B490CC06BFD5A4900CB121EB967BC7185A9F00112A5B1E8D8028CA02B0F2B194AF03CC1E172B70C9B88643E3C064B5406CF184AD9EBA26736EF6FEB30DAC8BA400933A32A3C03230BD732FCBE16C4B3BDCC0B501616CE956D968B8DA68B4A9A64238601E81E78095961580431361A4DD9FE963D3CEBA5C21BBA416C1CC9D94BB842C25B2FD12C8BF42C35948272965A3FECF6E9B92D32D7E84A402A0B6214A412A23427E4852CE607FD9F7FF8559BBB96A9AE577DF0C19D108587D372470BE0D3E27ED61FEB442C2D65E55BAC81C2786CF6B837EEBC1B5AF35634B29FD5D96347B5F9C747C8A9A83E7CB3C188D9042F08FBD4EDEEBD65DE7C04B275B7FD74067A0AE3033752AA55A45A05355811416EA4A5101511E99305B700BD44742CBD6A9272B5CF4001505C4057866B57E4DE5EF0EE9F88B41986A80119C962594972011FC0C39B4A74B74747F5116D896A0EBCBB4387685672899AF54B80AE07008971EA1C997A898E33AAB769E4E52FBBEC97EBF199CE76454BADBD4EAB272F1D1CAABB3B49B3AAFC1E67D09EE8FEB0580E414EB45F3F0C25FE88872312FEC2341E7A6100B2E04ED25FCE13A146098DCE98446B2F3875ECB269A886795698619D337DA612F19BF8D4FE3028E79A26548128D1595AF0BF98FF320DC73D873F05EBD07C87CAE28DF067C00DE3E53CC77E801E1304192CA7BF78AB28DB40564328A108F9F0DDD8E1B0BAECCF16BF1DEB3CC5C4B5F5140F6B8A256E9128C203418AA3D93E3F08078977667DC02D830BB6869DE92F29A65AC6D2689D0A5A90887A8643119DC9A68B5B00BD59D45DA9D7ED5DAE6EE6DA6119243F77F51B263200F90ABBB61CCE9A951781EA2012A2C8D7200906439B08E7E76CF9C9536B2E6B560AFD7CBAA5044791EE17DED45ADFD9D359DAC0A9F4ED15BF2CB2EA9B12B7CB11B597CF2E6E750A6C636FE2C4B144F6FF43CCFFDDAE787BE160B0A8B4282B35A6AEECE165814E95CE7ADBE416EF4E51860CB4F5D50AF2A86AA4EE602A30AA54850E0CB4A38DC3A1C711B5D03B6A53EE102AC68E553D11E5FB3D0A8E0EF34266263CA4A3E0B76C55A92F75F921CD61A5363E5DB7737874D57C653D63457260B67B1DF330827B2921C29FDA0045BBE7404E40985039F7DB153F52B2C941A56E922DCFB60B89DBEE327ED6F5C1E438270F766A6ED1730FC581A4AEBCFE3B7726B27D6B092CF5A0B6954196CB4CC2788B8722338EE189D9E22692595F0D5B333B0F715CB8D94A08AFB631DBB1BE79A773E8F1A4EAF7220C24222DDA431B91D9175DFA0C6AE81E8C4C879D64446CF56FAEFE1487CA6739A776AEE42EF8BE40A612F95CDE3B1FEEAC1E1E41A24C92ED8B0152E247239E5A8BC903679CA8C7B94659AD5B1D10551F460D924FB60882FC90508C3723420F86F4CF100387E808133CC429883C0E3ACE91651C075CD19D106E0B437B0363048CA1FEAAF929B87AED90AFDE281EDCA0FA0CC7B5A7F03807FA5AC41B1ED73130EAC1117C631C1818142F24D420F6776CB53D4D0326B9FC3008C3CA03FC649D87D37FA617B74F2865C75298BED54B7D8DC676E2210374D8BF194AE2FEDA62B4798933C764CCDDF845330721FC21E68C0695CA73285103E22AE68DA440326DFEF9A80D17D0A7C3F920E7B0AA806EE9B7549ED9878B6CFB505AC69E8E8D3CFA718675764CFB03861D32AFAAE1D918BE87F6A9AC0D815C57AD3E167D642F5FCDDC25D4BA3AC3E67C26A4DEAA17797B3C0654F271EAAA442A71CBE19372ADCBDE3DF8