rudy52

Hallo, ik merk dat er steeds meer goed draaiende programma's van mijn pc verwijderd worden ?! (ondermeer "free audio converter" en "expat shield" zijn al zeker verdwenen). Aan het probleem is nog hoegenaamd niets veranderd en de kans dat het na een weekje hi-jacken met allerhande pgm's nog ooit lukt, lijkt me obestaande. Om de schade die ik intussen heb opgelopen te beperken, stel ik voor er maar mee op te houden.

Toestand jammer genoeg nog niet veranderd.

Tool run by rudy on zo 01-09-2013 at 9:22:01,54. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\rudy\Desktop\zoek.exe [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results31-08-2013-1216.log 68312 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3706EE7C-3CAD-445D-8A43-03EBC3B75908} deleted successfully HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3706EE7C-3CAD-445D-8A43-03EBC3B75908} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ExpatTrayService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ExpatTrayService deleted successfully ==== Deleting Files \ Folders ====================== "C:\asc_rdflag" deleted "C:\Users\rudy\Downloads\FreeAudioConverter.exe" deleted "C:\Users\rudy\Downloads\mbam-setup.exe" deleted "C:\Users\rudy\Downloads\DM-232.exe" deleted "C:\Users\rudy\Downloads\HSS-2.25-install-anchorfree-232-expatshield.exe" deleted "C:\Users\rudy\Downloads\HSS-3.09-install-hss-409-conduit(1).exe" deleted "C:\Users\rudy\Downloads\HSS-3.09-install-hss-409-conduit.exe" deleted "C:\Program Files\Common Files\DVDVideoSoft" deleted "C:\Program Files\DVDVideoSoft" deleted "C:\Program Files\Expat Shield" deleted "C:\users\rudy\AppData\Roaming\DVDVideoSoft" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592 - avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Clearly - %ProfilePath%\extensions\readable@evernote.com.xpi - Undetermined - %ProfilePath%\extensions\savedpasswordeditor@daniel.dawson.xpi - InstantFox - %ProfilePath%\extensions\searchy@searchy.xpi - Tile Tabs - %ProfilePath%\extensions\tiletabs@DW-dev.xpi - Stylish - %ProfilePath%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi - Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592 101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update 0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 14771EF55F4873E7C347E6EB5304A9CE - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome 3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 2D758513B6E7A83DDF4B4C250E0001A3 - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer 5BBF76A283A844AEA0B2FCDC212C9177 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx[22-04-2013 19:01] wide awake theme - rudy - Default\Extensions\jghojamolcelbkfdejjhaliddkkhhpeb Advanced SystemCare Surfing Protection - rudy - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== shortcuts on Users Desktops ====================== C:\Users\rudy\Desktop\Advanced Uninstaller Free.lnk - C:\Program Files\Innovative Solutions\Advanced Uninstaller Free\uninstaller.exe C:\Users\rudy\Desktop\All My Books .lnk - C:\Program Files\AllMyBooks\allmybooks.exe C:\Users\rudy\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Users\rudy\Desktop\CDBurnerXP.lnk - C:\Program Files\CDBurnerXP\cdbxpp.exe C:\Users\rudy\Desktop\Evernote.lnk - C:\Program Files\Evernote\Evernote\Evernote.exe C:\Users\rudy\Desktop\Glary Utilities.lnk - C:\Program Files\Glary Utilities\Integrator.exe C:\Users\rudy\Desktop\Griffith.lnk - C:\Program Files\Griffith\griffith.exe C:\Users\rudy\Desktop\HiJackThis.lnk - C:\Users\rudy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\rudy\Desktop\ImgBurn.lnk - C:\Program Files\ImgBurn\ImgBurn.exe C:\Users\rudy\Desktop\PrivaZer.lnk - C:\Program Files\PrivaZer\PrivaZer.exe C:\Users\rudy\Desktop\Recuva.lnk - C:\Program Files\Recuva\recuva.exe C:\Users\rudy\Desktop\Update Checker.lnk - C:\Program Files\FileHippo.com\UpdateChecker.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\Advanced SystemCare 6.lnk - C:\Program Files\IObit\Advanced SystemCare 6\ASC.exe C:\Users\Public\Desktop\avast Free Antivirus.lnk - C:\Users\Public\Desktop\calibre - E-book management.lnk - C:\Program Files\Calibre2\calibre.exe C:\Users\Public\Desktop\Configure FileMenu Tools.lnk - C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools.exe C:\Users\Public\Desktop\EaseUS Partition Master 9.2.2.lnk - C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EPMStartLoader.exe C:\Users\Public\Desktop\Exact Audio Copy.lnk - C:\Program Files\Exact Audio Copy\EAC.exe C:\Users\Public\Desktop\Expat Shield Launch.lnk - C:\Program Files\Expat Shield\bin\openvpntray.exe C:\Users\Public\Desktop\Free Audio Converter.lnk - C:\Program Files\DVDVideoSoft\Free Audio Converter\FreeAudioConverter.exe C:\Users\Public\Desktop\Freemake Audio Converter.lnk - C:\Program Files\Freemake\Freemake Audio Converter\FreemakeAudioConverter.exe C:\Users\Public\Desktop\IObit Malware Fighter.lnk - C:\Program Files\IObit\IObit Malware Fighter\IMF.exe C:\Users\Public\Desktop\KeyFinder.lnk - C:\Program Files\Magical Jelly Bean\keyfinder.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Public\Desktop\MediaMonkey.lnk - C:\Program Files\MediaMonkey\MediaMonkey.exe C:\Users\Public\Desktop\MozBackup.lnk - C:\Program Files\MozBackup\MozBackup.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Nitro Reader.lnk - C:\Program Files\Nitro\Reader 3\NitroPDFReader.exe C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe C:\Users\Public\Desktop\Speccy.lnk - C:\Program Files\Speccy\Speccy.exe C:\Users\Public\Desktop\SRS Audio Sandbox.lnk - C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe C:\Users\Public\Desktop\Uninstaller.lnk - C:\Program Files\IObit\Advanced SystemCare 6\Suc10_Uninstal.exe ==== shortcuts in Users Start Menu ====================== C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk - C:\Program Files\IObit\Advanced SystemCare 6\Suc10_Uninstal.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk - C:\Program Files\ImgBurn\ImgBurn.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk - C:\Program Files\PrivaZer\PrivaZer.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Audio Converter.lnk - C:\Program Files\Freemake\Freemake Audio Converter\Uninstall\unins000.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\rudy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn\ImgBurn Read Me.lnk - C:\Program Files\ImgBurn\ReadMe.txt C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn\ImgBurn.lnk - C:\Program Files\ImgBurn\ImgBurn.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn\Uninstall.lnk - C:\Program Files\ImgBurn\uninstall.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer\Privazer desinstalleren.lnk - C:\Program Files\PrivaZer\privazer_remover.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer\PrivaZer.lnk - C:\Program Files\PrivaZer\PrivaZer.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recuva\Recuva.lnk - C:\Program Files\Recuva\recuva.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recuva\Uninstall Recuva.lnk - C:\Program Files\Recuva\uninst.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoulseekQt\SoulseekQt.lnk - C:\Program Files\SoulseekQt\SoulseekQt.exe C:\Users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoulseekQt\Uninstall.lnk - C:\Program Files\SoulseekQt\uninstall.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Uninstall Programs.lnk - C:\Program Files\IObit\Advanced SystemCare 6\Suc10_Uninstal.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk - C:\Program Files\CDBurnerXP\cdbxpp.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk - C:\Windows\Installer\{FE3047CE-660C-4D22-82BE-E76954EAABDF}\Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk - C:\Program Files\DVD Maker\DVDMaker.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk - C:\Program Files\Windows Live\Mail\wlmail.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk - C:\Windows\system32\mblctr.exe /open C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk - C:\Windows\system32\SnippingTool.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk - C:\Windows\system32\StikyNot.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\ShapeCollector.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk - C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk - C:\Program Files\Windows Journal\Journal.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Configuration.lnk - C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.msc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Wizards.lnk - C:\Windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6\Advanced SystemCare 6.lnk - C:\Program Files\IObit\Advanced SystemCare 6\ASC.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6\Toolbox.lnk - C:\Program Files\IObit\Advanced SystemCare 6\ASC.exe /toolbox C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6\Turbo Boost.lnk - C:\Program Files\IObit\Advanced SystemCare 6\ASC.exe /turboboost C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6\Verwijder Advanced SystemCare.lnk - C:\Program Files\IObit\Advanced SystemCare 6\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller Free\Advanced Uninstaller Free.lnk - C:\Program Files\Innovative Solutions\Advanced Uninstaller Free\uninstaller.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller Free\Uninstall.lnk - C:\Program Files\Innovative Solutions\Advanced Uninstaller Free\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast Free Antivirus.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bolide Software\All My Books .lnk - C:\Program Files\AllMyBooks\allmybooks.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bolide Software\All My Books License.lnk - C:\Program Files\AllMyBooks\license.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bolide Software\Bolide Software Website.lnk - C:\Program Files\AllMyBooks\bolide.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bolide Software\Order All My Books.lnk - C:\Program Files\AllMyBooks\order.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bolide Software\Uninstall All My Books.lnk - C:\Program Files\AllMyBooks\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\calibre - E-book management.lnk - C:\Program Files\Calibre2\calibre.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\E-book viewer.lnk - C:\Program Files\Calibre2\ebook-viewer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management\LRF viewer.lnk - C:\Program Files\Calibre2\lrfviewer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.2.2\EaseUS Partition Master 9.2.2.lnk - C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EPMStartLoader.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.2.2\Uninstall EaseUS Partition Master 9.2.2.lnk - C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote\Evernote.lnk - C:\Windows\Installer\{A6563D7C-F3AD-11E2-A4DB-984BE15F174E}\Evernote.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy\Exact Audio Copy.lnk - C:\Program Files\Exact Audio Copy\EAC.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy\FAQ.lnk - C:\Program Files\Exact Audio Copy\Documentation\FAQ.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy\Legal.lnk - C:\Program Files\Exact Audio Copy\Legal.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy\News.lnk - C:\Program Files\Exact Audio Copy\News.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy\Uninstall.lnk - C:\Program Files\Exact Audio Copy\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Opener\Free Opener.lnk - C:\Program Files\Free Opener\FreeOpener.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Opener\Uninstall Free Opener.lnk - C:\Program Files\Free Opener\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Audio Converter.lnk - C:\Program Files\Freemake\Freemake Audio Converter\FreemakeAudioConverter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities\Glary Utilities.lnk - C:\Program Files\Glary Utilities\Integrator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities\Verwijder Glary Utilities.lnk - C:\Program Files\Glary Utilities\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Rapid Storage Technology.lnk - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter\IObit Malware Fighter.lnk - C:\Program Files\IObit\IObit Malware Fighter\IMF.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter\Verwijder IObit Malware Fighter.lnk - C:\Program Files\IObit\IObit Malware Fighter\unins001.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder\KeyFinder.lnk - C:\Program Files\Magical Jelly Bean\keyfinder.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder\Uninstall KeyFinder.lnk - C:\Program Files\Magical Jelly Bean\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LopeSoft\FileMenu Tools\Configure FileMenu Tools.lnk - C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LopeSoft\FileMenu Tools\Help.lnk - C:\Program Files\LopeSoft\FileMenu Tools\FileMenuTools_enu.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey Lees-mij.lnk - C:\Program Files\MediaMonkey\readme.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey op het Web.lnk - C:\Program Files\MediaMonkey\MediaMonkey.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey.lnk - C:\Program Files\MediaMonkey\MediaMonkey.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\Verwijder MediaMonkey.lnk - C:\Program Files\MediaMonkey\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression\Microsoft Expression Encoder 4 Screen Capture.lnk - C:\Program Files\Microsoft Expression\Encoder 4\EEScreen.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression\Microsoft Expression Encoder 4 SDK.lnk - C:\Program Files\Microsoft Expression\Encoder 4\SDK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression\Microsoft Expression Encoder 4.lnk - C:\Program Files\Microsoft Expression\Encoder 4\Encoder.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup\MozBackup.lnk - C:\Program Files\MozBackup\MozBackup.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup\Uninstall.lnk - C:\Program Files\MozBackup\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegCompact.NET\RegCompact.NET.lnk - C:\Program Files\RegCompact.NET\RegCompact.NET.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics\USB 3.0 Host Controller Driver\USB 3.0 Host Controller Utility.lnk - C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3utl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Verwijder Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS\Soulseek.lnk - C:\Program Files\SoulseekNS\slsk.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS\Uninstall Soulseek.lnk - C:\Program Files\SoulseekNS\uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs\Audio Sandbox\SRS Audio Sandbox Readme.lnk - C:\Program Files\SRS Labs\Audio Sandbox\SRS Audio Sandbox Readme.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs\Audio Sandbox\SRS Audio Sandbox.lnk - C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\All My Books .lnk - C:\Program Files\AllMyBooks\allmybooks.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk - C:\Program Files\CDBurnerXP\cdbxpp.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\EaseUS Partition Master 9.2.2.lnk - C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EPMStartLoader.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PrivaZer.lnk - C:\Program Files\PrivaZer\PrivaZer.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files\IObit\Advanced SystemCare 6\Suc10_Uninstal.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\avast Free Antivirus.lnk - C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Exact Audio Copy.lnk - C:\Program Files\Exact Audio Copy\EAC.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MediaMonkey.lnk - C:\Program Files\MediaMonkey\MediaMonkey.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Soulseek.lnk - C:\Program Files\SoulseekNS\slsk.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SRS Audio Sandbox.lnk - C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Mail.lnk - C:\Program Files\Windows Live\Mail\wlmail.exe C:\Users\rudy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 ==== Empty IE Cache ====================== C:\Users\rudy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\rudy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\users\rudy\AppData\Local\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\rudy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\rudy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 01-09-2013 at 9:30:04,44 ======================