B3FE491E5A76A79D1291A0DE317FFBF927F42782FA48270F2C969563B183A4B0112F3497DD3C2A423EC83498BDBAAC928910A9FB7FE5788E454C027A28F4A91AF2BF09E261F85B0EEE4F7929E63C4062496CB09534BB6D03FF69ED2915D0EA215B4FB3D1044E86EB87DFB4898BCBD50E5C4DDFBDB83B9410E1ADF91446C43C959E0E341D67A5A7EF8712586DE3B8B9C5B6F80F42F235BF68900EBFE6304BB0D9F67408B76201EC26180B4BD76500DE4F0DF86DF4A063AECECCA69DDF8A162B67A4B9800FA7570D5B551AC2703ADC0FFCED00650A96CD81EC4187B90C6B2140CE99C1937C40587EA72899897E628115BCAB73B3D9F425860B109A67347B8A121F65D0968D56A3DDE6B8171CEA61B08AE568B9D03C398977CE86F75055230EF370CABF67C9CF97C3223719555403F3E0BD2AF0E1E8742DECB05FADB0227F15D40EE2D6DC5A49FE1E6BC9E6CEDDE74294C3BB6FD5C5FEDFAD672DF1DFFD219BD8BC1EC39158EAB507998755F553441D01CD26A5501F6FB2DB4F3597510F85B93A542514C8013EEDBBFC913DCCE8B20A5759665BDFD9919EB22A89163D8656386D857C5BFC7C241C1D726CD94AB0F92D5B0FEFCF1D4ABDD26FBC6C17A4CCACF2D31E5E713059DE93C59D3B8D3E8D03B5D663F9DFADB03E093CB84FCF500A1F0E2E5BA1C9D81DB12CC799C6539AF0CC35682D95CB789C745A452BD8B38E6CF08E0579DA1AB43AD0858D0305F961B15A79C1090F4867040EA2BD36CF6512AAB44CE5A1098EFE039134F23BF057777FEF3E68E45827B0487924CAD4E5F0B1C3B4F5A0E3853B39640EB0782D78888FE92C3B68624E84FF6A5EDED87BE62D34CE858F34E5FFFBBA75F014DF0F648988B51A72DE1FF54D5C7A4B8ECB10C5E9EF51DE98C01EF8C406F9824A0C15A29E16B5A53E3643B0065A4263ECAE50D2CB976D3D2EA6255A65F1C6CC86167F1784A27B832037DB4CE1E262475334F3B2430F86C7A24456EEA82AB678ABA91BB4C0CC82C877B80B6D3574007257272C3E126C17A8B36AA8AA9431FF01BF658F82D8153EDDEA6804CDC564A3F5E9967B08FEEB823D3DB9356A4ACDD80E883CA58A1C661D01D145F80A3AB67E8036C0BAE1BB7BC43204EB0CF38214BC74A9AEF036A31D5A9C552D93A25C0E84057BCE5437B1634680D04A77472D631432D2BAA7A3ACD64220EFCF9E7848F8FD9801BEF7561A470A1822032160EB59EDC0F977882DCE4FB2872D89D27FF076DBA74A9672F86909956579C28853FA8DE7002CC8458D09256D42A39F1A4BDB6B56D36D51488E7368686E54C1BBBFFF48884E0D536BE362E59BD7F18329A4B82AED396E4F92865F594D0DA38F7CACE7A4603AF60C1A53BDFD19476094AAC6E4A8F31FC1257D48D03BB0EF515D8460B9441532C8B5043D0531D5881ADB6D997BB184FD8CAF4D8E6C759C3F7143B9E32BC7A0EC6234B68ADF4111CA1D136721438E5E6D7125D480CE982D84AEA7703B4010CD27867D6DDC5E0C970385196F020E48EDDB24C56972F9E61E6CC29C1712551583828F899534AACFFFC66F99999EA2BA2731D52A7FD2FA262A22B075DA52A5AA58F5B41AA9CDC9181406717F3F75E7C475090121966838125236E4DC6291AE3874968E8208B983AADB03CA60ACD935E6DA1B829407F70A77340E4439F22FDC2FC4218DE0F25D2F886C0AAEB693C2B23DB0EAB9953BF806C2173E0BC9D0D7EF0E763775BC1432FF48D6035B1214294C81B71CD98C42831014090CD99CB74929AE853F88132E559104D4FEA