Tool run by rudy on za 31-08-2013 at 12:06:28,24. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\rudy\Desktop\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 31-8-2013 12:08:46 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Internet Explorer\SearchScopes\{43D03AA4-F21D-41F9-967F-19D98489D1E0} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\prefs.js: user_pref("browser.startup.homepage", "www.hln.be"); Added to C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\mp9n4ne2.default\prefs.js: Added to C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\mp9n4ne2.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592 ---- Lines CT2911070 removed from prefs.js ---- ---- Lines CT2911070 modified from prefs.js ---- ---- Lines CT2911070 removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_31-08-2013_1210_.backup prefs_31-08-2013_1210_.backup ProfilePath: C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\mp9n4ne2.default user.js not found ---- Lines CT2911070 removed from prefs.js ---- ---- Lines CT2911070 modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "bProtectTabs"=- ==== Deleting Files \ Folders ====================== "C:\Program Files\Expat_Shield" deleted "C:\Program Files\Common Files\DVDVideoSoft\bin" deleted "C:\Program Files\Conduit" deleted "C:\ProgramData\APN" deleted "C:\ProgramData\Babylon" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield" deleted "C:\Users\rudy\AppData\Local\Conduit" deleted "C:\Users\rudy\AppData\LocalLow\Expat_Shield" deleted "C:\Users\rudy\AppData\LocalLow\Conduit" deleted "C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\mp9n4ne2.default\CT2911070" deleted "C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\mp9n4ne2.default\CT2911070" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-08-28 19:03:31 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-08-28 19:03:31 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-08-28 19:03:31 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-08-28 19:03:31 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2013-08-28 19:03:31 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe 2013-08-13 07:37:23 163A95975E1D8819E653AA3E961371CA 51200 ----a-w- C:\Windows\twain_32.dll 2013-08-13 07:37:08 DBD14D0DB0382DFE96D7B5007DDD5ABE 65024 ----a-w- C:\Windows\bfsvc.exe 2013-08-12 00:37:36 E9C8673674ECF840EE59ED805DBE9966 41664 ----a-w- C:\Windows\avastSS.scr 2013-08-11 21:52:55 8B88EBBB05A0E56B7DCC708498C02B3E 2616320 ----a-w- C:\Windows\explorer.exe 2013-08-11 21:25:56 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\ativpsrm.bin 2013-08-11 21:19:22 DA256F9F53336B560201CDEFEAE35320 380928 ------r- C:\Windows\RtlUI2.exe 2013-08-11 21:19:22 9FCED27FC13C71D6DB2E1CE56BBAA30C 188416 ------r- C:\Windows\RTLExtUI.dll 2013-08-11 21:19:22 00D8BA2934C8B2EC7137C88B8C96F122 614400 ------r- C:\Windows\Rtlihvs.dll 2013-08-11 21:09:14 C613568549E0036980D873B0B3B18115 1251944 ------r- C:\Windows\RtlExUpd.dll ====== C:\Users\rudy\AppData\Local\Temp ==== ====== C:\Windows\system32 ===== 2013-08-26 17:42:59 FECA97DEEBE08DBCEDA90F35027B3B12 523264 ----a-w- C:\Windows\System32\msfeeds.dll 2013-08-26 17:42:59 FCCFE8F718BDC25ED5DD6BED8F0AFD55 1433088 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-08-26 17:42:59 FAE68ED2E090D09938642F66D004B872 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-08-26 17:42:59 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\System32\ieuinit.inf 2013-08-26 17:42:59 F47FF71033FD3F3C776CB6B579A13623 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-08-26 17:42:59 F0CA8B5121B02924A5C006750797097D 74240 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe 2013-08-26 17:42:59 E209FE08045621CC91365F7273E11582 36352 ----a-w- C:\Windows\System32\imgutil.dll 2013-08-26 17:42:59 E0F76CC8056B6756D91ACF069175F075 116736 ----a-w- C:\Windows\System32\iepeers.dll 2013-08-26 17:42:59 DE7626C6B3DBFA754B98E0C5ED623FCE 151552 ----a-w- C:\Windows\System32\iexpress.exe 2013-08-26 17:42:59 CF9A5FB24CB98DFDEB7B9CDA12320070 61952 ----a-w- C:\Windows\System32\iesetup.dll 2013-08-26 17:42:59 CE54DE13D773ACA4AD2C41670789D6F2 126976 ----a-w- C:\Windows\System32\occache.dll 2013-08-26 17:42:59 C61A0337513A654CAE415FC0FE622CB4 86016 ----a-w- C:\Windows\System32\iesysprep.dll 2013-08-26 17:42:59 C5CEDA6C019B8F7B659491685CA8AD36 139264 ----a-w- C:\Windows\System32\wextract.exe 2013-08-26 17:42:59 C1E2BB164B8AA91B8CF87D14023FE9FD 111616 ----a-w- C:\Windows\System32\IEAdvpack.dll 2013-08-26 17:42:59 B170CFC8F6413E3B7925E043B4A5283B 61952 ----a-w- C:\Windows\System32\MshtmlDac.dll 2013-08-26 17:42:59 B092FA149E09151B7F9CFB1D5FEED7A3 190464 ----a-w- C:\Windows\System32\ie4uinit.exe 2013-08-26 17:42:59 A60867F57403A52F4F67C80EBB2F4E04 48640 ----a-w- C:\Windows\System32\mshtmler.dll 2013-08-26 17:42:59 A1044D0CFABCB3B20A13B51165DAA252 675840 ----a-w- C:\Windows\System32\ieapfltr.dll 2013-08-26 17:42:59 9F337A820115196DF96DA78F19966F33 367104 ----a-w- C:\Windows\System32\dxtmsft.dll 2013-08-26 17:42:59 9D6538DCA4C222AA0FCE14CDBAF13097 13312 ----a-w- C:\Windows\System32\mshta.exe 2013-08-26 17:42:59 95DB51033CB29C40CE91672295AD8CF8 639488 ----a-w- C:\Windows\System32\jsIntl.dll 2013-08-26 17:42:59 8D5664644004CE31C35FD0977AD330FA 2154496 ----a-w- C:\Windows\System32\iertutil.dll 2013-08-26 17:42:59 8CDBF369EFD4F5528CDC8B8F31E21E73 3584 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2013-08-26 17:42:59 827472E84471E6D3C98A32B857423E9A 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2013-08-26 17:42:59 7F26F3058FB12BBADAF40E5725ACF422 645120 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2013-08-26 17:42:59 7BDCD87FF4AEE2EE5632C1833F89CAA8 233472 ----a-w- C:\Windows\System32\url.dll 2013-08-26 17:42:59 78680B4DABE52EBCD321AAF5079A4894 43008 ----a-w- C:\Windows\System32\msfeedsbs.dll 2013-08-26 17:42:59 750C874339ABB62C1C25171DCFE63AF3 337408 ----a-w- C:\Windows\System32\html.iec 2013-08-26 17:42:59 63D0C4723AC57DF5ED138A25527CEA4D 1140224 ----a-w- C:\Windows\System32\urlmon.dll 2013-08-26 17:42:59 63CA000B30B0E0DF210EBE6684CC8DA1 193536 ----a-w- C:\Windows\System32\elshyph.dll 2013-08-26 17:42:59 615C75FF4AA4B482BD474031E192D73E 69632 ----a-w- C:\Windows\System32\mshtmled.dll 2013-08-26 17:42:59 607CBFAC4412874796ACB04AF8DF0EC8 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-08-26 17:42:59 5F253633E90C698B5DE3F08977104C95 56320 ----a-w- C:\Windows\System32\pngfilt.dll 2013-08-26 17:42:59 568931BEA3DD2BE39BCC01A1A0D9E4FE 164864 ----a-w- C:\Windows\System32\msrating.dll 2013-08-26 17:42:59 54DBDC4633870364C8799132784321D1 244224 ----a-w- C:\Windows\System32\dxtrans.dll 2013-08-26 17:42:59 54AAAC132ED14ED725198C0FE0BB5E33 32768 ----a-w- C:\Windows\System32\iernonce.dll 2013-08-26 17:42:59 547B98715A83A943C4D4CDD4BCA72AC2 1788928 ----a-w- C:\Windows\System32\wininet.dll 2013-08-26 17:42:59 5239B89FB61D9BE9699E2D918C43BDC9 892416 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2013-08-26 17:42:59 4D12FD9A956F3367503945378F4AC499 62464 ----a-w- C:\Windows\System32\tdc.ocx 2013-08-26 17:42:59 454805B7C6E650195E1A29C88AE2976C 4246528 ----a-w- C:\Windows\System32\jscript9.dll 2013-08-26 17:42:59 44534A31F1E14CE1D4665B63E57B8419 534528 ----a-w- C:\Windows\System32\jscript9diag.dll 2013-08-26 17:42:59 416B7D19EE64E278EDDA4342617D2205 24576 ----a-w- C:\Windows\System32\licmgr10.dll 2013-08-26 17:42:59 3E0D3BDA5515F5EF150967CFE952D24C 11086848 ----a-w- C:\Windows\System32\ieframe.dll 2013-08-26 17:42:59 3BF6EDFFB91B2EB902F90986699841A8 238408 ----a-w- C:\Windows\System32\iedkcs32.dll 2013-08-26 17:42:59 39CCF64B5F2A781C50ED3A29847AF066 183808 ----a-w- C:\Windows\System32\msls31.dll 2013-08-26 17:42:59 31F7373A009690A35C747656ACA6E198 444416 ----a-w- C:\Windows\System32\ieui.dll 2013-08-26 17:42:59 2F2BA57AF5B361C37CAA00EA4CE6490C 16985600 ----a-w- C:\Windows\System32\mshtml.dll 2013-08-26 17:42:59 2E2E91966C6AD38C783C51FC10BEC61E 609280 ----a-w- C:\Windows\System32\ieapfltr.dat 2013-08-26 17:42:59 2B1CC82D5397866121A7B95F58170978 612352 ----a-w- C:\Windows\System32\jscript.dll 2013-08-26 17:42:59 2B187D3A111761255CCD2EB3690FB441 12288 ----a-w- C:\Windows\System32\msfeedssync.exe 2013-08-26 17:42:59 2819C97B61213BEAAB09AA3D8F2864E7 43008 ----a-w- C:\Windows\System32\jsproxy.dll 2013-08-26 17:42:59 27175EB0654A722849807FCE882D870E 83456 ----a-w- C:\Windows\System32\inseng.dll 2013-08-26 17:42:59 1D055A7049B9BFA83B77178D8ED66D18 2724352 ----a-w- C:\Windows\System32\mshtml.tlb 2013-08-26 17:42:59 139194280FCC470BF3F2694BF948862E 454144 ----a-w- C:\Windows\System32\vbscript.dll 2013-08-26 17:42:59 075792738D2C5392D2D150F4E308F55B 207360 ----a-w- C:\Windows\System32\webcheck.dll 2013-08-26 17:42:59 032856F04B638061E305E14D94397951 69120 ----a-w- C:\Windows\System32\icardie.dll 2013-08-26 17:42:13 FB3F036EF6A467F7AF46C821FF5D198D 220160 ----a-w- C:\Windows\System32\d3d10core.dll 2013-08-26 17:42:13 E12C4928B32ACE04610259647F072635 906240 ----a-w- C:\Windows\System32\FntCache.dll 2013-08-26 17:42:13 D4F264FE23F8953D840904418220C15E 293376 ----a-w- C:\Windows\System32\dxgi.dll 2013-08-26 17:42:13 D4212AB475A3B25EC4DF574536C3EDC5 249856 ----a-w- C:\Windows\System32\d3d10_1core.dll 2013-08-26 17:42:13 C7A730AFB80B11F93EFC81B1D6F920D7 364544 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-08-26 17:42:13 B3170CCC779B682C3341873EA60CF084 1988096 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-08-26 17:42:13 9FF8F684BACF326082E5562F7C104A79 3419136 ----a-w- C:\Windows\System32\d2d1.dll 2013-08-26 17:42:13 8B285BDAB7735FDFB18E6F7122923B77 187392 ----a-w- C:\Windows\System32\UIAnimation.dll 2013-08-26 17:42:13 8504944851DF6175CC489A8F3328459E 1080832 ----a-w- C:\Windows\System32\d3d10.dll 2013-08-26 17:42:13 6A7B5A3EFCCDB53DA41CF6838056990F 1158144 ----a-w- C:\Windows\System32\XpsPrint.dll 2013-08-26 17:42:13 6A13B4F3B3F575F1E24B877B9359AABA 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-08-26 17:42:13 6951562DC4625EEFC6EACD52AD165866 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-08-26 17:42:13 62A6EB5771580CAE445804389F3F7432 207872 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2013-08-26 17:42:13 60F4AEFA103D421EA4A40E31409B4756 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-08-26 17:42:13 600A65F922CCDCBB2D11467914241556 2284544 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-08-26 17:42:13 589CBC4989F750E1DA35625AB481CF43 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-08-26 17:42:13 545F1BAAADD0BF1F4FE4586293FCA07D 417792 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-08-26 17:42:13 4FF3EC04CD47DD62181894B71B004E40 604160 ----a-w- C:\Windows\System32\d3d10level9.dll 2013-08-26 17:42:13 49ACA548B2423F1C67898E6AC719A9A6 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-08-26 17:42:13 4277F5164DE9B7C665BB928B9145BEE0 1247744 ----a-w- C:\Windows\System32\DWrite.dll 2013-08-26 17:42:13 3C1936A12C62254F914A01BBC6A8DC69 161792 ----a-w- C:\Windows\System32\d3d10_1.dll 2013-08-26 17:42:13 3BE0D923AA45A4DBE091C2D84F0B4FE7 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-08-26 17:42:13 3BCECD87AB4E6743BFB45B352AD1A529 1230336 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-08-26 17:42:13 2E33DFD10F28F86C3FC40EE123CC3904 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-08-26 17:42:13 1C60E09CA1C3A045BC4D367F67C915B7 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-08-26 17:42:13 007863E45F25AA47A4C30D0930BBFD85 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-08-22 09:10:19 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\System32\crypt32.dll 2013-08-22 09:10:19 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-08-22 09:10:19 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\Windows\System32\cryptnet.dll 2013-08-22 09:10:19 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\System32\wintrust.dll 2013-08-22 09:10:02 58F67245D041FBE7AF88F4EAF79DF0FA 499712 ----a-w- C:\Windows\System32\iphlpsvc.dll 2013-08-22 09:10:02 5078492B9CAC9CB721698DB51F039035 175104 ----a-w- C:\Windows\System32\netcorehc.dll 2013-08-22 09:10:02 374071043F9E4231EE43BE2BB48DD36D 242176 ----a-w- C:\Windows\System32\nlasvc.dll 2013-08-22 09:10:02 140D9F911182357626165EA0BEB98C4F 156672 ----a-w- C:\Windows\System32\ncsi.dll 2013-08-22 09:10:01 50E0DD0A5B8D8BC353578F2F73926697 52224 ----a-w- C:\Windows\System32\nlaapi.dll 2013-08-22 09:10:00 23FC8068953C9BE2D63AE4EF1129112A 18944 ----a-w- C:\Windows\System32\netevent.dll 2013-08-22 09:09:47 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-08-22 09:09:16 0D52559AEF4AA5EAC82F530617032283 903168 ----a-w- C:\Windows\System32\certutil.exe 2013-08-22 09:09:14 CC917AC4D3F8756FF13174980B474791 43008 ----a-w- C:\Windows\System32\certenc.dll 2013-08-22 09:09:04 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-08-22 09:09:03 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2013-08-22 09:08:59 113B224CA1F55673C410A91D986D2276 1289096 ----a-w- C:\Windows\System32\ntdll.dll 2013-08-22 09:08:55 FC415B303B1ECF80B5F130A1F7203D02 492544 ----a-w- C:\Windows\System32\win32spl.dll 2013-08-22 09:08:55 6DE66FE7C526637E74CD066461C7C871 1505280 ----a-w- C:\Windows\System32\d3d11.dll 2013-08-22 09:08:53 45FBAFFA68CBC29AC2563985CEE72B9C 24576 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-08-22 09:08:51 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-08-22 09:08:49 EF71BA5DF59034962B0C62314A71351A 193536 ----a-w- C:\Windows\System32\dhcpcore6.dll 2013-08-22 09:08:49 81F6C1AE23B1C493D9E996C3103915D7 44032 ----a-w- C:\Windows\System32\dhcpcsvc6.dll 2013-08-22 09:08:34 5A043BDA3BFADD5B4C16F3BDE5EC4312 652800 ----a-w- C:\Windows\System32\rpcrt4.dll 2013-08-22 09:07:45 4D52150FC35E333F6CBBB6B6E6D9366D 2347520 ----a-w- C:\Windows\System32\win32k.sys 2013-08-22 09:07:40 565D78187494FB5F08B5A52DEB2AEA7A 12872704 ----a-w- C:\Windows\System32\shell32.dll 2013-08-22 09:07:39 EACFDF31921F51C097629F1F3C9129B4 47104 ----a-w- C:\Windows\System32\appinfo.dll 2013-08-22 09:07:39 E904178851A6A44BFA97E064EF779E9D 1796096 ----a-w- C:\Windows\System32\authui.dll 2013-08-22 09:07:39 B0BC447C758FF055D53FC6831FDB0344 101720 ----a-w- C:\Windows\System32\consent.exe 2013-08-22 09:07:39 1F05F5A16881CD928C82D53CEFCF4477 180224 ----a-w- C:\Windows\System32\shdocvw.dll 2013-08-22 09:07:33 DA8AAF7E56F698608A89542131F74818 40960 ----a-w- C:\Windows\System32\wwanprotdim.dll 2013-08-22 09:07:33 72E953215CADE1A726C04AAFDF6B463D 49152 ----a-w- C:\Windows\System32\taskhost.exe 2013-08-22 09:07:33 674EB817CF6E43B7DF3EC26E06E98D98 509440 ----a-w- C:\Windows\System32\qedit.dll 2013-08-22 09:07:33 3C5E51C05BE9B56EAFF4E388C3AB25E4 186368 ----a-w- C:\Windows\System32\wwansvc.dll 2013-08-22 08:26:36 C9BB421982248E7AB9610AA9887C6331 268352 ----a-w- C:\Windows\System32\FNTCACHE.DAT 2013-08-22 08:15:03 786B9C958A4F217322C24C736263C51F 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe ====== C:\Windows\system32\drivers ===== 2013-08-22 09:10:01 3EEBD3BD93DA46A26E89893C7AB2FF3B 35328 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2013-08-22 09:08:35 ED80D303102A746D30C1684B387BCBF1 33280 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys 2013-08-22 09:08:35 8C9C922D71F1CD4DEF73F186416B7896 712048 ----a-w- C:\Windows\System32\drivers\ndis.sys 2013-08-22 09:08:35 16498EBC04AE9DD07049A8884B205C05 728424 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-08-22 09:08:34 E405328A0E38BF823E2361C413283F6D 218984 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-08-22 09:08:32 4E8B9BE71B807B3BAEDB7F4243F85E3C 1293760 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-08-22 08:46:15 B37B08F2E5EEB1A37E448E09BACE1101 31232 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2013-08-13 07:40:04 FD1D6C73E6333BE727CBCC6054247654 52224 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys 2013-08-13 07:39:45 CB7A9ABB12B8415BCE5D74994C7BA3AE 233344 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2013-08-13 07:39:45 0C4E035C7F105F1299258C90886C64C5 14208 ----a-w- C:\Windows\System32\drivers\hwpolicy.sys 2013-08-13 07:39:11 F497F67932C6FA693D7DE2780631CFE7 245632 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2013-08-13 07:39:04 871917B07A141BFF43D76D8844D48106 513536 ----a-w- C:\Windows\System32\drivers\http.sys 2013-08-13 07:39:02 CEB46AB7C01C9F825F8CC6BABC18166A 115712 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2013-08-13 07:39:01 1B133875B8AA8AC48969BD3458AFE9F5 164864 ----a-w- C:\Windows\System32\drivers\1394ohci.sys 2013-08-13 07:38:56 D528BC58A489409BA40334EBF96A311B 242688 ----a-w- C:\Windows\System32\drivers\rdbss.sys 2013-08-13 07:38:56 55055F8AD8BE27A64C831322A780A228 116096 ----a-w- C:\Windows\System32\drivers\msdsm.sys 2013-08-13 07:38:51 673E55C3498EB970088E812EA820AA8F 153984 ----a-w- C:\Windows\System32\drivers\pci.sys 2013-08-13 07:38:47 04DBF4B01EA4BF25A9A3E84AFFAC9B20 53120 ----a-w- C:\Windows\System32\drivers\termdd.sys 2013-08-13 07:38:46 05D860DA1040F111503AC416CCEF2BCA 85376 ----a-w- C:\Windows\System32\drivers\sbp2port.sys 2013-08-13 07:38:41 5461686CCA2FDA57B024547733AB42E3 160128 ----a-w- C:\Windows\System32\drivers\vhdmp.sys 2013-08-13 07:38:40 012C5F4E9349E711E11E0F19A8589F0A 28032 ----a-w- C:\Windows\System32\drivers\msahci.sys 2013-08-13 07:38:36 CEA80C80BED809AA0DA6FEBC04733349 274304 ----a-w- C:\Windows\System32\drivers\acpi.sys 2013-08-13 07:38:35 EE43346C7E4B5E63E54F927BABBB32FF 246784 ----a-w- C:\Windows\System32\drivers\udfs.sys 2013-08-13 07:38:30 4C63E00F2F4B5F86AB48A58CD990F212 53120 ----a-w- C:\Windows\System32\drivers\volmgr.sys 2013-08-13 07:38:26 280122DDCF04B378EDD1AD54D71C1E54 187904 ----a-w- C:\Windows\System32\drivers\netbt.sys 2013-08-13 07:38:23 4B55C9F9A93B3BFD01ED7366EB0B9D2E 132992 ----a-w- C:\Windows\System32\drivers\ataport.sys 2013-08-13 07:38:18 2D699FB6E89CE0D8DA14ECC03B3EDFE0 130432 ----a-w- C:\Windows\System32\drivers\mpio.sys 2013-08-13 07:38:15 FC8771F45ECCCFD89684E38842539B9B 78208 ----a-w- C:\Windows\System32\drivers\mountmgr.sys 2013-08-13 07:38:11 099972E1FAF4950D3994FBAB9DD21253 140160 ----a-w- C:\Windows\System32\drivers\scsiport.sys 2013-08-13 07:38:05 518395321DC96FE2C9F0E96AC743B656 173440 ----a-w- C:\Windows\System32\drivers\rdyboost.sys 2013-08-13 07:37:56 5DCEF0C32BE0F33277326586FA503689 190976 ----a-w- C:\Windows\System32\drivers\ks.sys 2013-08-13 07:37:49 931A1DF1520ABC6E84BA4A75E6957025 55808 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2013-08-13 07:37:35 B459575348C20E8121D6039DA063C704 74752 ----a-w- C:\Windows\System32\drivers\tdx.sys 2013-08-13 07:37:26 A4BDC541E69674FBFF1A8FF00BE913F2 48640 ----a-w- C:\Windows\System32\drivers\ndproxy.sys 2013-08-13 07:37:05 906DCFC5EBF4EC0433F8D4FFFB0BA334 117760 ----a-w- C:\Windows\System32\drivers\rmcast.sys 2013-08-13 07:36:43 D8A65DAFB3EB41CBB622745676FCD072 46080 ----a-w- C:\Windows\System32\drivers\ndisuio.sys 2013-08-13 07:36:33 2F885864D5BC8A16C86BEE595969A48A 21504 ----a-w- C:\Windows\System32\drivers\tdi.sys 2013-08-13 07:36:32 CBE8C58A8579CFE5FCCF809E6F114E89 31232 ----a-w- C:\Windows\System32\drivers\CompositeBus.sys 2013-08-13 07:36:32 1A078C3FE1C1F9C8561CD600C69AD300 26112 ----a-w- C:\Windows\System32\drivers\usbrpm.sys 2013-08-13 07:36:27 BE167ED0FDB9C1FA1133953C18D5A6C9 108544 ----a-w- C:\Windows\System32\drivers\cdrom.sys 2013-08-13 07:36:24 F024449C97EC1E464AAFFDA18593DB88 78336 ----a-w- C:\Windows\System32\drivers\dfsc.sys 2013-08-13 07:36:24 B2FA25D9B17A68BB93D58B0556E8C90D 108544 ----a-w- C:\Windows\System32\drivers\tunnel.sys 2013-08-13 07:36:21 1EFBC664ABFF416D1D07DB115DCB264F 10240 ----a-w- C:\Windows\System32\drivers\acpipmi.sys 2013-08-13 07:36:19 38FBE267E7E6983311179230FACB1017 118784 ----a-w- C:\Windows\System32\drivers\ndiswan.sys 2013-08-13 07:36:17 10C19F8290891AF023EAEC0832E1EB4D 24064 ----a-w- C:\Windows\System32\drivers\hidusb.sys 2013-08-13 07:36:16 AEA177F783E20150ACE5383EE368DA19 50176 ----a-w- C:\Windows\System32\drivers\appid.sys 2013-08-13 07:36:14 4BD7134618C1D2A27466A099062547BF 65536 ----a-w- C:\Windows\System32\drivers\IPMIDrv.sys 2013-08-13 07:36:13 FD82D2B38C465A55C527E339BA1201B1 25856 ----a-w- C:\Windows\System32\drivers\USBCAMD.sys 2013-08-13 07:36:13 E071E5BE621FEC4590117C488A78AE32 25856 ----a-w- C:\Windows\System32\drivers\USBCAMD2.sys 2013-08-13 07:36:13 9E3CED91863E6EE98C24794D05E27A71 28160 ----a-w- C:\Windows\System32\drivers\kbdhid.sys 2013-08-13 07:36:12 D295BED4B898F0FD999FCFA9B32B071B 39936 ----a-w- C:\Windows\System32\drivers\umbus.sys 2013-08-13 07:36:12 3C3C78515F5AB448B022BDF5B8FFDD2E 63488 ----a-w- C:\Windows\System32\drivers\wanarp.sys 2013-08-13 07:36:11 9036377B8A6C15DC2EEC53E489D159B5 108544 ----a-w- C:\Windows\System32\drivers\hdaudbus.sys 2013-08-13 07:36:11 6D4CCAEDC018F1CF52866BBBAA235982 12800 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys 2013-08-13 07:36:10 23DAE03F29D253AE74C44F99E515F9A1 6656 ----a-w- C:\Windows\System32\drivers\RDPCDD.sys 2013-08-13 07:36:10 0693B5EC673E34DC147E195779A4DCF6 26624 ----a-w- C:\Windows\System32\drivers\scfilter.sys 2013-08-13 06:52:44 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-08-12 18:00:12 F92DE757E4B7CE9C07C5E65423F3AE3B 43008 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-08-12 18:00:12 E185D44FAC515A18D9DEDDC23C2CDF44 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-08-12 18:00:12 BD9C55D7023C5DE374507ACC7A14E2AC 75776 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-08-12 18:00:12 8DC94AEC6A7E644A06135AE7506DC2E9 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-08-12 18:00:12 68DF884CF41CDADA664BEB01DAF67E3D 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-08-12 18:00:12 5787196F32D043572EC6565C0EF1B8E0 5888 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-08-12 18:00:12 3AA940AA9AC3055FE32FF2D3D20CCD28 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-08-12 18:00:06 4380E59A170D88C4F1022EFF6719A8A4 143744 ----a-w- C:\Windows\System32\drivers\nvstor.sys 2013-08-12 18:00:05 B3E25EE28883877076E0E1FF877D02E0 117120 ----a-w- C:\Windows\System32\drivers\nvraid.sys 2013-08-12 18:00:04 F991AB9CC6B908DB552166768176896A 76288 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2013-08-12 18:00:04 EF3D32464EBBB10449465C8CAB57CA19 148864 ----a-w- C:\Windows\System32\drivers\storport.sys 2013-08-12 18:00:04 D320BF87125326F996D4904FE24300FC 80256 ----a-w- C:\Windows\System32\drivers\amdsata.sys 2013-08-12 18:00:04 5CD5F9A5444E6CDCB0AC89BD62D8B76E 332160 ----a-w- C:\Windows\System32\drivers\iaStorV.sys 2013-08-12 18:00:04 46387FB17B086D16DEA267D5BE23A2F2 22400 ----a-w- C:\Windows\System32\drivers\amdxata.sys 2013-08-12 01:19:17 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2013-08-12 01:19:14 A840213F1ACDCC175B4D1D5AAEAC0D7A 526952 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-08-12 01:19:14 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2013-08-12 01:17:48 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2013-08-12 01:17:48 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2013-08-12 01:17:45 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2013-08-12 01:16:21 7DAE5EBCC80E45D3253F4923DC424D05 19824 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2013-08-12 00:39:08 FAF091AA45A6A6CF3CF94FE065950956 175 ----a-w- C:\Windows\System32\drivers\aswSnx.sys.sum 2013-08-12 00:39:08 3FFBEE694566CADB0A64D8A1ACD7DBCE 175 ----a-w- C:\Windows\System32\drivers\aswSP.sys.sum 2013-08-12 00:39:08 22EA82FFE8CA4965C1994F24C35DC202 175 ----a-w- C:\Windows\System32\drivers\aswVmm.sys.sum 2013-08-12 00:39:06 937300BC7C4CDF7576BCCE44E19BBB9D 369584 ----a-w- C:\Windows\System32\drivers\aswSP.sys 2013-08-12 00:39:06 4AF5F360BA1E8794D32B366E45A64A0A 29816 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys 2013-08-12 00:39:05 FFE9A993B3EC2908FECB1DF2C39148BB 61680 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-08-12 00:39:05 1F71F170D90E42EFDE9633D81D5E12DC 56080 ----a-w- C:\Windows\System32\drivers\aswTdi.sys 2013-08-12 00:39:04 CCD565A8A72AF7D45F9A242013870926 770344 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-08-12 00:39:04 B680134BA1813B78B47FDD1DFF223CA5 49376 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-08-12 00:39:04 8CFAA2B965773A653F48F1207A9CB9C4 175176 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-08-12 00:39:03 1F7094D4268D46F718C51286DC189791 66336 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-08-12 00:12:00 B9BB8E2093C1615AD6EA55AD96214354 27192 ----a-w- C:\Windows\System32\drivers\revoflt.sys 2013-08-11 21:56:40 5E43D2B0EE64123D4880DFA6626DEFDE 1211752 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-08-11 21:56:37 E4C2764065D66EA1D2D3EBC28FE99C46 311808 ----a-w- C:\Windows\System32\drivers\srv.sys 2013-08-11 21:56:37 BE6BD660CAA6F291AE06A718A4FA8ABC 114688 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2013-08-11 21:56:37 03F0545BD8D4C77FA0AE1CEEDFCC71AB 310272 ----a-w- C:\Windows\System32\drivers\srv2.sys 2013-08-11 21:56:36 9EBBBA55060F786F0FCAA3893BFA2806 338944 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-08-11 21:56:35 FE8A57C8E04EDD3AA8ADD8F3C8F65297 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-08-11 21:55:53 E306A24D9694C724FA2491278BF50FDB 196328 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2013-08-11 21:55:05 F031683E6D1FEA157ABB2FF260B51E61 183808 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2013-08-11 21:54:59 D30159AC9237519FBC62C6EC247D2D46 134000 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2013-08-11 21:54:59 B7895B4182C0D16F6EFADEB8081E8D36 67440 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2013-08-11 21:54:59 247B4CE2DAB1160CD422D532D5241E1F 369336 ----a-w- C:\Windows\System32\drivers\cng.sys 2013-08-11 21:54:52 B81F204D146000BE76651A50670A5E9E 96768 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2013-08-11 21:54:52 6D17A4791ACA19328C685D256349FEFC 223744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2013-08-11 21:54:52 5D16C921E3671636C0EBA3BBAAC5FD25 123904 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2013-08-11 21:54:17 AAB149EE616952BB84308C28E75ED20D 187752 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-08-11 21:54:17 776FCEFE2CD27C442DF66D3F3535078D 240496 ----a-w- C:\Windows\System32\drivers\netio.sys 2013-08-11 21:52:08 3F34A1B4C5F6475F320C275E63AFCE9B 56176 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2013-08-11 21:51:45 D0F0D7A97C90FE72A79732812E65F822 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2013-08-11 21:51:45 8F2DA3028D5FCBD1A060A3DE64CD6506 69632 ----a-w- C:\Windows\System32\drivers\bowser.sys 2013-08-11 21:39:26 2C2C5AFE7EE4F620D69C23C0617651A8 24576 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2013-08-11 21:39:26 1CB91B2BD8F6DD367DFC2EF26FD751B2 18432 ----a-w- C:\Windows\System32\drivers\tdpipe.sys 2013-08-11 21:19:22 51ADEF77E4C929535FD50DA153774E79 579072 ----a-r- C:\Windows\System32\drivers\rtl8192su.sys 2013-08-11 21:15:31 0516998076AD894AE7E362C3110AA071 267880 ----a-w- C:\Windows\System32\drivers\Rt86win7.sys 2013-08-11 21:09:27 DC86631461122F6E06B471B68CB17FFC 18 ------r- C:\Windows\System32\drivers\VERSION.DAT 2013-08-11 21:09:22 4BE85CF5831A41104C2DDED55FBC3565 3114024 ----a-w- C:\Windows\System32\drivers\RTKVHDA.sys 2013-08-11 21:07:35 26541A068572F650A2FA490726FE81BE 435736 ----a-w- C:\Windows\System32\drivers\iaStor.sys 2013-08-11 20:32:11 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf ====== C:\Windows\Tasks ====== 2013-08-13 09:16:59 D294353C7FC38190DD2336F61C626891 2588 ----a-w- C:\Windows\system32\Tasks\GlaryInitialize 2013-08-13 09:16:59 806F7E72FF30E1F98E253DAC34E3979E 310 ----a-w- C:\Windows\Tasks\GlaryInitialize.job 2013-08-13 07:12:49 33FBA688165E5E8B0267F3FE18ABDE19 3082 ----a-w- C:\Windows\system32\Tasks\ASC6_PerformanceMonitor 2013-08-12 00:39:09 9F5B90390AF042AB578CE94AA22C1B5C 4046 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2013-08-12 00:39:09 9207049225159E2ABD4890691884ABC9 1040 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-12 00:39:08 372244D95479EA799E2819E49F082905 3794 ----a-w- C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2013-08-12 00:39:08 08FD8560E823680AA03A1796ABC1B422 1036 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-12 00:39:03 1703CBDA09C8B8F9389AD3B9B44A104B 4182 ----a-w- C:\Windows\system32\Tasks\avast! Emergency Update ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-08-30 13:50:55 -------- d-----w- C:\Program Files\RegCompact.NET 2013-08-27 09:55:50 -------- d-----w- C:\Program Files\Common Files\DVDVideoSoft 2013-08-27 09:55:47 -------- d-----w- C:\Program Files\DVDVideoSoft 2013-08-27 08:05:42 -------- d-----w- C:\Program Files\Trend Micro 2013-08-21 17:37:23 -------- d-----w- C:\Program Files\Mozilla Maintenance Service 2013-08-19 18:24:08 -------- d-----w- C:\Program Files\Expat Shield 2013-08-15 11:35:06 -------- d-----w- C:\Program Files\EaseUS 2013-08-15 08:03:37 -------- d-----w- C:\Program Files\Common Files\Adobe 2013-08-15 08:03:37 -------- d-----w- C:\Program Files\Adobe 2013-08-15 07:57:57 -------- d-----w- C:\Program Files\Mediafour 2013-08-14 10:30:51 -------- d-----w- C:\Program Files\Freemake 2013-08-14 09:24:14 -------- d-----w- C:\Program Files\Microsoft Expression 2013-08-14 09:11:46 -------- d-----w- C:\Program Files\Exact Audio Copy 2013-08-13 17:19:07 -------- d-----w- C:\Program Files\Griffith 2013-08-13 15:45:31 -------- d-----w- C:\Program Files\Nitro 2013-08-13 15:45:31 -------- d-----w- C:\Program Files\Common Files\Nitro 2013-08-13 13:45:47 -------- d-----w- C:\Program Files\SoulseekQt 2013-08-13 13:44:34 -------- d-----w- C:\Program Files\SoulseekNS 2013-08-13 13:13:22 -------- d-----w- C:\Program Files\MediaMonkey 2013-08-13 10:29:08 -------- d-----w- C:\Program Files\CDBurnerXP 2013-08-13 10:03:00 -------- d-----w- C:\Program Files\ImgBurn 2013-08-13 09:45:32 -------- d-----w- C:\Program Files\Speccy 2013-08-13 09:43:16 -------- d-----w- C:\Program Files\LopeSoft 2013-08-13 09:32:46 -------- d-----w- C:\Program Files\Common Files\Innovative Solutions 2013-08-13 09:32:43 -------- d-----w- C:\Program Files\Innovative Solutions 2013-08-13 09:27:06 -------- d-----w- C:\Program Files\PrivaZer 2013-08-13 09:22:56 -------- d-----w- C:\Program Files\FileHippo.com 2013-08-13 09:20:10 -------- d-----w- C:\Program Files\Magical Jelly Bean 2013-08-13 09:18:59 -------- d-----w- C:\Program Files\K-Lite Codec Pack 2013-08-13 09:18:46 -------- d-----w- C:\Program Files\Free Opener 2013-08-13 09:16:52 -------- d-----w- C:\Program Files\Glary Utilities 2013-08-13 06:51:09 -------- d-----w- C:\Program Files\IObit 2013-08-12 17:54:07 -------- d-----w- C:\Program Files\Recuva 2013-08-12 10:13:03 -------- d-----w- C:\Program Files\Calibre2 2013-08-12 00:39:06 -------- d-----w- C:\Program Files\Google 2013-08-12 00:12:00 -------- d-----w- C:\Program Files\VS Revo Group 2013-08-11 23:51:00 -------- d-----w- C:\Program Files\SRS Labs 2013-08-11 23:25:29 -------- d-----w- C:\Program Files\AllMyBooks 2013-08-11 23:13:03 -------- d-----w- C:\Program Files\Evernote 2013-08-11 22:54:57 -------- d-----w- C:\Program Files\MozBackup 2013-08-11 22:21:50 -------- d-----w- C:\Program Files\Windows Live 2013-08-11 22:18:06 -------- d-----w- C:\Program Files\Microsoft.NET 2013-08-11 22:11:51 -------- d-----w- C:\Program Files\Common Files\Windows Live 2013-08-11 21:22:14 -------- d-----w- C:\Program Files\Renesas Electronics 2013-08-11 21:19:16 -------- d-----w- C:\Program Files\REALTEK 11n USB Wireless LAN Driver 2013-08-11 21:12:25 -------- d-----w- C:\Program Files\ATI 2013-08-11 21:09:20 -------- d-----w- C:\Program Files\Realtek 2013-08-11 21:09:12 -------- d-----w- C:\Program Files\Common Files\InstallShield 2013-08-11 21:07:34 -------- d--h--w- C:\Program Files\InstallShield Installation Information 2013-08-11 21:07:34 -------- d-----w- C:\Program Files\Intel ======= C: ===== 2013-08-13 08:32:03 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\asc_rdflag 2013-08-08 12:11:14 5062494197ED6ACE2DD0A5DDD5135BB7 8192 ----a-w- C:\wubildr.mbr 2013-08-08 12:11:14 228590E15F4A8BEF48A0C1C383C98A80 153084 ----a-w- C:\wubildr ====== C:\Users\rudy\AppData\Roaming ====== 2013-08-30 13:50:58 DDFD5FCC909BC97BE08811A68A018D4E 92 ----a-w- C:\users\rudy\AppData\Local\fusioncache.dat 2013-08-30 13:50:55 -------- d-----w- C:\users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegCompact.NET 2013-08-30 13:26:39 -------- d-----w- C:\users\Public\AppData\Local\temp 2013-08-30 13:26:39 -------- d-----w- C:\users\Default\AppData\Local\temp 2013-08-30 13:26:39 -------- d-----w- C:\users\Default User\AppData\Local\temp 2013-08-30 13:20:25 -------- d-----w- C:\users\rudy\AppData\Local\temp 2013-08-27 09:54:16 -------- d-----w- C:\users\rudy\AppData\Roaming\DVDVideoSoft 2013-08-22 08:25:15 59E27F22D2477756E1ED91F7230FB7D1 58016 ----a-w- C:\users\rudy\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-15 08:06:24 -------- d-----w- C:\users\rudy\AppData\Locallow\Adobe 2013-08-15 08:02:40 -------- d-----w- C:\users\rudy\AppData\Local\Adobe 2013-08-14 10:31:01 -------- d-----w- C:\users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2013-08-14 10:26:42 -------- d-----w- C:\users\rudy\AppData\Roaming\xrecode2 2013-08-13 17:23:45 -------- d-----w- C:\users\rudy\AppData\Roaming\gtk-2.0 2013-08-13 17:19:40 -------- d-----w- C:\users\rudy\AppData\Roaming\griffith 2013-08-13 15:46:05 -------- d-----w- C:\users\rudy\AppData\Roaming\Nitro 2013-08-13 15:46:05 -------- d-----w- C:\users\rudy\AppData\Roaming\FileOpen 2013-08-13 15:43:53 -------- d-----w- C:\users\rudy\AppData\Roaming\Downloaded Installations 2013-08-13 14:44:47 -------- d-----w- C:\users\rudy\AppData\Locallow\Temp 2013-08-13 13:45:49 -------- d-----w- C:\users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoulseekQt 2013-08-13 13:44:35 -------- d-----w- C:\users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soulseek NS 2013-08-13 13:13:41 -------- d-----w- C:\users\rudy\AppData\Local\MediaMonkey 2013-08-13 13:13:30 -------- d-----w- C:\users\rudy\AppData\Roaming\MediaMonkey 2013-08-13 10:29:18 -------- d-----w- C:\users\rudy\AppData\Roaming\Canneverbe Limited 2013-08-13 10:17:55 -------- d-----w- C:\users\rudy\AppData\Roaming\EAC 2013-08-13 10:17:53 -------- d-----w- C:\users\rudy\AppData\Roaming\AccurateRip 2013-08-13 10:04:13 -------- d-----w- C:\users\rudy\AppData\Roaming\ImgBurn 2013-08-13 10:03:01 -------- d-----w- C:\users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn 2013-08-13 09:32:52 -------- d-----w- C:\users\rudy\AppData\Local\Innovative Solutions 2013-08-13 09:27:07 -------- d-----w- C:\users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer 2013-08-13 09:27:06 -------- d-----w- C:\users\rudy\AppData\Local\privazer 2013-08-13 09:16:52 -------- d-----w- C:\users\rudy\AppData\Roaming\Glarysoft 2013-08-13 07:48:11 0C4B1ACB72943D8D024DABD9CDC37F85 7605 ----a-w- C:\users\rudy\AppData\Local\Resmon.ResmonCfg 2013-08-13 07:12:23 -------- d-----w- C:\users\rudy\AppData\Roaming\Apple Computer 2013-08-13 07:12:23 -------- d-----w- C:\users\rudy\AppData\Locallow\IObit 2013-08-13 07:12:21 -------- d-----w- C:\users\rudy\AppData\Roaming\IObit 2013-08-12 17:54:11 -------- d-----w- C:\users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recuva 2013-08-12 10:13:42 -------- d-----w- C:\users\rudy\AppData\Roaming\calibre 2013-08-12 00:51:12 -------- d-----w- C:\users\rudy\AppData\Local\Microsoft Games 2013-08-12 00:43:30 -------- d-----w- C:\users\rudy\AppData\Roaming\TuneUp Software 2013-08-12 00:39:07 -------- d-----w- C:\users\rudy\AppData\Local\Google 2013-08-12 00:12:03 -------- d-----w- C:\users\rudy\AppData\Local\VS Revo Group 2013-08-12 00:11:46 -------- d-----w- C:\users\rudy\AppData\Local\Programs 2013-08-12 00:06:15 -------- d-----w- C:\users\rudy\AppData\Local\SRS Labs 2013-08-11 23:25:32 -------- d-----w- C:\users\rudy\AppData\Roaming\Obsidium 2013-08-11 23:13:26 -------- d-----w- C:\users\rudy\AppData\Locallow\Evernote 2013-08-11 23:13:26 -------- d-----w- C:\users\rudy\AppData\Local\Evernote 2013-08-11 22:30:38 -------- d-----w- C:\users\rudy\AppData\Roaming\Windows Live Writer 2013-08-11 22:30:38 -------- d-----w- C:\users\rudy\AppData\Local\Windows Live Writer 2013-08-11 22:12:22 -------- d-----w- C:\users\rudy\AppData\Local\Windows Live 2013-08-11 21:51:05 -------- d-----w- C:\users\rudy\AppData\Roaming\Adobe 2013-08-11 21:34:45 -------- d-----w- C:\users\rudy\AppData\Roaming\Mozilla 2013-08-11 21:34:45 -------- d-----w- C:\users\rudy\AppData\Local\Mozilla 2013-08-11 21:27:26 -------- d-----w- C:\users\rudy\AppData\Roaming\Intel Corporation 2013-08-11 21:27:14 -------- d-----w- C:\users\rudy\AppData\Roaming\ATI 2013-08-11 21:27:14 -------- d-----w- C:\users\rudy\AppData\Local\ATI 2013-08-11 21:23:57 -------- d-----w- C:\users\rudy\AppData\Local\Diagnostics 2013-08-11 21:07:33 -------- d-----w- C:\users\rudy\AppData\Roaming\InstallShield 2013-08-11 21:05:11 -------- d-----w- C:\users\rudy\AppData\Locallow\Microsoft 2013-08-11 