98AD40F17DA4100A909A6981BAD9EFB240A79520927AA12232A56F4D8893BFF92BFC2BD42CF3DC09BDC484DFDBA3A10C609186104CE33E3024F44000BE34814FF5DC9872D44B4157FB3A6655B985F6CC5EF4586F2ABFEE12DCBDB90181B396F95FE3213F094D1F3DD3D7FED800F4ED21290F613B62048E0FC1F1328D9F87A5653B489D36F727BE9D755523DEF0472F1C1D5AC90EE665379FF39D06E863C244890F5333A0B89B92022C1A8198029FE5F8C203B3DD211D4398958EE190108DD50B7850E20D8ABE2B927D53D28F3B8CA26BE81BC6B83C0E2B3B1DDA28066C63860CEA89DF82708EF21D4D36B84663E87B4385A3E37BD3FF1EB2BF64184C44723490669AF4DA092D45BA21A569A352E513D9A9B43E9CD4B812055822626EFC55F950009232B8B3BB2D63D44A8B0BD9BD4E84C5A724496A2326F63C97DBCB235366EC0CF6096B5F4988D073C34BD3A084130CEA8D6EE22E542B411C1E18599667B3FD6DDE0669AD82C85A1C10CA5862213CB1BB277E6C4F6564F20A9BCEA1B48170504C47235D78ED0A0441987C8C17D90D7B56CF487C46733BA4A6848FEC42B97CE4048F3C6D9C493322F052EF93F02F142B3940A10921BD15C911E7A97AA4A20DC383C62CD288D252BA937B3F60761E6653568A01241BB573664DE04811CF3F59B4C2D7E8A6C55DA16F468383456AA751697697397C2A5E5ABFA0F1099D80447D49DA509AA1347F3943EE9BAA1FDAD2A0E69410B34253AD4991282D0E952260F52AB9F02A3D00B37098CF60354424F862066E45E92AC475C99A00E7380766E589ABF66271619142795CF7A7FBD138A6CC5BD7E135122341D1F06EB5B436C59BE0ADEDC71BC03D7C63C16751AD56C69E36DECFE9E8214C719FCDF2E9FE2DC971F03C1C2AD6B6D368FE8B11D0389650C73D1C7E73708145FA05992A150E6A909656EA786E244BDF1CD71F4B0FD05B1335D703182FFA9D96C99108297B1FE327A83BF4F69D2A9C3D1EB73A9DD8CEE2B3220904AC31011FD6407A5BA427FACB46227FDEDB13D1CA6443DED3DC3B6CF06A59DC9B9226FBF357334ABF58412605FD206E7B6125FA19E5D68F75783FA08205B05C0A12D1830068317F6105958C4EB37BCB1BEAE6A401C267641AA58274A410D76B4D2A03E418020869B6886BB81964761B3FCD8EA68050AD6CFF99649CDE8FA53F04B0C96E271C0B092E24D81EA2D723775799E713EA9DA6967EF57AAAFE1C6732F2F047556027F021C65FC20C1C3BCB392ACF8FF7A9E14D9728A5AAACD255FC3866B041E9C96DCF592083D78C9E405DDD7991D2E2536D2EB1BA0F0ECE3DFB6A34C2665CFAC2D1850FD478F617FDD4E9DD4492C553BD375CFD33F4744D642006F3A5216A1FF7D73643ED751CAECDFDCB56247AA2F66FBCB8315DAAA86006A99E0350A72D5D5260D6BB77AC53CDD7ABACB859586C279B7FACDF076C922AC27F3E907FB3B4EC977CA634A28DF064162165222DCCE674DAB60A4E9D48E7FCEA267ABB1F8E0A2012AA6DB532A4CE74FBAF583E2C292FA1B56BE585D14EE073CDAFE3FC0C19050E698EC41B9D27F5DB41A779208118A5D3F8F74333B2AD2FE3CEE273BBFEA485EAD817EFFEDF1260C1A125070589B6F0F31984ED498CBD273E84A718F54C82CBC2747E678F8437DDE23C9EA3C877823034B7C70731C2D01CC09D11D3364E7945B6480B9B416ACB54CD1194B46C6D2E147619AC1C1FA915AF80A5098647247EBCF0449634F69C96AFC740BCE61993228183D98D0F85406D8FFD934