20:59:23 -------- d-----r- C:\users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-08-11 20:59:23 -------- d-----r- C:\users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-08-11 20:59:03 -------- d-----w- C:\users\rudy\AppData\Roaming\Identities 2013-08-11 20:58:40 -------- d-----w- C:\users\rudy\AppData\Local\VirtualStore 2013-08-11 20:58:35 -------- d-sh--we C:\users\rudy\AppData\Local\Temporary Internet Files 2013-08-11 20:58:35 -------- d-sh--we C:\users\rudy\AppData\Local\Geschiedenis 2013-08-11 20:58:35 -------- d-sh--we C:\users\rudy\AppData\Local\Application Data 2013-08-11 20:58:35 -------- d-s---w- C:\users\rudy\AppData\Roaming\Microsoft 2013-08-11 20:58:35 -------- d-----w- C:\users\rudy\AppData\Roaming\Media Center Programs 2013-08-11 20:58:35 -------- d-----w- C:\users\rudy\AppData\Local\Microsoft 2013-08-11 20:58:35 -------- d-----r- C:\users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-08-11 20:58:35 -------- d-----r- C:\users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-08-11 20:58:13 -------- d-sh--we C:\users\Default\AppData\Local\Geschiedenis 2013-08-11 20:58:13 -------- d-sh--we C:\users\Default User\AppData\Local\Geschiedenis ====== C:\Users\rudy ====== 2013-08-30 13:50:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegCompact.NET 2013-08-28 19:18:04 -------- d-----w- C:\Users\Public\AppData 2013-08-28 10:26:46 F7AF924D0D951FF8F7B05AD2E4FF50D3 994642 ----a-w- C:\Users\rudy\Downloads\adwcleaner.exe 2013-08-27 09:56:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2013-08-27 09:53:58 194036FCF59C90F405B4F21F28B5F197 1080592 ----a-w- C:\Users\rudy\Downloads\FreeAudioConverter.exe 2013-08-27 09:23:08 8DE9F588DFB1641F2C0EA05BD4B60605 218 ----a-w- C:\Users\rudy\.recently-used.xbel 2013-08-27 08:26:02 A66B365579D8CEBD7F1D4D6B6F7F9373 10284816 ----a-w- C:\Users\rudy\Downloads\mbam-setup.exe 2013-08-26 17:38:16 7DF8AF5B6A24A9FF238B9311EC3082CD 29143368 ----a-w- C:\Users\rudy\Downloads\IE11-Windows6.1-x86-en-us.exe 2013-08-23 12:50:43 -------- d-----r- C:\Users\rudy\Saved Games 2013-08-22 08:24:52 10F4163F0EDDC031100180787D5F696F 347424 ----a-w- C:\Users\rudy\Downloads\MicrosoftFixit.wu.RNP.Run.exe 2013-08-21 17:36:36 BF1035FE20E6357EEC02967F9630F2B0 281728 ----a-w- C:\Users\rudy\Downloads\Firefox Setup Stub 23.0.1.exe 2013-08-21 16:58:12 4965F5CC6A9DC508E19A40911F88455F 22918416 ----a-w- C:\Users\rudy\Downloads\Firefox Setup 23.0.1.exe 2013-08-19 18:23:11 E28083629B874A4C4DE5AFF48838B2F7 6990832 ----a-w- C:\Users\rudy\Downloads\HSS-2.25-install-anchorfree-232-expatshield[1].exe 2013-08-19 18:21:32 1D275BCA9A36307E0360933E30A73F15 272072 ----a-w- C:\Users\rudy\Downloads\DM-232.exe 2013-08-19 18:12:15 E28083629B874A4C4DE5AFF48838B2F7 6990832 ----a-w- C:\Users\rudy\Downloads\HSS-2.25-install-anchorfree-232-expatshield.exe 2013-08-19 17:58:26 6C5681EBFC1CF0D2571BD232D2365C2A 8478184 ----a-w- C:\Users\rudy\Downloads\HSS-3.09-install-hss-409-conduit(1).exe 2013-08-19 17:57:22 6C5681EBFC1CF0D2571BD232D2365C2A 8478184 ----a-w- C:\Users\rudy\Downloads\HSS-3.09-install-hss-409-conduit.exe 2013-08-15 11:35:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.2.2 2013-08-15 08:03:22 -------- d-----w- C:\ProgramData\Adobe 2013-08-15 07:50:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter 2013-08-14 10:31:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2013-08-14 10:31:01 -------- d-----w- C:\ProgramData\Freemake 2013-08-14 09:24:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression 2013-08-14 09:11:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy 2013-08-13 17:30:49 1E0698C76D90CD1D98A56BA2052B6A92 64 ----a-w- C:\Users\rudy\.gtk-bookmarks 2013-08-13 16:42:49 -------- d-----w- C:\Users\rudy\Mail-save bij herinstall w7 2013-08-13 15:46:05 -------- d-----w- C:\ProgramData\FileOpen 2013-08-13 15:45:31 -------- d-----w- C:\ProgramData\Nitro 2013-08-13 14:10:16 -------- d-----w- C:\Users\rudy\Mijn ontvangen bestanden 2013-08-13 13:46:50 -------- d-----w- C:\ProgramData\Soulseek 2013-08-13 13:44:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soulseek NS 2013-08-13 13:13:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey 2013-08-13 13:13:25 -------- d-----w- C:\ProgramData\MediaMonkey 2013-08-13 10:29:18 -------- d-----w- C:\ProgramData\Canneverbe Limited 2013-08-13 09:43:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LopeSoft 2013-08-13 09:32:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller Free 2013-08-13 09:32:45 -------- d-----w- C:\ProgramData\Innovative Solutions 2013-08-13 09:20:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder 2013-08-13 09:18:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Opener 2013-08-13 09:16:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 2013-08-13 07:12:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6 2013-08-13 06:51:18 -------- d-----w- C:\ProgramData\IObit 2013-08-12 10:13:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management 2013-08-12 00:42:59 -------- d-----w- C:\ProgramData\TuneUp Software 2013-08-12 00:42:46 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2013-08-12 00:42:46 -------- d--h--w- C:\ProgramData\Common Files 2013-08-12 00:40:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2013-08-12 00:39:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus 2013-08-12 00:12:01 -------- d-----w- C:\ProgramData\VS Revo Group 2013-08-12 00:12:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2013-08-11 23:54:27 -------- d-----w- C:\ProgramData\SRS Labs 2013-08-11 23:51:15 -------- d-----w- C:\ProgramData\Real 2013-08-11 23:51:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs 2013-08-11 23:49:42 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\Users\rudy\ntuser.pol 2013-08-11 23:48:22 -------- d-----w- C:\ProgramData\TEMP 2013-08-11 23:25:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bolide Software 2013-08-11 23:22:25 -------- d-----w- C:\ProgramData\explauncher 2013-08-11 23:13:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote 2013-08-11 22:54:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup 2013-08-11 21:34:26 -------- d-----w- C:\ProgramData\Mozilla 2013-08-11 21:27:14 -------- d-----w- C:\ProgramData\ATI 2013-08-11 21:22:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics 2013-08-11 21:21:27 -------- d-----w- C:\ProgramData\Downloaded Installations 2013-08-11 21:13:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center 2013-08-11 21:07:58 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2013-08-11 20:59:23 -------- d-----r- C:\Users\rudy\Searches 2013-08-11 20:58:58 -------- d-----r- C:\Users\rudy\Contacts 2013-08-11 20:58:35 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\rudy\ntuser.ini 2013-08-11 20:58:35 -------- d-sh--we C:\Users\rudy\Sjablonen 2013-08-11 20:58:35 -------- d-sh--we C:\Users\rudy\SendTo 2013-08-11 20:58:35 -------- d-sh--we C:\Users\rudy\Recent 2013-08-11 20:58:35 -------- d-sh--we C:\Users\rudy\Netwerkprinteromgeving 2013-08-11 20:58:35 -------- d-sh--we C:\Users\rudy\NetHood 2013-08-11 20:58:35 -------- d-sh--we C:\Users\rudy\Mijn documenten 2013-08-11 20:58:35 -------- d-sh--we C:\Users\rudy\Menu Start 2013-08-11 20:58:35 -------- d-sh--we C:\Users\rudy\Local Settings 2013-08-11 20:58:35 -------- d-sh--we C:\Users\rudy\Cookies 2013-08-11 20:58:35 -------- d-sh--we C:\Users\rudy\Application Data 2013-08-11 20:58:35 -------- d--h--w- C:\Users\rudy\AppData 2013-08-11 20:58:35 -------- d-----r- C:\Users\rudy\Videos 2013-08-11 20:58:35 -------- d-----r- C:\Users\rudy\Pictures 2013-08-11 20:58:35 -------- d-----r- C:\Users\rudy\Music 2013-08-11 20:58:35 -------- d-----r- C:\Users\rudy\Links 2013-08-11 20:58:35 -------- d-----r- C:\Users\rudy\Favorites 2013-08-11 20:58:35 -------- d-----r- C:\Users\rudy\Downloads 2013-08-11 20:58:35 -------- d-----r- C:\Users\rudy\Documents 2013-08-11 20:58:35 -------- d-----r- C:\Users\rudy\Desktop 2013-08-11 20:58:14 -------- d-sh--we C:\ProgramData\Sjablonen 2013-08-11 20:58:14 -------- d-sh--we C:\ProgramData\Menu Start 2013-08-11 20:58:14 -------- d-sh--we C:\ProgramData\Favorieten 2013-08-11 20:58:14 -------- d-sh--we C:\ProgramData\Documenten 2013-08-11 20:58:14 -------- d-sh--we C:\ProgramData\Bureaublad 2013-08-11 20:58:13 -------- d-sh--we C:\Users\Default\Sjablonen 2013-08-11 20:58:13 -------- d-sh--we C:\Users\Default\Netwerkprinteromgeving 2013-08-11 20:58:13 -------- d-sh--we C:\Users\Default\Mijn documenten 2013-08-11 20:58:13 -------- d-sh--we C:\Users\Default\Menu Start ====== C: exe-files == 2013-08-30 14:50:48 592EDC5CC76B4B8CE2D9D9FB97E21B25 34513760 ----a-w- C:\Program Files\Google\Update\Install\{759BF38F-35D0-4D5E-806A-AC5D18DEDB6F}\29.0.1547.62_chrome_installer.exe 2013-08-30 14:50:47 592EDC5CC76B4B8CE2D9D9FB97E21B25 34513760 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.62\29.0.1547.62_chrome_installer.exe 2013-08-29 12:50:26 DC5C3A2292D011EF3BBF9D17BD28A54C 1194848 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.62\29.0.1547.62_29.0.1547.57_chrome_updater.exe 2013-08-28 19:03:31 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-08-28 19:03:31 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-08-28 19:03:31 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-08-28 19:03:31 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2013-08-28 19:03:31 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe 2013-08-28 10:26:46 F7AF924D0D951FF8F7B05AD2E4FF50D3 994642 ----a-w- C:\Users\rudy\Downloads\adwcleaner.exe 2013-08-27 09:56:10 4710F1DA954C01378DCD20C101B1FD60 6468376 ----a-w- C:\Program Files\Common Files\DVDVideoSoft\FreeStudioManager.exe 2013-08-27 09:56:05 0A1E087163AA25C9F6F4B17D0A9D814E 2045440 ----a-w- C:\Program Files\DVDVideoSoft\Free Audio Converter\FreeAudioConverter.exe 2013-08-27 09:56:01 F330AEEF34F027B875352BC48D5BD187 285240 ----a-w- C:\Program Files\Common Files\DVDVideoSoft\lib\ffmpeg.exe 2013-08-27 09:55:59 4D5A5B1642045F6058FA4B45EE9E8D40 243256 ----a-w- C:\Program Files\Common Files\DVDVideoSoft\lib\dvsservice.exe 2013-08-27 09:55:51 54E7E0BDD4CE604E5C3AC30AEA20602C 317952 ----a-w- C:\Program Files\Common Files\DVDVideoSoft\lib\Uninstall.exe 2013-08-27 09:55:50 F3E16313FAF115EA12D512C40F18437E 1176240 ----a-w- C:\Program Files\DVDVideoSoft\unins000.exe 2013-08-27 09:54:17 194036FCF59C90F405B4F21F28B5F197 1080592 ----a-w- C:\Users\rudy\AppData\Roaming\DVDVideoSoft\FreeAudioConverter.exe 2013-08-27 09:53:58 194036FCF59C90F405B4F21F28B5F197 1080592 ----a-w- C:\Users\rudy\Downloads\FreeAudioConverter.exe 2013-08-27 08:26:02 A66B365579D8CEBD7F1D4D6B6F7F9373 10284816 ----a-w- C:\Users\rudy\Downloads\mbam-setup.exe 2013-08-26 17:42:59 FAE68ED2E090D09938642F66D004B872 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-08-26 17:42:59 F47FF71033FD3F3C776CB6B579A13623 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-08-26 17:42:59 F0CA8B5121B02924A5C006750797097D 74240 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe 2013-08-26 17:42:59 DE7626C6B3DBFA754B98E0C5ED623FCE 151552 ----a-w- C:\Windows\System32\iexpress.exe 2013-08-26 17:42:59 DC034BD2F6BF12C1DF857174261983F7 467456 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2013-08-26 17:42:59 C5CEDA6C019B8F7B659491685CA8AD36 139264 ----a-w- C:\Windows\System32\wextract.exe 2013-08-26 17:42:59 B7E544DFAE205778A12A1BBC8B8FAA4B 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2013-08-26 17:42:59 B092FA149E09151B7F9CFB1D5FEED7A3 190464 ----a-w- C:\Windows\System32\ie4uinit.exe 2013-08-26 17:42:59 9D6538DCA4C222AA0FCE14CDBAF13097 13312 ----a-w- C:\Windows\System32\mshta.exe 2013-08-26 17:42:59 99C94C074B5A0E1F4547A571AC335B14 1389056 ----a-w- C:\Program Files\Internet Explorer\F12.exe 2013-08-26 17:42:59 7F26F3058FB12BBADAF40E5725ACF422 645120 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2013-08-26 17:42:59 70F2CC6345E7DB647D36ECB78C1E270F 25600 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe 2013-08-26 17:42:59 607CBFAC4412874796ACB04AF8DF0EC8 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-08-26 17:42:59 2B187D3A111761255CCD2EB3690FB441 12288 ----a-w- C:\Windows\System32\msfeedssync.exe 2013-08-26 17:42:59 2088122E90EC8F278D93B1D734F296DD 359752 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe 2013-08-26 17:42:59 0F87C3720CDB339FBE8768DB0D68A81E 794952 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-08-26 17:38:16 7DF8AF5B6A24A9FF238B9311EC3082CD 29143368 ----a-w- C:\Users\rudy\Downloads\IE11-Windows6.1-x86-en-us.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Windows\CurrentVersion\Run] "SRS Audio Sandbox"="C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe /hideme" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SRS Audio Sandbox"="C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe /hideme" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Advanced SystemCare 6"="\"C:\\Program Files\\IObit\\Advanced SystemCare 6\\ASCTray.exe\" /AutoStart" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "NUSB3MON"="\"C:\\Program Files\\Renesas Electronics\\USB 3.0 Host Controller Driver\\Application\\nusb3mon.exe\"" "IAStorIcon"="C:\\Program Files\\Intel\\Intel® Rapid Storage Technology\\IAStorIcon.exe" "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "EaseUS EPM tray"="C:\\Program Files\\EaseUS\\EaseUS Partition Master 9.2.2\\bin\\EpmNews.exe" "IObit Malware Fighter"="\"C:\\Program Files\\IObit\\IObit Malware Fighter\\IMF.exe\" /autostart" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GlaryInitialize.job --a------ C:\Program Files\Glary Utilities\initialize.exe [28-04-2013 15:39] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-08-2013 02:39] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-08-2013 02:39] ==== Firefox Extensions ====================== ProfilePath: C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592 - avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Clearly - %ProfilePath%\extensions\readable@evernote.com.xpi - Undetermined - %ProfilePath%\extensions\savedpasswordeditor@daniel.dawson.xpi - InstantFox - %ProfilePath%\extensions\searchy@searchy.xpi - Tile Tabs - %ProfilePath%\extensions\tiletabs@DW-dev.xpi - Stylish - %ProfilePath%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi - Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592 101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update 0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 14771EF55F4873E7C347E6EB5304A9CE - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome 3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 2D758513B6E7A83DDF4B4C250E0001A3 - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer 5BBF76A283A844AEA0B2FCDC212C9177 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx[22-04-2013 19:01] Google Docs - rudy - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - rudy - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - rudy - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - rudy - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Speed Dial - rudy - Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi Foxtab Speed Dial - rudy - Default\Extensions\fcoecifcadmambfikillppkoafmgachp wide awake theme - rudy - Default\Extensions\jghojamolcelbkfdejjhaliddkkhhpeb Google Mail Checker - rudy - Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff Advanced SystemCare Surfing Protection - rudy - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd Card number - rudy - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - rudy - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\rudy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi deleted successfully C:\Users\rudy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgpdioedihjhncjafcpgbbjdpbbkikmi_0.localstorage deleted successfully C:\Users\rudy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgpdioedihjhncjafcpgbbjdpbbkikmi_0.localstorage-journal deleted successfully C:\Users\rudy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp deleted successfully C:\Users\rudy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcoecifcadmambfikillppkoafmgachp_0.localstorage deleted successfully C:\Users\rudy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcoecifcadmambfikillppkoafmgachp_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\users\rudy\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\rudy\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a060276a-53be-45ec-8ebe-b94b1e803179} deleted successfully HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a060276a-53be-45ec-8ebe-b94b1e803179} deleted successfully HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{a060276a-53be-45ec-8ebe-b94b1e803179} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a060276a-53be-45ec-8ebe-b94b1e803179} deleted successfully HKEY_CLASSES_ROOT\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{a060276a-53be-45ec-8ebe-b94b1e803179} deleted successfully HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{a060276a-53be-45ec-8ebe-b94b1e803179} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{a060276a-53be-45ec-8ebe-b94b1e803179} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{a060276a-53be-45ec-8ebe-b94b1e803179} deleted successfully ==== HijackThis Entries ====================== R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files\Expat Shield\HssIE\ExpatIE.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [sRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme O8 - Extra context menu item: Afbeelding knippen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 O8 - Extra context menu item: Kopieer selectie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 O8 - Extra context menu item: Kopieer URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 O8 - Extra context menu item: Nieuwe notitie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html O8 - Extra context menu item: Pagina opemen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files\Expat Shield\bin\ExpatTrayService.EXE O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe ==== Empty IE Cache ====================== C:\Users\rudy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\rudy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\users\rudy\AppData\Local\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\rudy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\rudy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 31-08-2013 at 12:16:16,14 ======================