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"Microsoft Windows Hosting Service"="C:\Users\Bennink\AppData\Local\Temp\csrss.exe"

"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine.exe"

"C:\Windows\system32\msiexec.exe"="C:\Windows\system32\msiexec.exe:*:Generic Host Process"

"C:\Windows\system32\svchost.exe"="C:\Windows\system32\svchost.exe:*:Generic Host Process"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"vidc.mjpg"=bdmjpeg.dll

"vidc.mpeg"=bdmpegv.dll

"msacm.bdmpeg"=bdmpega.acm

"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-05-14 20:54:53 ----D---- C:\Program Files\trend micro

2014-05-14 20:54:52 ----D---- C:\rsit

2014-05-12 23:49:59 ----D---- C:\Users\Bennink\AppData\Roaming\Mozilla

2014-05-12 23:49:32 ----D---- C:\ProgramData\Mozilla

2014-05-12 23:49:31 ----D---- C:\Program Files\Mozilla Maintenance Service

2014-05-12 23:49:18 ----D---- C:\Program Files\Mozilla Firefox

2014-05-09 02:00:23 ----D---- C:\Games

2014-05-09 01:53:14 ----D---- C:\Program Files\Goat Simulator

2014-04-24 17:30:05 ----ASH---- C:\hiberfil.sys

2014-04-22 14:39:50 ----D---- C:\Program Files\Linkey

2014-04-22 14:39:30 ----D---- C:\Program Files\Settings Manager

2014-04-22 14:39:27 ----D---- C:\ProgramData\systemk

2014-04-22 14:39:18 ----D---- C:\Program Files\DOSBox-0.74

2014-04-22 14:14:55 ----A---- C:\Windows\unin0413.exe

2014-04-22 14:10:40 ----D---- C:\Program Files\Bullfrog

2014-04-22 14:06:16 ----A---- C:\Windows\uninst.exe

2014-04-22 13:56:38 ----D---- C:\Users\Bennink\AppData\Roaming\AVAST Software

2014-04-22 13:55:01 ----A---- C:\Windows\system32\drivers\aswVmm.sys

2014-04-22 13:55:01 ----A---- C:\Windows\system32\drivers\aswTdi.sys

2014-04-22 13:55:01 ----A---- C:\Windows\system32\drivers\aswSP.sys

2014-04-22 13:55:01 ----A---- C:\Windows\system32\drivers\aswSnx.sys

2014-04-22 13:55:01 ----A---- C:\Windows\system32\drivers\aswRvrt.sys

2014-04-22 13:55:00 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys

2014-04-22 13:55:00 ----A---- C:\Windows\system32\drivers\aswHwid.sys

2014-04-22 13:54:59 ----A---- C:\Windows\system32\drivers\aswRdr.sys

2014-04-22 13:54:58 ----A---- C:\Windows\system32\drivers\aswKbd.sys

2014-04-22 13:54:57 ----A---- C:\Windows\system32\aswBoot.exe

2014-04-22 13:54:53 ----A---- C:\Windows\avastSS.scr

2014-04-22 13:48:15 ----D---- C:\Program Files\AVAST Software

2014-04-18 00:34:03 ----R---- C:\Windows\system32\Wingde.dll

2014-04-18 00:34:03 ----R---- C:\Windows\system32\Wing32.dll

2014-04-18 00:34:03 ----R---- C:\Windows\system32\Wing.dll

2014-04-18 00:33:47 ----D---- C:\Program Files\Caveland Pro

2014-04-18 00:30:59 ----D---- C:\Windows\A4W_DATA

2014-04-18 00:30:59 ----A---- C:\Windows\A4W.INI

2014-04-17 23:05:49 ----D---- C:\Program Files\Cryo

2014-04-17 23:05:49 ----A---- C:\Windows\system32\spr_p6.dll

2014-04-17 23:05:49 ----A---- C:\Windows\system32\spr_p5.dll

2014-04-17 23:05:49 ----A---- C:\Windows\system32\CM6_800x16.dll

2014-04-17 23:05:49 ----A---- C:\Windows\system32\CM6_640x16.dll

2014-04-17 23:05:49 ----A---- C:\Windows\system32\CM6_512x16.dll

2014-04-17 23:05:49 ----A---- C:\Windows\system32\CM6_1024x16.dll

2014-04-17 23:03:50 ----A---- C:\Windows\IsUninst.exe

2014-04-17 22:36:27 ----A---- C:\Windows\IsUn0407.exe

2014-04-17 22:03:29 ----D---- C:\Users\Bennink\AppData\Roaming\EZDownloader

2014-04-17 21:57:00 ----D---- C:\ProgramData\SNT

2014-04-17 21:56:57 ----D---- C:\Program Files\SNT

2014-04-17 21:56:54 ----D---- C:\Program Files\LiveSupport

2014-04-17 21:55:56 ----D---- C:\ProgramData\save neuti

2014-04-17 21:55:56 ----D---- C:\Program Files\save neuti

2014-04-17 02:49:00 ----D---- C:\ProgramData\DigiSeaver

2014-04-17 02:09:20 ----D---- C:\Program Files\Dragon Age 2

2014-04-17 02:09:20 ----D---- C:\Program Files\Common Files\BioWare

2014-04-09 03:43:31 ----D---- C:\Program Files\Cheat Engine 6.3

2014-04-09 00:51:47 ----D---- C:\Program Files\Carpe Fulgur

2014-04-09 00:16:14 ----AD---- C:\ProgramData\TEMP

2014-04-09 00:15:45 ----A---- C:\Users\Bennink\AppData\Roaming\regsvr32.exe_log.txt

2014-04-09 00:15:45 ----A---- C:\Users\Bennink\AppData\Roaming\LiveSupport.exe_log.txt

2014-04-09 00:15:39 ----D---- C:\Users\Bennink\AppData\Roaming\SkypEmoticons

2014-04-09 00:15:39 ----D---- C:\ProgramData\Searcho-NeewTAb

2014-04-09 00:15:39 ----D---- C:\Program Files\Searcho-NeewTAb

2014-04-09 00:15:07 ----D---- C:\ProgramData\SuperbApp

2014-04-09 00:15:01 ----D---- C:\Program Files\SW-Booster

2014-04-09 00:14:48 ----D---- C:\ProgramData\YoutubeAdblocker

2014-04-09 00:14:48 ----D---- C:\Program Files\YoutubeAdblocker

2014-04-09 00:14:41 ----D---- C:\ProgramData\sAfeweb

2014-04-09 00:14:41 ----D---- C:\Program Files\sAfeweb

2014-04-09 00:14:36 ----D---- C:\ProgramData\feb14ac0e84abdac

2014-04-09 00:14:06 ----D---- C:\ProgramData\InstallMate

2014-04-08 21:41:20 ----D---- C:\Program Files\SpeedFan

2014-04-01 00:13:18 ----ASH---- C:\Windows\system32\temppf.sys

2014-03-31 21:53:42 ----D---- C:\$WINDOWS.~LS

2014-03-28 20:19:13 ----D---- C:\ProgramData\regid.1986-12.com.adobe

2014-03-27 22:46:16 ----HD---- C:\ArcTemp

2014-03-27 18:53:48 ----D---- C:\Program Files\Lost Saga

2014-03-24 18:12:29 ----D---- C:\Users\Bennink\AppData\Roaming\vlc

2014-03-24 18:11:51 ----D---- C:\Program Files\VideoLAN

2014-03-24 18:05:23 ----A---- C:\Windows\system32\unrar.dll

2014-03-24 18:05:21 ----D---- C:\Program Files\K-Lite Codec Pack

2014-03-12 17:37:08 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe

2014-03-12 01:04:26 ----D---- C:\Program Files\GBE Games

2014-03-07 00:34:35 ----A---- C:\Windows\system32\bassmod.dll

2014-03-05 20:48:32 ----A---- C:\ping.txt

2014-02-25 01:56:18 ----D---- C:\HSHIELD

2014-02-22 01:09:27 ----D---- C:\Users\Bennink\AppData\Roaming\RIFT

2014-02-20 01:55:24 ----A---- C:\Windows\system32\d3dx10_41.dll

2014-02-20 01:55:24 ----A---- C:\Windows\system32\D3DCompiler_41.dll

2014-02-20 01:55:22 ----A---- C:\Windows\system32\D3DX9_41.dll

2014-02-20 01:51:17 ----D---- C:\ProgramData\HappyCloud

2014-02-20 00:01:04 ----D---- C:\ProgramData\NexonEU

======List of files/folders modified in the last 3 months======

2014-05-14 20:55:08 ----D---- C:\Windows\Prefetch

2014-05-14 20:54:53 ----RD---- C:\Program Files

2014-05-14 16:25:13 ----D---- C:\Users\Bennink\AppData\Roaming\Skype

2014-05-14 16:25:11 ----D---- C:\Users\Bennink\AppData\Roaming\BitTorrent