ComboFix 13-08-29.01 - rudy 30-08-2013 15:14:33.4.4 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3063.2129 [GMT 2:00] Gestart vanuit: c:\users\rudy\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\rudy\Documents\cfscript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Expat Shield c:\expat shield\hssstate.xml c:\expat shield\hsswd\hsswd.cfg c:\program files\Common Files\DVDVideoSoft c:\program files\Common Files\DVDVideoSoft\bin\atl100.dll c:\program files\Common Files\DVDVideoSoft\bin\ContextMenuHelper.exe c:\program files\Common Files\DVDVideoSoft\bin\da-DK\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\da-DK\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\da-DK\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\da-DK\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\da-DK\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\da-DK\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\de-DE\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\de-DE\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\de-DE\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\de-DE\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\de-DE\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\de-DE\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\DVDVideoSoft.Resources.dll c:\program files\Common Files\DVDVideoSoft\bin\DVSSysReport.exe c:\program files\Common Files\DVDVideoSoft\bin\DVSUpdate.exe c:\program files\Common Files\DVDVideoSoft\bin\el-GR\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\el-GR\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\el-GR\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\el-GR\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\el-GR\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\el-GR\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\es-ES\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\es-ES\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\es-ES\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\es-ES\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\es-ES\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\es-ES\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\fr-FR\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\fr-FR\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\fr-FR\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\fr-FR\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\fr-FR\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\fr-FR\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\hu-HU\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\hu-HU\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\hu-HU\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\hu-HU\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\hu-HU\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\it-IT\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\it-IT\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\it-IT\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\it-IT\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\it-IT\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\it-IT\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\ja-JP\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\ja-JP\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\ja-JP\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\ja-JP\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\ja-JP\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\ja-JP\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\mfc100u.dll c:\program files\Common Files\DVDVideoSoft\bin\mfcm100u.dll c:\program files\Common Files\DVDVideoSoft\bin\msvcp100.dll c:\program files\Common Files\DVDVideoSoft\bin\msvcr100.dll c:\program files\Common Files\DVDVideoSoft\bin\nl-NL\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\nl-NL\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\nl-NL\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\nl-NL\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\nl-NL\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\nl-NL\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pl-PL\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pl-PL\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pl-PL\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pl-PL\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pl-PL\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pl-PL\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\PrerequisiteCheck.exe c:\program files\Common Files\DVDVideoSoft\bin\pt-BR\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pt-BR\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pt-BR\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pt-BR\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pt-BR\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pt-BR\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pt-PT\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pt-PT\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pt-PT\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pt-PT\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pt-PT\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\pt-PT\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\ru-RU\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\ru-RU\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\ru-RU\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\ru-RU\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\ru-RU\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\ru-RU\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\SubscriptionOffer.exe c:\program files\Common Files\DVDVideoSoft\bin\sv-SE\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\sv-SE\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\sv-SE\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\sv-SE\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\sv-SE\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\sv-SE\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\tr-TR\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\tr-TR\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\tr-TR\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\tr-TR\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\tr-TR\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\tr-TR\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-CHS\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-CHS\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-CHT\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-CHT\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-CN\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-CN\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-CN\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-CN\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-CN\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-CN\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-TW\DVDVideoSoft.AppFx.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-TW\DVDVideoSoft.DialogForms.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-TW\DVDVideoSoft.Resources.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-TW\DVSSysReport.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-TW\PrerequisiteCheck.resources.dll c:\program files\Common Files\DVDVideoSoft\bin\zh-TW\SubscriptionOffer.resources.dll c:\program files\Common Files\DVDVideoSoft\chimes.wav c:\program files\Common Files\DVDVideoSoft\FreeStudioManager.exe c:\program files\Common Files\DVDVideoSoft\lib\atl100.dll c:\program files\Common Files\DVDVideoSoft\lib\avcodec-54.dll c:\program files\Common Files\DVDVideoSoft\lib\avdevice-54.dll c:\program files\Common Files\DVDVideoSoft\lib\avfilter-3.dll c:\program files\Common Files\DVDVideoSoft\lib\avformat-54.dll c:\program files\Common Files\DVDVideoSoft\lib\avresample-0.dll c:\program files\Common Files\DVDVideoSoft\lib\avutil-51.dll c:\program files\Common Files\DVDVideoSoft\lib\avutil-52.dll c:\program files\Common Files\DVDVideoSoft\lib\boost_date_time-vc100-mt-1_53.dll c:\program files\Common Files\DVDVideoSoft\lib\boost_filesystem-vc100-mt-1_53.dll c:\program files\Common Files\DVDVideoSoft\lib\boost_regex-vc100-mt-1_53.dll c:\program files\Common Files\DVDVideoSoft\lib\boost_system-vc100-mt-1_53.dll c:\program files\Common Files\DVDVideoSoft\lib\boost_thread-vc100-mt-1_53.dll c:\program files\Common Files\DVDVideoSoft\lib\collector.dll c:\program files\Common Files\DVDVideoSoft\lib\CudaTranscoder.dll c:\program files\Common Files\DVDVideoSoft\lib\DVSiTunes.dll c:\program files\Common Files\DVDVideoSoft\lib\DVSResources.dll c:\program files\Common Files\DVDVideoSoft\lib\dvsservice.exe c:\program files\Common Files\DVDVideoSoft\lib\dvssyshelper.dll c:\program files\Common Files\DVDVideoSoft\lib\ffmpeg.exe c:\program files\Common Files\DVDVideoSoft\lib\icudt51.dll c:\program files\Common Files\DVDVideoSoft\lib\icuin51.dll c:\program files\Common Files\DVDVideoSoft\lib\icuuc51.dll c:\program files\Common Files\DVDVideoSoft\lib\libcurl.dll c:\program files\Common Files\DVDVideoSoft\lib\libeay32.dll c:\program files\Common Files\DVDVideoSoft\lib\libEGL.dll c:\program files\Common Files\DVDVideoSoft\lib\libfftw3f-3.dll c:\program files\Common Files\DVDVideoSoft\lib\libGLESv2.dll c:\program files\Common Files\DVDVideoSoft\lib\libmp3lame.dll c:\program files\Common Files\DVDVideoSoft\lib\MediaTagsEditor.dll c:\program files\Common Files\DVDVideoSoft\lib\mfc100u.dll c:\program files\Common Files\DVDVideoSoft\lib\mfcm100u.dll c:\program files\Common Files\DVDVideoSoft\lib\Microsoft.WindowsAPICodePack.dll c:\program files\Common Files\DVDVideoSoft\lib\Microsoft.WindowsAPICodePack.Shell.dll c:\program files\Common Files\DVDVideoSoft\lib\mmcore-pinv.dll c:\program files\Common Files\DVDVideoSoft\lib\mmcore.dll c:\program files\Common Files\DVDVideoSoft\lib\msvcp100.dll c:\program files\Common Files\DVDVideoSoft\lib\msvcr100.dll c:\program files\Common Files\DVDVideoSoft\lib\platforms\qwindows.dll c:\program files\Common Files\DVDVideoSoft\lib\postproc-52.dll c:\program files\Common Files\DVDVideoSoft\lib\Qt5Core.dll c:\program files\Common Files\DVDVideoSoft\lib\Qt5Gui.dll c:\program files\Common Files\DVDVideoSoft\lib\Qt5Widgets.dll c:\program files\Common Files\DVDVideoSoft\lib\rockid-pinv.dll c:\program files\Common Files\DVDVideoSoft\lib\rockid.dll c:\program files\Common Files\DVDVideoSoft\lib\SDL.dll c:\program files\Common Files\DVDVideoSoft\lib\ssleay32.dll c:\program files\Common Files\DVDVideoSoft\lib\stat.dll c:\program files\Common Files\DVDVideoSoft\lib\swresample-0.dll c:\program files\Common Files\DVDVideoSoft\lib\swscale-2.dll c:\program files\Common Files\DVDVideoSoft\lib\tier0-pinv.dll c:\program files\Common Files\DVDVideoSoft\lib\tier0.dll c:\program files\Common Files\DVDVideoSoft\lib\Uninstall.exe c:\program files\Common Files\DVDVideoSoft\lib\VideoFileToIPOD.dll c:\program files\Common Files\DVDVideoSoft\lib\wbrhelper.dll c:\program files\Common Files\DVDVideoSoft\lib\zlib1.dll c:\program files\Conduit c:\program files\Conduit\Community Alerts\Alert.dll c:\program files\DVDVideoSoft c:\program files\DVDVideoSoft\Free Audio Converter\da-DK\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\da-DK\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\da-DK\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\da-DK\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\da-DK\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\de-DE\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\de-DE\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\de-DE\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\de-DE\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\de-DE\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\DVDVideoSoft.AudioConverterAppExt.dll c:\program files\DVDVideoSoft\Free Audio Converter\DVDVideoSoft.AVConverter.dll c:\program files\DVDVideoSoft\Free Audio Converter\DVDVideoSoft.CategorizedByFormatAppExt.dll c:\program files\DVDVideoSoft\Free Audio Converter\DVDVideoSoft.DVSiTunes.dll c:\program files\DVDVideoSoft\Free Audio Converter\DVDVideoSoft.MediaTagsEditor.dll c:\program files\DVDVideoSoft\Free Audio Converter\DVDVideoSoft.PresetEditor.dll c:\program files\DVDVideoSoft\Free Audio Converter\DVDVideoSoft.Presets.dll c:\program files\DVDVideoSoft\Free Audio Converter\DVDVideoSoft.Resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\DVDVideoSoft.RockIdHelper.dll c:\program files\DVDVideoSoft\Free Audio Converter\DVDVideoSoft.TaskbarManager.dll c:\program files\DVDVideoSoft\Free Audio Converter\DVDVideoSoft.VideoFileToIPOD.dll c:\program files\DVDVideoSoft\Free Audio Converter\el-GR\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\el-GR\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\el-GR\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\el-GR\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\el-GR\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\es-ES\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\es-ES\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\es-ES\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\es-ES\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\es-ES\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\fr-FR\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\fr-FR\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\fr-FR\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\fr-FR\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\fr-FR\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\FreeAudioConverter.exe c:\program files\DVDVideoSoft\Free Audio Converter\FreeAudioConverter.xml c:\program files\DVDVideoSoft\Free Audio Converter\FreeAudioConverterProfile.xml c:\program files\DVDVideoSoft\Free Audio Converter\hu-HU\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\hu-HU\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\hu-HU\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\hu-HU\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\hu-HU\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\it-IT\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\it-IT\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\it-IT\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\it-IT\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\it-IT\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\ja-JP\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\ja-JP\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\ja-JP\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\ja-JP\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\ja-JP\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\nl-NL\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\nl-NL\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\nl-NL\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\nl-NL\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\nl-NL\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pl-PL\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pl-PL\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pl-PL\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pl-PL\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pl-PL\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pt-BR\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pt-BR\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pt-BR\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pt-BR\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pt-BR\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pt-PT\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pt-PT\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pt-PT\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pt-PT\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\pt-PT\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\ru-RU\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\ru-RU\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\ru-RU\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\ru-RU\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\ru-RU\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\sv-SE\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\sv-SE\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\sv-SE\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\sv-SE\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\sv-SE\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\taglib-sharp.dll c:\program files\DVDVideoSoft\Free Audio Converter\tr-TR\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\tr-TR\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\tr-TR\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\tr-TR\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\tr-TR\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\zh-CN\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\zh-CN\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\zh-CN\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\zh-CN\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\zh-CN\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\zh-TW\DVDVideoSoft.AppFx.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\zh-TW\DVDVideoSoft.DialogForms.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\zh-TW\DVDVideoSoft.PresetEditor.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\zh-TW\DVDVideoSoft.Resources.resources.dll c:\program files\DVDVideoSoft\Free Audio Converter\zh-TW\DvsVideoConverterModule.resources.dll c:\program files\DVDVideoSoft\unins000.dat c:\program files\DVDVideoSoft\unins000.exe c:\program files\DVDVideoSoft\unins000.msg c:\program files\Expat Shield c:\program files\Expat Shield\bin\af_proxy_cmd.exe c:\program files\Expat Shield\bin\curl-ca-bundle.crt c:\program files\Expat Shield\bin\EXPATTrayService.exe c:\program files\Expat Shield\bin\fbw.exe c:\program files\Expat Shield\bin\ffinst.exe c:\program files\Expat Shield\bin\hssinst.dll c:\program files\Expat Shield\bin\HssInstaller.exe c:\program files\Expat Shield\bin\hsswd.exe c:\program files\Expat Shield\bin\lang\gui-ara.dll c:\program files\Expat Shield\bin\lang\gui-bur.dll c:\program files\Expat Shield\bin\lang\gui-chi.dll c:\program files\Expat Shield\bin\lang\gui-eng.dll c:\program files\Expat Shield\bin\lang\gui-fre.dll c:\program files\Expat Shield\bin\lang\gui-ger.dll c:\program files\Expat Shield\bin\lang\gui-per.dll c:\program files\Expat Shield\bin\lang\gui-rus.dll c:\program files\Expat Shield\bin\lang\gui-spa.dll c:\program files\Expat Shield\bin\lang\gui-vie.dll c:\program files\Expat Shield\bin\libcurl.dll c:\program files\Expat Shield\bin\libeay32.dll c:\program files\Expat Shield\bin\libidn-11.dll c:\program files\Expat Shield\bin\libpkcs11-helper-1.dll c:\program files\Expat Shield\bin\libssl32.dll c:\program files\Expat Shield\bin\openvpn.exe c:\program files\Expat Shield\bin\openvpnas.exe c:\program files\Expat Shield\bin\openvpntray.exe c:\program files\Expat Shield\bin\tapinstall.exe c:\program files\Expat Shield\bin\vistahlp.dll c:\program files\Expat Shield\bin\winhlp.dll c:\program files\Expat Shield\config\config.hvpn c:\program files\Expat Shield\config\hss_data\wrurl c:\program files\Expat Shield\config\hsscon.cfg c:\program files\Expat Shield\config\hssst.cfg c:\program files\Expat Shield\config\proxy.hvpn c:\program files\Expat Shield\config\sd-info-direct.cfg c:\program files\Expat Shield\config\sd-info-main.cfg c:\program files\Expat Shield\config\sd-info-saved.cfg c:\program files\Expat Shield\config\sdcon.cfg c:\program files\Expat Shield\config\upd_dat.cfg c:\program files\Expat Shield\driver\OemWin2k.inf c:\program files\Expat Shield\driver\taphss.cat c:\program files\Expat Shield\driver\taphss.sys c:\program files\Expat Shield\expat.ico c:\program files\Expat Shield\HssFF\config_ff.txt c:\program files\Expat Shield\HssFF\config_ff_srch.txt c:\program files\Expat Shield\HssIE\config.txt c:\program files\Expat Shield\HssIE\config_srch.txt c:\program files\Expat Shield\HssIE\ExpatIE.dll c:\program files\Expat Shield\hsswd\default\default.cfg c:\program files\Expat Shield\HssWPR\hssdrv.cat c:\program files\Expat Shield\HssWPR\hssdrv.sys c:\program files\Expat Shield\HssWPR\hssdrv_m.cat c:\program files\Expat Shield\HssWPR\hssinst.dll c:\program files\Expat Shield\HssWPR\HssInstaller.exe c:\program files\Expat Shield\HssWPR\hsssrv.exe c:\program files\Expat Shield\HssWPR\nethss.inf c:\program files\Expat Shield\HssWPR\nethss_m.inf c:\program files\Expat Shield\HssWPR\wpr.conf c:\program files\Expat Shield\htdocs\check.js c:\program files\Expat Shield\htdocs\conect.png c:\program files\Expat Shield\htdocs\connect_original.png c:\program files\Expat Shield\htdocs\connect_stay.png c:\program files\Expat Shield\htdocs\disconnect.html c:\program files\Expat Shield\htdocs\disconnect_original.png c:\program files\Expat Shield\htdocs\Expat_desktop_icon.ico c:\program files\Expat Shield\htdocs\greenico.png c:\program files\Expat Shield\htdocs\HSS_logo.png c:\program files\Expat Shield\htdocs\lang.js c:\program files\Expat Shield\htdocs\logo.png c:\program files\Expat Shield\htdocs\message.html c:\program files\Expat Shield\htdocs\nsidefs.js c:\program files\Expat Shield\htdocs\oac.html c:\program files\Expat Shield\htdocs\oac.js c:\program files\Expat Shield\htdocs\redico.png c:\program files\Expat Shield\htdocs\restart.html c:\program files\Expat Shield\htdocs\turnoff.png c:\program files\Expat Shield\htdocs\turnon.png c:\program files\Expat Shield\license.txt c:\program files\Expat Shield\log\config.log c:\program files\Expat Shield\log\oas.log c:\program files\Expat Shield\Uninstall.exe c:\program files\Expat_Shield c:\program files\Expat_Shield\Expat_ShieldToolbarHelper.exe c:\program files\Expat_Shield\GottenAppsContextMenu.xml c:\program files\Expat_Shield\hk64tbExpa.dll c:\program files\Expat_Shield\hktbExpa.dll c:\program files\Expat_Shield\ldrtbExpa.dll c:\program files\Expat_Shield\OtherAppsContextMenu.xml c:\program files\Expat_Shield\prxtbExpa.dll c:\program files\Expat_Shield\SharedAppsContextMenu.xml c:\program files\Expat_Shield\tbExpa.dll c:\program files\Expat_Shield\toolbar.cfg c:\program files\Expat_Shield\ToolbarContextMenu.xml c:\program files\Expat_Shield\uninstall.exe c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_ExpatShieldService -------\Service_ExpatSrv -------\Service_ExpatTrayService -------\Service_ExpatWd -------\Service_ExpatShieldService -------\Service_ExpatSrv -------\Service_ExpatTrayService -------\Service_ExpatWd . . (((((((((((((((((((( Bestanden Gemaakt van 2013-07-28 to 2013-08-30 )))))))))))))))))))))))))))))) . . 2013-08-28 10:27 . 2013-08-28 10:28 -------- d-----w- C:\AdwCleaner 2013-08-27 09:45 . 2013-08-27 10:00 -------- d-----w- C:\muziek-mp3 2013-08-27 08:05 . 2013-08-27 08:05 -------- d-----w- c:\program files\Trend Micro 2013-08-26 12:39 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{42028B9F-816C-4419-ADE8-1D60436BB1C9}\mpengine.dll 2013-08-22 09:21 . 2013-08-22 09:23 -------- d-----w- c:\windows\system32\MRT 2013-08-22 09:10 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll 2013-08-22 09:10 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-22 09:10 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll 2013-08-22 09:10 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll 2013-08-22 09:10 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll 2013-08-22 09:10 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll 2013-08-22 09:10 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll 2013-08-22 09:10 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll 2013-08-22 09:10 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll 2013-08-22 09:10 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2013-08-22 09:10 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll 2013-08-22 09:09 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll 2013-08-22 09:09 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2013-08-22 09:09 . 2013-04-10 05:03 988672 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2013-08-22 09:09 . 2013-04-10 05:03 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2013-08-22 09:09 . 2013-04-10 05:04 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2013-08-22 09:09 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe 2013-08-22 09:09 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll 2013-08-22 09:09 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-08-22 09:09 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-08-22 09:07 . 2013-06-05 03:05 2347520 ----a-w- c:\windows\system32\win32k.sys 2013-08-22 09:07 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe 2013-08-22 09:07 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll 2013-08-22 09:07 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll 2013-08-22 09:07 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll 2013-08-22 09:07 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll 2013-08-22 09:07 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll 2013-08-22 09:07 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe 2013-08-22 09:06 . 2013-05-27 04:57 680960 ----a-w- c:\program files\Windows Defender\MpSvc.dll 2013-08-22 09:06 . 2013-05-27 04:57 392704 ----a-w- c:\program files\Windows Defender\MpClient.dll 2013-08-22 09:06 . 2013-05-27 04:57 224768 ----a-w- c:\program files\Windows Defender\MpCommu.dll 2013-08-22 08:46 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2013-08-22 08:15 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2013-08-21 17:37 . 2013-08-21 17:37 -------- d-----w- c:\program files\Mozilla Maintenance Service 2013-08-19 17:56 . 2013-08-19 17:56 -------- d-----w- C:\temp 2013-08-15 11:35 . 2013-03-07 07:49 19840 ----a-w- c:\windows\system32\EuEpmGdi.dll 2013-08-15 11:35 . 2013-04-11 12:10 2498216 ----a-w- c:\windows\system32\BootMan.exe 2013-08-15 11:35 . 2013-03-07 07:49 9160 ----a-w- c:\windows\system32\EuGdiDrv.sys 2013-08-15 11:35 . 2013-03-07 07:49 87112 ----a-w- c:\windows\system32\setupempdrv03.exe 2013-08-15 11:35 . 2013-03-07 07:49 14920 ----a-w- c:\windows\system32\epmntdrv.sys 2013-08-15 11:35 . 2013-08-15 11:35 -------- d-----w- c:\program files\EaseUS 2013-08-15 08:03 . 2013-08-15 08:03 -------- d-----w- c:\program files\Common Files\Adobe 2013-08-15 07:57 . 2013-08-15 07:57 -------- d-----w- c:\program files\Mediafour 2013-08-15 07:56 . 2013-08-15 07:56 -------- d-----w- c:\windows\Downloaded Installations 2013-08-15 07:55 . 2013-08-15 07:55 -------- d-----w- c:\windows\system32\URTTEMP 2013-08-14 10:31 . 2013-08-14 10:31 -------- d-----w- c:\programdata\Freemake 2013-08-14 10:30 . 2013-08-14 10:31 -------- d-----w- c:\program files\Freemake 2013-08-14 09:24 . 2013-08-14 09:24 -------- d-----w- c:\program files\Microsoft Expression 2013-08-14 09:11 . 2013-08-14 09:11 -------- d-----w- c:\program files\Exact Audio Copy 2013-08-13 17:19 . 2013-08-13 17:19 -------- d-----w- c:\program files\Griffith 2013-08-13 16:10 . 2013-08-15 15:06 -------- d-----w- C:\Muziek-bib 2013-08-13 15:46 . 2013-08-13 15:46 -------- d-----w- c:\programdata\FileOpen 2013-08-13 15:45 . 2013-07-26 05:35 27152 ----a-w- c:\windows\system32\nitrolocalmon2.dll 2013-08-13 15:45 . 2013-07-26 05:35 18448 ----a-w- c:\windows\system32\nitrolocalui2.dll 2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\programdata\Nitro 2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\program files\Nitro 2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\program files\Common Files\Nitro 2013-08-13 13:50 . 2013-08-13 13:50 -------- d-----w- C:\Soulseek 2013-08-13 13:46 . 2013-08-28 19:48 -------- d-----w- c:\programdata\Soulseek 2013-08-13 13:45 . 2013-08-13 13:45 -------- d-----w- c:\program files\SoulseekQt 2013-08-13 13:44 . 2013-08-13 13:44 -------- d-----w- c:\program files\SoulseekNS 2013-08-13 13:13 . 2013-08-13 13:13 -------- d-----w- c:\programdata\MediaMonkey 2013-08-13 13:13 . 2013-08-13 13:13 -------- d-----w- c:\program files\MediaMonkey 2013-08-13 12:38 . 2013-08-13 16:21 -------- d--h--w- c:\windows\Icons 2013-08-13 10:29 . 2013-08-13 10:29 -------- d-----w- c:\programdata\Canneverbe Limited 2013-08-13 10:29 . 2013-08-13 12:17 -------- d-----w- c:\program files\CDBurnerXP 2013-08-13 10:03 . 2013-08-13 10:03 -------- d-----w- c:\program files\ImgBurn 2013-08-13 09:45 . 2013-08-13 09:45 -------- d-----w- c:\program files\Speccy 2013-08-13 09:43 . 2013-08-13 09:43 -------- d-----w- c:\program files\LopeSoft 2013-08-13 09:32 . 2013-08-13 09:32 -------- d-----w- c:\program files\Common Files\Innovative Solutions 2013-08-13 09:32 . 2013-08-13 09:57 -------- d-----w- c:\programdata\Innovative Solutions 2013-08-13 09:32 . 2013-08-13 09:56 -------- d-----w- c:\program files\Innovative Solutions 2013-08-13 09:27 . 2013-08-13 09:27 -------- d-----w- c:\program files\PrivaZer 2013-08-13 09:22 . 2013-08-13 09:22 -------- d-----w- c:\program files\FileHippo.com 2013-08-13 09:20 . 2013-08-13 09:20 -------- d-----w- c:\program files\Magical Jelly Bean 2013-08-13 09:19 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll 2013-08-13 09:18 . 2013-08-13 09:19 -------- d-----w- c:\program files\K-Lite Codec Pack 2013-08-13 09:18 . 2013-08-13 09:18 -------- d-----w- c:\program files\Free Opener 2013-08-13 09:17 . 2013-08-13 09:17 -------- d-----w- c:\programdata\APN 2013-08-13 09:16 . 2013-08-13 09:16 -------- d-----w- c:\program files\Glary Utilities 2013-08-13 07:57 . 2013-08-13 07:57 -------- d-----w- c:\windows\system32\SPReview 2013-08-13 07:55 . 2013-08-13 07:55 -------- d-----w- c:\windows\system32\EventProviders 2013-08-13 07:40 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\system32\dfshim.dll 2013-08-13 07:40 . 2010-11-20 12:21 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2013-08-13 07:40 . 2010-11-20 10:24 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2013-08-13 07:38 . 2010-11-20 12:24 271664 ----a-w- c:\windows\system32\fveapi.dll 2013-08-13 07:37 . 2010-11-20 12:21 410112 ----a-w- c:\windows\system32\wlanui.dll 2013-08-13 07:36 . 2010-11-20 12:20 427520 ----a-w- c:\windows\system32\PortableDeviceStatus.dll 2013-08-13 07:35 . 2010-11-20 12:00 6656 ----a-w- c:\windows\system32\KBDSF.DLL 2013-08-13 07:30 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll 2013-08-13 07:29 . 2010-11-20 12:21 189952 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll 2013-08-13 07:29 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll 2013-08-13 07:29 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll 2013-08-13 07:28 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\sqmapi.dll 2013-08-13 07:26 . 2013-04-17 18:20 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2013-08-13 06:52 . 2013-08-13 06:52 -------- d-----w- c:\programdata\Malwarebytes 2013-08-13 06:52 . 2013-08-13 06:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-08-13 06:52 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-08-13 06:51 . 2013-08-13 07:13 -------- d-----w- c:\programdata\IObit 2013-08-13 06:51 . 2013-08-13 12:12 -------- d-----w- c:\program files\IObit 2013-08-12 17:59 . 2013-08-12 17:59 -------- d-----w- c:\program files\CCleaner 2013-08-12 17:54 . 2013-08-12 17:54 -------- d-----w- c:\program files\Recuva 2013-08-12 10:13 . 2013-08-12 17:51 -------- d-----w- c:\program files\Calibre2 2013-08-12 08:21 . 2013-08-12 08:21 -------- d-----w- c:\windows\system32\Wat 2013-08-12 06:22 . 2013-08-26 17:48 -------- d-----w- c:\windows\Panther 2013-08-12 05:38 . 2013-08-13 10:54 -------- d-----w- C:\Windows.old 2013-08-12 02:05 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll 2013-08-12 02:05 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll 2013-08-12 02:05 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll 2013-08-12 01:19 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2013-08-12 01:19 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2013-08-12 01:19 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll 2013-08-12 01:17 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2013-08-12 01:17 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2013-08-12 01:17 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll 2013-08-12 01:17 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll 2013-08-12 01:17 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe 2013-08-12 01:17 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll 2013-08-12 01:17 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2013-08-12 01:16 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-13 08:20 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2013-08-11 22:22 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2010-01-07 3216664] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-06-14 9288296] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "IAStorIcon"=c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "EaseUS EPM tray"=c:\program files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe "IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" /autostart . R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2013-03-07 14920] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2013-03-07 9160] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-08-26 108032] R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2013-03-26 31752] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2013-03-26 20944] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-08-12 1343400] R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272] R4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2013-03-23 21480] R4 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [2013-04-25 335168] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 176128] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336] S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-07-26 196624] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 64904] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 146568] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2009-09-22 579072] . . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-08-30 12:51 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-08-27 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2013-08-13 13:39] . 2013-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 00:39] . 2013-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 00:39] . . ------- Bijkomende Scan ------- . IE: Afbeelding knippen - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 IE: Kopieer selectie - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 IE: Kopieer URL - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 IE: Nieuwe notitie - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.html IE: Pagina opemen - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 TCP: DhcpNameServer = 195.130.130.2 195.130.131.2 FF - ProfilePath - c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\ FF - prefs.js: browser.startup.homepage - HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag FF - ExtSQL: 2013-08-12 02:37; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF FF - ExtSQL: 2013-08-21 20:29; {64161300-e22b-11db-8314-0800200c9a66}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi FF - ExtSQL: 2013-08-21 20:31; readable@evernote.com; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\readable@evernote.com.xpi FF - ExtSQL: 2013-08-21 20:52; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi FF - ExtSQL: 2013-08-22 09:37; tiletabs@DW-dev; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\tiletabs@DW-dev.xpi FF - ExtSQL: 2013-08-22 10:17; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-08-22 10:43; searchy@searchy; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\searchy@searchy.xpi FF - ExtSQL: 2013-08-22 10:58; savedpasswordeditor@daniel.dawson; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\savedpasswordeditor@daniel.dawson.xpi FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-ExpatShield - c:\program files\Expat Shield\Uninstall.exe AddRemove-Free Audio Converter_is1 - c:\program files\Common Files\DVDVideoSoft\lib\Uninstall.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\atieclxx.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\System32\WUDFHost.exe c:\windows\system32\conhost.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\DllHost.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Voltooingstijd: 2013-08-30 15:26:36 - machine werd herstart ComboFix-quarantined-files.txt 2013-08-30 13:26 ComboFix2.txt 2013-08-29 13:11 ComboFix3.txt 2013-08-29 12:59 ComboFix4.txt 2013-08-28 19:18 ComboFix5.txt 2013-08-30 13:13 . Pre-Run: 986.860.277.760 bytes beschikbaar Post-Run: 986.676.682.752 bytes beschikbaar . - - End Of File - - 1139970B9E9F8F5F25710331D11A2EAD A36C5E4F47E84449FF07ED3517B43A31