2014-05-14 16:23:31 ----D---- C:\Users\Bennink\AppData\Roaming\Spotify

2014-05-14 16:09:57 ----D---- C:\Windows\System32

2014-05-14 14:30:32 ----D---- C:\Program Files\WinZipper

2014-05-14 00:37:24 ----D---- C:\Windows\Temp

2014-05-14 00:37:24 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2014-05-12 23:51:33 ----SD---- C:\Users\Bennink\AppData\Roaming\Microsoft

2014-05-12 23:49:32 ----HD---- C:\ProgramData

2014-05-10 04:44:55 ----D---- C:\Users\Bennink\AppData\Roaming\.minecraft

2014-04-22 15:42:00 ----D---- C:\Windows

2014-04-22 14:59:33 ----D---- C:\Windows\system

2014-04-22 13:55:14 ----D---- C:\Windows\system32\Tasks

2014-04-22 13:55:01 ----D---- C:\Windows\system32\drivers

2014-04-22 13:46:33 ----D---- C:\ProgramData\AVAST Software

2014-04-21 16:58:07 ----D---- C:\Windows\inf

2014-04-21 16:58:07 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-04-17 23:49:37 ----D---- C:\Program Files\Microsoft Games

2014-04-17 21:56:17 ----D---- C:\Windows\Tasks

2014-04-17 02:19:25 ----RSD---- C:\Windows\assembly

2014-04-17 02:09:20 ----D---- C:\Program Files\Common Files

2014-04-09 00:32:27 ----HD---- C:\Program Files\InstallShield Installation Information

2014-04-09 00:14:36 ----RD---- C:\Users

2014-04-03 17:04:51 ----D---- C:\Users\Bennink\AppData\Roaming\Adobe

2014-03-31 21:57:40 ----RASH---- C:\BOOTSECT.BAK

2014-03-31 21:57:34 ----SHD---- C:\Boot

2014-03-28 20:16:55 ----D---- C:\Program Files\Adobe

2014-03-28 20:15:43 ----RSD---- C:\Windows\Fonts

2014-03-28 20:14:46 ----D---- C:\Program Files\Common Files\Adobe

2014-03-28 20:11:35 ----D---- C:\ProgramData\Adobe

2014-03-28 00:07:11 ----D---- C:\Program Files\Perfect World Entertainment

2014-03-11 23:13:09 ----D---- C:\Nexon

2014-03-11 23:06:17 ----SD---- C:\Windows\Downloaded Program Files

2014-03-06 23:37:19 ----D---- C:\Windows\system32\catroot2

2014-03-06 03:11:40 ----D---- C:\Windows\pss

2014-03-05 20:56:39 ----D---- C:\Windows\system32\catroot

2014-03-05 20:04:02 ----SHD---- C:\System Volume Information

2014-03-05 18:58:47 ----SD---- C:\ProgramData\Microsoft

2014-03-05 18:39:00 ----D---- C:\Windows\Debug

2014-02-25 02:04:05 ----SHD---- C:\Windows\Installer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-22 49944]