ComboFix 13-08-29.01 - rudy 29-08-2013 15:05:14.3.4 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3063.1784 [GMT 2:00] Gestart vanuit: c:\users\rudy\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\rudy\Desktop\cfscript - Snelkoppeling.lnk AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2013-07-28 to 2013-08-29 )))))))))))))))))))))))))))))) . . 2013-08-29 13:10 . 2013-08-29 13:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-08-28 10:27 . 2013-08-28 10:28 -------- d-----w- C:\AdwCleaner 2013-08-27 09:55 . 2013-08-27 09:56 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2013-08-27 09:55 . 2013-08-27 09:56 -------- d-----w- c:\program files\DVDVideoSoft 2013-08-27 09:45 . 2013-08-27 10:00 -------- d-----w- C:\muziek-mp3 2013-08-27 08:05 . 2013-08-27 08:05 -------- d-----w- c:\program files\Trend Micro 2013-08-26 12:39 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{42028B9F-816C-4419-ADE8-1D60436BB1C9}\mpengine.dll 2013-08-22 09:21 . 2013-08-22 09:23 -------- d-----w- c:\windows\system32\MRT 2013-08-22 09:10 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll 2013-08-22 09:10 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-22 09:10 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll 2013-08-22 09:10 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll 2013-08-22 09:10 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll 2013-08-22 09:10 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll 2013-08-22 09:10 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll 2013-08-22 09:10 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll 2013-08-22 09:10 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll 2013-08-22 09:10 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2013-08-22 09:10 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll 2013-08-22 09:09 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll 2013-08-22 09:09 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2013-08-22 09:09 . 2013-04-10 05:03 988672 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2013-08-22 09:09 . 2013-04-10 05:03 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2013-08-22 09:09 . 2013-04-10 05:04 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2013-08-22 09:09 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe 2013-08-22 09:09 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll 2013-08-22 09:09 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-08-22 09:09 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-08-22 09:07 . 2013-06-05 03:05 2347520 ----a-w- c:\windows\system32\win32k.sys 2013-08-22 09:07 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe 2013-08-22 09:07 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll 2013-08-22 09:07 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll 2013-08-22 09:07 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll 2013-08-22 09:07 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll 2013-08-22 09:07 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll 2013-08-22 09:07 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe 2013-08-22 09:06 . 2013-05-27 04:57 680960 ----a-w- c:\program files\Windows Defender\MpSvc.dll 2013-08-22 09:06 . 2013-05-27 04:57 392704 ----a-w- c:\program files\Windows Defender\MpClient.dll 2013-08-22 09:06 . 2013-05-27 04:57 224768 ----a-w- c:\program files\Windows Defender\MpCommu.dll 2013-08-22 08:46 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2013-08-22 08:15 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2013-08-21 17:37 . 2013-08-21 17:37 -------- d-----w- c:\program files\Mozilla Maintenance Service 2013-08-19 18:24 . 2013-08-19 18:24 -------- d-----w- C:\Expat Shield 2013-08-19 18:24 . 2013-08-19 18:24 -------- d-----w- c:\program files\Expat Shield 2013-08-19 17:56 . 2013-08-19 17:56 -------- d-----w- C:\temp 2013-08-19 16:09 . 2013-08-19 16:09 -------- d-----w- c:\program files\Conduit 2013-08-19 16:09 . 2013-08-19 18:14 -------- d-----w- c:\program files\Expat_Shield 2013-08-15 11:35 . 2013-03-07 07:49 19840 ----a-w- c:\windows\system32\EuEpmGdi.dll 2013-08-15 11:35 . 2013-04-11 12:10 2498216 ----a-w- c:\windows\system32\BootMan.exe 2013-08-15 11:35 . 2013-03-07 07:49 9160 ----a-w- c:\windows\system32\EuGdiDrv.sys 2013-08-15 11:35 . 2013-03-07 07:49 87112 ----a-w- c:\windows\system32\setupempdrv03.exe 2013-08-15 11:35 . 2013-03-07 07:49 14920 ----a-w- c:\windows\system32\epmntdrv.sys 2013-08-15 11:35 . 2013-08-15 11:35 -------- d-----w- c:\program files\EaseUS 2013-08-15 08:03 . 2013-08-15 08:03 -------- d-----w- c:\program files\Common Files\Adobe 2013-08-15 07:57 . 2013-08-15 07:57 -------- d-----w- c:\program files\Mediafour 2013-08-15 07:56 . 2013-08-15 07:56 -------- d-----w- c:\windows\Downloaded Installations 2013-08-15 07:55 . 2013-08-15 07:55 -------- d-----w- c:\windows\system32\URTTEMP 2013-08-14 10:31 . 2013-08-14 10:31 -------- d-----w- c:\programdata\Freemake 2013-08-14 10:30 . 2013-08-14 10:31 -------- d-----w- c:\program files\Freemake 2013-08-14 09:24 . 2013-08-14 09:24 -------- d-----w- c:\program files\Microsoft Expression 2013-08-14 09:11 . 2013-08-14 09:11 -------- d-----w- c:\program files\Exact Audio Copy 2013-08-13 17:19 . 2013-08-13 17:19 -------- d-----w- c:\program files\Griffith 2013-08-13 16:10 . 2013-08-15 15:06 -------- d-----w- C:\Muziek-bib 2013-08-13 15:46 . 2013-08-13 15:46 -------- d-----w- c:\programdata\FileOpen 2013-08-13 15:45 . 2013-07-26 05:35 27152 ----a-w- c:\windows\system32\nitrolocalmon2.dll 2013-08-13 15:45 . 2013-07-26 05:35 18448 ----a-w- c:\windows\system32\nitrolocalui2.dll 2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\programdata\Nitro 2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\program files\Nitro 2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\program files\Common Files\Nitro 2013-08-13 13:50 . 2013-08-13 13:50 -------- d-----w- C:\Soulseek 2013-08-13 13:46 . 2013-08-28 19:48 -------- d-----w- c:\programdata\Soulseek 2013-08-13 13:45 . 2013-08-13 13:45 -------- d-----w- c:\program files\SoulseekQt 2013-08-13 13:44 . 2013-08-13 13:44 -------- d-----w- c:\program files\SoulseekNS 2013-08-13 13:13 . 2013-08-13 13:13 -------- d-----w- c:\programdata\MediaMonkey 2013-08-13 13:13 . 2013-08-13 13:13 -------- d-----w- c:\program files\MediaMonkey 2013-08-13 12:38 . 2013-08-13 16:21 -------- d--h--w- c:\windows\Icons 2013-08-13 10:29 . 2013-08-13 10:29 -------- d-----w- c:\programdata\Canneverbe Limited 2013-08-13 10:29 . 2013-08-13 12:17 -------- d-----w- c:\program files\CDBurnerXP 2013-08-13 10:03 . 2013-08-13 10:03 -------- d-----w- c:\program files\ImgBurn 2013-08-13 09:45 . 2013-08-13 09:45 -------- d-----w- c:\program files\Speccy 2013-08-13 09:43 . 2013-08-13 09:43 -------- d-----w- c:\program files\LopeSoft 2013-08-13 09:32 . 2013-08-13 09:32 -------- d-----w- c:\program files\Common Files\Innovative Solutions 2013-08-13 09:32 . 2013-08-13 09:57 -------- d-----w- c:\programdata\Innovative Solutions 2013-08-13 09:32 . 2013-08-13 09:56 -------- d-----w- c:\program files\Innovative Solutions 2013-08-13 09:27 . 2013-08-13 09:27 -------- d-----w- c:\program files\PrivaZer 2013-08-13 09:22 . 2013-08-13 09:22 -------- d-----w- c:\program files\FileHippo.com 2013-08-13 09:20 . 2013-08-13 09:20 -------- d-----w- c:\program files\Magical Jelly Bean 2013-08-13 09:19 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll 2013-08-13 09:18 . 2013-08-13 09:19 -------- d-----w- c:\program files\K-Lite Codec Pack 2013-08-13 09:18 . 2013-08-13 09:18 -------- d-----w- c:\program files\Free Opener 2013-08-13 09:17 . 2013-08-13 09:17 -------- d-----w- c:\programdata\APN 2013-08-13 09:16 . 2013-08-13 09:16 -------- d-----w- c:\program files\Glary Utilities 2013-08-13 07:57 . 2013-08-13 07:57 -------- d-----w- c:\windows\system32\SPReview 2013-08-13 07:55 . 2013-08-13 07:55 -------- d-----w- c:\windows\system32\EventProviders 2013-08-13 07:40 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\system32\dfshim.dll 2013-08-13 07:40 . 2010-11-20 12:21 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2013-08-13 07:40 . 2010-11-20 10:24 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2013-08-13 07:38 . 2010-11-20 12:24 271664 ----a-w- c:\windows\system32\fveapi.dll 2013-08-13 07:37 . 2010-11-20 12:21 410112 ----a-w- c:\windows\system32\wlanui.dll 2013-08-13 07:36 . 2010-11-20 12:20 427520 ----a-w- c:\windows\system32\PortableDeviceStatus.dll 2013-08-13 07:35 . 2010-11-20 12:00 6656 ----a-w- c:\windows\system32\KBDSF.DLL 2013-08-13 07:30 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll 2013-08-13 07:29 . 2010-11-20 12:21 189952 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll 2013-08-13 07:29 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll 2013-08-13 07:29 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll 2013-08-13 07:28 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\sqmapi.dll 2013-08-13 07:26 . 2013-04-17 18:20 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2013-08-13 07:12 . 2013-08-13 07:12 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} 2013-08-13 06:52 . 2013-08-13 06:52 -------- d-----w- c:\programdata\Malwarebytes 2013-08-13 06:52 . 2013-08-13 06:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-08-13 06:52 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-08-13 06:51 . 2013-08-13 07:13 -------- d-----w- c:\programdata\IObit 2013-08-13 06:51 . 2013-08-13 12:12 -------- d-----w- c:\program files\IObit 2013-08-12 17:59 . 2013-08-12 17:59 -------- d-----w- c:\program files\CCleaner 2013-08-12 17:54 . 2013-08-12 17:54 -------- d-----w- c:\program files\Recuva 2013-08-12 10:13 . 2013-08-12 17:51 -------- d-----w- c:\program files\Calibre2 2013-08-12 08:21 . 2013-08-12 08:21 -------- d-----w- c:\windows\system32\Wat 2013-08-12 06:22 . 2013-08-26 17:48 -------- d-----w- c:\windows\Panther 2013-08-12 05:38 . 2013-08-13 10:54 -------- d-----w- C:\Windows.old 2013-08-12 02:05 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll 2013-08-12 02:05 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll 2013-08-12 02:05 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll 2013-08-12 01:19 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2013-08-12 01:19 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2013-08-12 01:19 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-13 08:20 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2013-08-11 22:22 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{a060276a-53be-45ec-8ebe-b94b1e803179}"= "c:\program files\Expat_Shield\prxtbExpa.dll" [2013-07-17 226592] . [HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}] . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] 2012-01-04 23:02 233288 ----a-w- c:\program files\Expat Shield\HssIE\ExpatIE.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{a060276a-53be-45ec-8ebe-b94b1e803179}] 2013-07-17 08:53 226592 ----a-w- c:\program files\Expat_Shield\prxtbExpa.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{a060276a-53be-45ec-8ebe-b94b1e803179}"= "c:\program files\Expat_Shield\prxtbExpa.dll" [2013-07-17 226592] . [HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{A060276A-53BE-45EC-8EBE-B94B1E803179}"= "c:\program files\Expat_Shield\prxtbExpa.dll" [2013-07-17 226592] . [HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2010-01-07 3216664] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-06-14 9288296] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "IAStorIcon"=c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "EaseUS EPM tray"=c:\program files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe "IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" /autostart . R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2013-03-07 14920] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2013-03-07 9160] R3 ExpatTrayService;Expat Shield Tray Service;c:\program files\Expat Shield\bin\ExpatTrayService.EXE [2012-01-17 77520] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-08-26 108032] R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2013-03-26 31752] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2013-03-26 20944] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-08-12 1343400] R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272] R4 ExpatShieldService;Expat Shield Service;c:\program files\Expat Shield\bin\openvpnas.exe [2012-01-17 331608] R4 ExpatSrv;Expat Shield Routing Service;c:\program files\Expat Shield\HssWPR\hsssrv.exe [2012-01-04 363336] R4 ExpatWd;Expat Shield Monitoring Service;c:\program files\Expat Shield\bin\hsswd.exe [2012-01-04 329544] R4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2013-03-23 21480] R4 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [2013-04-25 335168] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 176128] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336] S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-07-26 196624] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 64904] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 146568] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2009-09-22 579072] . . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-08-22 07:52 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-08-27 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2013-08-13 13:39] . 2013-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 00:39] . 2013-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 00:39] . . ------- Bijkomende Scan ------- . IE: Afbeelding knippen - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 IE: Kopieer selectie - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 IE: Kopieer URL - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 IE: Nieuwe notitie - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.html IE: Pagina opemen - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 TCP: DhcpNameServer = 195.130.130.2 195.130.131.2 FF - ProfilePath - c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\ FF - prefs.js: browser.startup.homepage - HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag FF - ExtSQL: 2013-08-12 02:37; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF FF - ExtSQL: 2013-08-21 20:29; {64161300-e22b-11db-8314-0800200c9a66}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi FF - ExtSQL: 2013-08-21 20:31; readable@evernote.com; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\readable@evernote.com.xpi FF - ExtSQL: 2013-08-21 20:52; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi FF - ExtSQL: 2013-08-22 09:37; tiletabs@DW-dev; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\tiletabs@DW-dev.xpi FF - ExtSQL: 2013-08-22 10:17; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-08-22 10:43; searchy@searchy; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\searchy@searchy.xpi FF - ExtSQL: 2013-08-22 10:58; savedpasswordeditor@daniel.dawson; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\savedpasswordeditor@daniel.dawson.xpi FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-08-29 15:11:33 ComboFix-quarantined-files.txt 2013-08-29 13:11 ComboFix2.txt 2013-08-29 12:59 ComboFix3.txt 2013-08-28 19:18 ComboFix4.txt 2013-05-04 09:03 . Pre-Run: 987.190.497.280 bytes beschikbaar Post-Run: 987.016.962.048 bytes beschikbaar . - - End Of File - - E38830C7F43E76FC50A91DD7AAB521E1 A36C5E4F47E84449FF07ED3517B43A31

ComboFix 13-08-28.02 - rudy 28-08-2013 21:04:43.1.4 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3063.2064 [GMT 2:00] Gestart vanuit: c:\users\rudy\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\rudy\AppData\Roaming\Microsoft\Windows\Recent\desktop_81378533.ico . . (((((((((((((((((((( Bestanden Gemaakt van 2013-07-28 to 2013-08-28 )))))))))))))))))))))))))))))) . . 2013-08-28 19:10 . 2013-08-28 19:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-08-28 19:08 . 2013-08-28 19:08 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{42028B9F-816C-4419-ADE8-1D60436BB1C9}\offreg.dll 2013-08-28 10:27 . 2013-08-28 10:28 -------- d-----w- C:\AdwCleaner 2013-08-27 09:55 . 2013-08-27 09:56 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2013-08-27 09:55 . 2013-08-27 09:56 -------- d-----w- c:\program files\DVDVideoSoft 2013-08-27 09:45 . 2013-08-27 10:00 -------- d-----w- C:\muziek-mp3 2013-08-27 08:05 . 2013-08-27 08:05 -------- d-----w- c:\program files\Trend Micro 2013-08-26 12:39 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{42028B9F-816C-4419-ADE8-1D60436BB1C9}\mpengine.dll 2013-08-22 09:21 . 2013-08-22 09:23 -------- d-----w- c:\windows\system32\MRT 2013-08-22 09:10 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll 2013-08-22 09:10 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-22 09:10 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll 2013-08-22 09:10 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll 2013-08-22 09:10 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll 2013-08-22 09:10 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll 2013-08-22 09:10 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll 2013-08-22 09:10 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll 2013-08-22 09:10 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll 2013-08-22 09:10 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2013-08-22 09:10 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll 2013-08-22 09:09 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll 2013-08-22 09:09 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2013-08-22 09:09 . 2013-04-10 05:03 988672 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2013-08-22 09:09 . 2013-04-10 05:03 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2013-08-22 09:09 . 2013-04-10 05:04 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2013-08-22 09:09 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe 2013-08-22 09:09 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll 2013-08-22 09:09 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-08-22 09:09 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-08-22 09:07 . 2013-06-05 03:05 2347520 ----a-w- c:\windows\system32\win32k.sys 2013-08-22 09:07 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe 2013-08-22 09:07 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll 2013-08-22 09:07 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll 2013-08-22 09:07 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll 2013-08-22 09:07 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll 2013-08-22 09:07 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll 2013-08-22 09:07 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe 2013-08-22 09:06 . 2013-05-27 04:57 680960 ----a-w- c:\program files\Windows Defender\MpSvc.dll 2013-08-22 09:06 . 2013-05-27 04:57 392704 ----a-w- c:\program files\Windows Defender\MpClient.dll 2013-08-22 09:06 . 2013-05-27 04:57 224768 ----a-w- c:\program files\Windows Defender\MpCommu.dll 2013-08-22 08:46 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2013-08-22 08:15 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2013-08-21 17:37 . 2013-08-21 17:37 -------- d-----w- c:\program files\Mozilla Maintenance Service 2013-08-19 18:24 . 2013-08-19 18:24 -------- d-----w- C:\Expat Shield 2013-08-19 18:24 . 2013-08-19 18:24 -------- d-----w- c:\program files\Expat Shield 2013-08-19 17:56 . 2013-08-19 17:56 -------- d-----w- C:\temp 2013-08-19 16:09 . 2013-08-19 16:09 -------- d-----w- c:\program files\Conduit 2013-08-19 16:09 . 2013-08-19 18:14 -------- d-----w- c:\program files\Expat_Shield 2013-08-15 11:35 . 2013-03-07 07:49 19840 ----a-w- c:\windows\system32\EuEpmGdi.dll 2013-08-15 11:35 . 2013-04-11 12:10 2498216 ----a-w- c:\windows\system32\BootMan.exe 2013-08-15 11:35 . 2013-03-07 07:49 9160 ----a-w- c:\windows\system32\EuGdiDrv.sys 2013-08-15 11:35 . 2013-03-07 07:49 87112 ----a-w- c:\windows\system32\setupempdrv03.exe 2013-08-15 11:35 . 2013-03-07 07:49 14920 ----a-w- c:\windows\system32\epmntdrv.sys 2013-08-15 11:35 . 2013-08-15 11:35 -------- d-----w- c:\program files\EaseUS 2013-08-15 08:03 . 2013-08-15 08:03 -------- d-----w- c:\program files\Common Files\Adobe 2013-08-15 07:57 . 2013-08-15 07:57 -------- d-----w- c:\program files\Mediafour 2013-08-15 07:56 . 2013-08-15 07:56 -------- d-----w- c:\windows\Downloaded Installations 2013-08-15 07:55 . 2013-08-15 07:55 -------- d-----w- c:\windows\system32\URTTEMP 2013-08-14 10:31 . 2013-08-14 10:31 -------- d-----w- c:\programdata\Freemake 2013-08-14 10:30 . 2013-08-14 10:31 -------- d-----w- c:\program files\Freemake 2013-08-14 09:24 . 2013-08-14 09:24 -------- d-----w- c:\program files\Microsoft Expression 2013-08-14 09:11 . 2013-08-14 09:11 -------- d-----w- c:\program files\Exact Audio Copy 2013-08-13 17:19 . 2013-08-13 17:19 -------- d-----w- c:\program files\Griffith 2013-08-13 16:10 . 2013-08-15 15:06 -------- d-----w- C:\Muziek-bib 2013-08-13 15:46 . 2013-08-13 15:46 -------- d-----w- c:\programdata\FileOpen 2013-08-13 15:45 . 2013-07-26 05:35 27152 ----a-w- c:\windows\system32\nitrolocalmon2.dll 2013-08-13 15:45 . 2013-07-26 05:35 18448 ----a-w- c:\windows\system32\nitrolocalui2.dll 2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\programdata\Nitro 2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\program files\Nitro 2013-08-13 15:45 . 2013-08-13 15:45 -------- d-----w- c:\program files\Common Files\Nitro 2013-08-13 13:50 . 2013-08-13 13:50 -------- d-----w- C:\Soulseek 2013-08-13 13:46 . 2013-08-13 13:46 -------- d-----w- c:\programdata\Soulseek 2013-08-13 13:45 . 2013-08-13 13:45 -------- d-----w- c:\program files\SoulseekQt 2013-08-13 13:44 . 2013-08-13 13:44 -------- d-----w- c:\program files\SoulseekNS 2013-08-13 13:13 . 2013-08-13 13:13 -------- d-----w- c:\programdata\MediaMonkey 2013-08-13 13:13 . 2013-08-13 13:13 -------- d-----w- c:\program files\MediaMonkey 2013-08-13 12:38 . 2013-08-13 16:21 -------- d--h--w- c:\windows\Icons 2013-08-13 10:29 . 2013-08-13 10:29 -------- d-----w- c:\programdata\Canneverbe Limited 2013-08-13 10:29 . 2013-08-13 12:17 -------- d-----w- c:\program files\CDBurnerXP 2013-08-13 10:03 . 2013-08-13 10:03 -------- d-----w- c:\program files\ImgBurn 2013-08-13 09:45 . 2013-08-13 09:45 -------- d-----w- c:\program files\Speccy 2013-08-13 09:43 . 2013-08-13 09:43 -------- d-----w- c:\program files\LopeSoft 2013-08-13 09:32 . 2013-08-13 09:32 -------- d-----w- c:\program files\Common Files\Innovative Solutions 2013-08-13 09:32 . 2013-08-13 09:57 -------- d-----w- c:\programdata\Innovative Solutions 2013-08-13 09:32 . 2013-08-13 09:56 -------- d-----w- c:\program files\Innovative Solutions 2013-08-13 09:27 . 2013-08-13 09:27 -------- d-----w- c:\program files\PrivaZer 2013-08-13 09:22 . 2013-08-13 09:22 -------- d-----w- c:\program files\FileHippo.com 2013-08-13 09:20 . 2013-08-13 09:20 -------- d-----w- c:\program files\Magical Jelly Bean 2013-08-13 09:19 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll 2013-08-13 09:18 . 2013-08-13 09:19 -------- d-----w- c:\program files\K-Lite Codec Pack 2013-08-13 09:18 . 2013-08-13 09:18 -------- d-----w- c:\program files\Free Opener 2013-08-13 09:17 . 2013-08-13 09:17 -------- d-----w- c:\programdata\APN 2013-08-13 09:16 . 2013-08-13 09:16 -------- d-----w- c:\program files\Glary Utilities 2013-08-13 07:57 . 2013-08-13 07:57 -------- d-----w- c:\windows\system32\SPReview 2013-08-13 07:55 . 2013-08-13 07:55 -------- d-----w- c:\windows\system32\EventProviders 2013-08-13 07:40 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\system32\dfshim.dll 2013-08-13 07:40 . 2010-11-20 12:21 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2013-08-13 07:40 . 2010-11-20 10:24 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2013-08-13 07:38 . 2010-11-20 12:24 271664 ----a-w- c:\windows\system32\fveapi.dll 2013-08-13 07:37 . 2010-11-20 12:21 410112 ----a-w- c:\windows\system32\wlanui.dll 2013-08-13 07:36 . 2010-11-20 12:20 427520 ----a-w- c:\windows\system32\PortableDeviceStatus.dll 2013-08-13 07:35 . 2010-11-20 12:00 6656 ----a-w- c:\windows\system32\KBDSF.DLL 2013-08-13 07:30 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\wdscore.dll 2013-08-13 07:29 . 2010-11-20 12:21 189952 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll 2013-08-13 07:29 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll 2013-08-13 07:29 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll 2013-08-13 07:28 . 2010-11-20 12:21 189952 ----a-w- c:\windows\system32\sqmapi.dll 2013-08-13 07:26 . 2013-04-17 18:20 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2013-08-13 07:12 . 2013-08-13 07:12 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} 2013-08-13 06:52 . 2013-08-13 06:52 -------- d-----w- c:\programdata\Malwarebytes 2013-08-13 06:52 . 2013-08-13 06:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-08-13 06:52 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-08-13 06:51 . 2013-08-13 07:13 -------- d-----w- c:\programdata\IObit 2013-08-13 06:51 . 2013-08-13 12:12 -------- d-----w- c:\program files\IObit 2013-08-12 17:59 . 2013-08-12 17:59 -------- d-----w- c:\program files\CCleaner 2013-08-12 17:54 . 2013-08-12 17:54 -------- d-----w- c:\program files\Recuva 2013-08-12 10:13 . 2013-08-12 17:51 -------- d-----w- c:\program files\Calibre2 2013-08-12 08:21 . 2013-08-12 08:21 -------- d-----w- c:\windows\system32\Wat 2013-08-12 06:22 . 2013-08-26 17:48 -------- d-----w- c:\windows\Panther 2013-08-12 05:38 . 2013-08-13 10:54 -------- d-----w- C:\Windows.old 2013-08-12 02:05 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll 2013-08-12 02:05 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll 2013-08-12 02:05 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll 2013-08-12 01:19 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2013-08-12 01:19 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-13 08:20 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2013-08-11 22:22 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{a060276a-53be-45ec-8ebe-b94b1e803179}"= "c:\program files\Expat_Shield\prxtbExpa.dll" [2013-07-17 226592] . [HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}] . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] 2012-01-04 23:02 233288 ----a-w- c:\program files\Expat Shield\HssIE\ExpatIE.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{a060276a-53be-45ec-8ebe-b94b1e803179}] 2013-07-17 08:53 226592 ----a-w- c:\program files\Expat_Shield\prxtbExpa.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{a060276a-53be-45ec-8ebe-b94b1e803179}"= "c:\program files\Expat_Shield\prxtbExpa.dll" [2013-07-17 226592] . [HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{A060276A-53BE-45EC-8EBE-B94B1E803179}"= "c:\program files\Expat_Shield\prxtbExpa.dll" [2013-07-17 226592] . [HKEY_CLASSES_ROOT\clsid\{a060276a-53be-45ec-8ebe-b94b1e803179}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2010-01-07 3216664] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-06-14 9288296] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "IAStorIcon"=c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "EaseUS EPM tray"=c:\program files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe "IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" /autostart . R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2013-03-07 14920] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2013-03-07 9160] R3 ExpatTrayService;Expat Shield Tray Service;c:\program files\Expat Shield\bin\ExpatTrayService.EXE [2012-01-17 77520] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-08-26 108032] R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2013-03-26 31752] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2013-03-26 20944] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-08-12 1343400] R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272] R4 ExpatShieldService;Expat Shield Service;c:\program files\Expat Shield\bin\openvpnas.exe [2012-01-17 331608] R4 ExpatSrv;Expat Shield Routing Service;c:\program files\Expat Shield\HssWPR\hsssrv.exe [2012-01-04 363336] R4 ExpatWd;Expat Shield Monitoring Service;c:\program files\Expat Shield\bin\hsswd.exe [2012-01-04 329544] R4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2013-03-23 21480] R4 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [2013-04-25 335168] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 176128] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336] S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-07-26 196624] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 64904] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 146568] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2009-09-22 579072] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-08-22 07:52 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-08-27 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2013-08-13 13:39] . 2013-08-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 00:39] . 2013-08-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-08-12 00:39] . . ------- Bijkomende Scan ------- . IE: Afbeelding knippen - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 IE: Kopieer selectie - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 IE: Kopieer URL - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 IE: Nieuwe notitie - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.html IE: Pagina opemen - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 TCP: DhcpNameServer = 195.130.131.2 195.130.130.130 FF - ProfilePath - c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\ FF - prefs.js: browser.startup.homepage - HLN.be, Nieuws, sport en showbizz, 24/24, 7/7, meer dan 350 nieuwsupdates per dag FF - ExtSQL: 2013-08-12 02:37; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF FF - ExtSQL: 2013-08-21 20:29; {64161300-e22b-11db-8314-0800200c9a66}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi FF - ExtSQL: 2013-08-21 20:31; readable@evernote.com; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\readable@evernote.com.xpi FF - ExtSQL: 2013-08-21 20:52; {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi FF - ExtSQL: 2013-08-22 09:37; tiletabs@DW-dev; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\tiletabs@DW-dev.xpi FF - ExtSQL: 2013-08-22 10:17; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-08-22 10:43; searchy@searchy; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\searchy@searchy.xpi FF - ExtSQL: 2013-08-22 10:58; savedpasswordeditor@daniel.dawson; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0x1kqpnu.default-1377109569592\extensions\savedpasswordeditor@daniel.dawson.xpi FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1232880136-1482466113-3239310269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\system32\atieclxx.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\System32\WUDFHost.exe c:\windows\system32\conhost.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\DllHost.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Voltooingstijd: 2013-08-28 21:18:01 - machine werd herstart ComboFix-quarantined-files.txt 2013-08-28 19:18 ComboFix2.txt 2013-05-04 09:03 . Pre-Run: 982.846.136.320 bytes beschikbaar Post-Run: 983.001.673.728 bytes beschikbaar . - - End Of File - - C9729FA9FD555E4CF58911AFD98DC493 A36C5E4F47E84449FF07ED3517B43A31