R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-22 180632]

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]

R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2012-12-29 24184]

R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-04-22 26136]

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-04-22 54832]

R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-22 776976]

R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-22 411552]

R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-04-22 57672]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-06-20 242240]

R1 F06DEFF2-5B9C-490D-910F-35D3A91196222;F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg [2014-04-28 31120]

R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-04-22 24184]

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-22 67824]

R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-06-20 279712]

R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-06-20 25888]

R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 22120]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-12-06 11527680]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-12-06 501248]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH3.sys [2013-07-05 75264]

R3 dtscsibus;DAEMON Tools Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtscsibus.sys [2013-06-14 24704]

R3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2011-09-08 363112]

R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]

S3 apf004;apf004; \??\C:\Windows\system32\apf004.sys [2014-01-15 15112]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []

S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328]

S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 49768]

S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtVlan60.sys [2011-09-16 27752]

S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 49768]

S3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

S3 XDva405;XDva405; \??\C:\Windows\system32\XDva405.sys []

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-12-06 209408]

R2 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-09 46528]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-22 50344]

R2 FontCache;Windows Font Cache Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2013-07-13 76888]

R2 SystemkService;Systemk Service; C:\Program Files\Settings Manager\systemk\SystemkService.exe [2014-04-28 3543056]

R2 winzipersvc;WinZiper service; C:\Program Files\WinZipper\winzipersvc.exe [2013-08-22 424104]

R3 Disc Soft Bus Service;Disc Soft Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [2013-05-23 632352]

R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2012-07-09 770008]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-09 116648]

S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-04-19 161384]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]

S3 ArcService;Arc Service; C:\Program Files\Perfect World Entertainment\Arc\ArcService.exe [2014-03-26 88400]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-09 116648]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-07 119408]

S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232]

S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2013-11-19 5131672]

S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

S4 WsysSvc;Wsys Service; C:\ProgramData\eSafe\eGdpSvc.exe []

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47};c
 {84BFE29A-8139-402a-B2A4-C23AE9E1A75F};c
 C:\Program Files\Perfect World Entertainment;fs
 {AB8FFC2E-4259-C731-3F62-C9125BCD780D};c
 C:\ProgramData\DigiSeaver;fs
 Npggsvc;s
 C:\Windows\tasks\SW-Booster-S-1095609242.job;f
 C:\Program Files\Better-Surf;fs
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB8FFC2E-4259-C731-3F62-C9125BCD780D}];r
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run];r
"5292"=-;r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe];r
 C:\Program Files\Linkey;fs
C:\Program Files\Settings Manager;fs
C:\ProgramData\systemk;fs
 C:\ProgramData\SNT;fs
C:\Program Files\SNT;fs
C:\Program Files\LiveSupport;fs
C:\ProgramData\save neuti;fs
C:\Program Files\save neuti;fs
 C:\Users\Bennink\AppData\Roaming\regsvr32.exe_log.txt;f
C:\Users\Bennink\AppData\Roaming\LiveSupport.exe_log.txt;f
C:\Users\Bennink\AppData\Roaming\SkypEmoticons;fs
C:\ProgramData\Searcho-NeewTAb;fs
C:\Program Files\Searcho-NeewTAb;fs
C:\ProgramData\SuperbApp;fs
C:\ProgramData\YoutubeAdblocker;fs
C:\Program Files\YoutubeAdblocker;fs
C:\ProgramData\sAfeweb;fs
C:\Program Files\sAfeweb;fs
C:\ProgramData\feb14ac0e84abdac;fs
C:\ProgramData\InstallMate;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Deep Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Oeps ... dit is een gigantische berg rotzooi die rechtgezet moest (en nog moet) worden.

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
 C:\Windows\system32\tasks\0;fs
 C:\Windows\system32\tasks\4890;fs
 CHRdefaults;
 autoclean;

  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.