Heb zojuist ADWcleaner uitgevoerd : geen items gevonden ! Beste groeten

Hallo nogmaals, zend jullie hieronder alvast het resultaat van een Hijackthis-scan ! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:09:03, on 27-8-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9431.0000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe C:\Program Files\Expat Shield\bin\openvpntray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Expat Shield Toolbar - {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files\Expat_Shield\prxtbExpa.dll O2 - BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files\Expat Shield\HssIE\ExpatIE.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll O2 - BHO: Expat Shield - {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files\Expat_Shield\prxtbExpa.dll O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Expat Shield Toolbar - {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files\Expat_Shield\prxtbExpa.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [sRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Afbeelding knippen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 O8 - Extra context menu item: Kopieer selectie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 O8 - Extra context menu item: Kopieer URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 O8 - Extra context menu item: Nieuwe notitie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html O8 - Extra context menu item: Pagina opemen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Expat Shield Service (ExpatShieldService) - Unknown owner - C:\Program Files\Expat Shield\bin\openvpnas.exe O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files\Expat Shield\HssWPR\hsssrv.exe O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files\Expat Shield\bin\ExpatTrayService.EXE O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files\Expat Shield\bin\hsswd.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe -- End of file - 6545 bytes

Hallo, na mijn recente onoplosbare problemen met het geluid op mijn PC heb ik onlangs toch een volledige herinstallatie gedaan van W7. Het geluid is ermee terug, maar bij de herinstallatie van firefox kreeg ik toch weer te maken met ongewenste zoekmachines als (onder andere) Delta. Die zijn intussen verwijderd, maar ik vrees dat nieuwe problemen een gevolg zijn van deze indringers. Ik kan namelijk niet meer geldig klikken op links in websites die bijvoorbeeld een bevestiging vragen van iets. Een ander voorbeeld is de site van de openbare bibliotheek (Ovinob) : de laatste stap in hun catalogus ( = "waar staat het boek ?") werkt NIET meer. Ook als een site me een link stuurt via LIVEMAIL om iets te bevestigen, werkt die link NIET. Intussen heb ik al verscheidene mogelijke oplossingen voor firefox geprobeerd (o.a. volledige her-initialisatie), zonder resultaat. Opvallend : Google werkt WEL normaal. Kan iemand me helpen ? Beste Groeten, Rudy

Heb sedert dit weekend weer geluid op PC ! Dankzij het installeren van een gratis concurrent van W7 : Ubuntu van Linux. Heb Ubuntu nog niet zelf op PC geïnstalleerd maar wel gedownload op een USB-stick van waarop ik het dan uitvoer. Werkt prima ! Zal binnenkort Ubuntu gewoon naast W7 op PC zetten, via toets F8 kan ik dan bij het opstarten tussen beide kiezen. En later waarschijnlijk : adieu Microsoft en al hun duur betaalde miserie.

Al die programma's hebben 1 ding gemeen : ze ruimen wat achtergebleven rommel op, maar iets "herstellen" doen ze natuurlijk allerminst. Gebruik momenteel o.a. Glary utilities, Tune-up Utilities, CC-cleaner, Advanced System Care, Revo Uninstaller... Het is zelfs best mogelijk dat één van die "opkuisers" een paar systeembestanden om zeep geholpen heeft. Er blijft maar 1 mogelijkheid meer over : een volledige herinstallatie van W7, en daar ga ik toch nog eens over slapen. Trouwens het toppunt vind ik wel dat de op de pc geplakte Registratie-sleutel van W7 totaal niet overeenkomt met de sleutel die intern in de PC opgehaald wordt door het programma "Key-finder". En dat zou er mee te maken hebben dat grote firma's zoals Medion of HP een cloon gebruiken van één en dezelfde W7-licentie op al hun verkochte PC's... Een bijkomende waarschuwing dus voor de Forum-leden : bezin eer ge begint want de kans is groot dat je uiteindelijk alleen een lege PC overhoudt.

"Er zijn geen schendingen van de integriteit gevonden"

Ook al gedaan. Ten einde raad heb ik zopas windows 7 trachten te herinstalleren (alleen Upgrade, dus met behoud van alle bestanden). Wel : ook dat lukt niet ! Ik kreeg een foutbericht dat er al een recentere versie van W7 draait dan de Upgrade. Heb het opgezocht en dat zou komen omdat intussen Service Pack 1 geïnstalleerd is en dat moet dan eerst verwijderd worden. Dat verwijderen geeft echter als foutmelding : "Er is een fout opgetreden, niet alle updates zijn verwijderd". Heb het ook nog eens manueel geprobeerd als administrator en krijg dan "0800b0100 - Geen handtekening aanwezig in het onderwerp". Microsoft, dat is één grote klucht.

How to fix Windows Media Player c00d11b1 Heb ik inderdaad als één van de eerste geprobeerd... Ik vrees dat de WMP-foutcode niet de oorzaak is van het probleem maar wel 1 van de gevolgen.

De enige player die werkt (dat wil zeggen : je ziet op de tijdbalk dat de muziek loopt, maar je hoort natuurlijk niets) is de gisteren geïnstalleerde VLC-player. Bij de 2 spelers die al bestonden, nl. WMP en Media Monkey loopt er niets. WMP geeft direct de bekende fout en Media Monkey doet niks. Ik neem aan dat als ik WMP en MM moest herinstalleren ze ook weer normaal zullen werken (zonder geluid natuurlijk, dus dat brengt niets op). En Microsoft heeft er dan nog eens voor gezorgd dat je WMP gewoon niet kunt verwijderen. Ik heb de virtuele geluidskaart SRS Sandbox vandaag verwijderd, alweer zonder resultaat. Wat me wel is opgevallen is dat de Sound Manager (van de echte geluidskaart Realtek) èn het icoon van Sandbox op de taakbalk niet hun gewoon uitzicht maar een lichtgrijze kleur hebben. Op mijn oude XP-pc zit ook Sandbox en het icoon is daar diepblauw terwijl het hier nu licht blauw met witte punten erin is.

Heb zopas een nieuwe mediaplayer geïnstalleerd (VLC). In tegenstelling tot de reeds bestaande (WMP en Media Monkey) speelt deze de muziekbestanden WEL af. Maar ik heb natuurlijk nog altijd geen klank...

ATI HDMI output gereed Speakers Realtek High Definition standaardcommunicatie apparaat Realtek digital output gereed Luidsprekers srs Audio sandbox standaardapparaat

Jammer genoeg weer niks... Het internet staat vol van problemen met code C00D11B1 en er worden tientallen verschillende oplossingen voorgesteld. Ik heb er intussen al een pak geprobeerd (codecs downloaden, registerwaarden wijzigen enz...) Niets helpt. We kunnen het maar beter opgeven, zeker ?

------------------ System Information ------------------ Time of this report: 5/6/2013, 21:38:04 Machine name: PC07 Operating System: Windows 7 Home Premium 32-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.130318-1533) Language: Dutch (Regional Setting: Dutch) System Manufacturer: MEDIONPC System Model: MS-7708 BIOS: Default System BIOS Processor: Intel® Core i3 CPU 550 @ 3.20GHz (4 CPUs), ~3.2GHz Memory: 4096MB RAM Available OS Memory: 3064MB RAM Page File: 1516MB used, 4608MB available Windows Dir: C:\Windows DirectX Version: DirectX 11 DX Setup Parameters: Not found User DPI Setting: Using System DPI System DPI Setting: 96 DPI (100 percent) DWM DPI Scaling: Disabled DxDiag Version: 6.01.7601.17514 32bit Unicode ------------ DxDiag Notes ------------ Display Tab 1: No problems found. Sound Tab 1: No problems found. Sound Tab 2: No problems found. Sound Tab 3: No problems found. Sound Tab 4: No problems found. Input Tab: No problems found. -------------------- DirectX Debug Levels -------------------- Direct3D: 0/4 (retail) DirectDraw: 0/4 (retail) DirectInput: 0/5 (retail) DirectMusic: 0/5 (retail) DirectPlay: 0/9 (retail) DirectSound: 0/5 (retail) DirectShow: 0/6 (retail) --------------- Display Devices --------------- Card name: ATI Radeon HD 5670 Manufacturer: ATI Technologies Inc. Chip type: ATI display adapter (0x68D8) DAC type: Internal DAC(400MHz) Device Key: Enum\PCI\VEN_1002&DEV_68D8&SUBSYS_22051462&REV_00 Display Memory: 1780 MB Dedicated Memory: 504 MB Shared Memory: 1275 MB Current Mode: 1920 x 1080 (16 bit) (60Hz) Monitor Name: Generic PnP Monitor Monitor Model: MD 20110 Monitor Id: MED3605 Native Mode: 1920 x 1080(p) (60.000Hz) Output Type: HDMI Driver Name: aticfx32.dll,aticfx32.dll,aticfx32.dll,atiumdag.dll,atidxx32.dll,atiumdva.cap Driver File Version: 8.17.0010.0029 (English) Driver Version: 8.741.0.0 DDI Version: 11 Driver Model: WDDM 1.1 Driver Attributes: Final Retail Driver Date/Size: 5/27/2010 19:02:46, 511488 bytes WHQL Logo'd: Yes WHQL Date Stamp: Device Identifier: {D7B71EE2-2B98-11CF-CF77-0F02BEC2C535} Vendor ID: 0x1002 Device ID: 0x68D8 SubSys ID: 0x22051462 Revision ID: 0x0000 Driver Strong Name: oem3.inf:ATI.Mfg.NTx86.6.1:ati2mtag_Evergreen:8.741.0.0:pci\ven_1002&dev_68d8 Rank Of Driver: 00E62001 Video Accel: ModeMPEG2_A ModeMPEG2_C Deinterlace Caps: {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {3C5323C1-6FB7-44F5-9081-056BF2EE449D}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {552C0DAD-CCBC-420B-83C8-74943CF9F1A6}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= D3D9 Overlay: Not Supported DXVA-HD: Not Supported DDraw Status: Enabled D3D Status: Enabled AGP Status: Enabled ------------- Sound Devices ------------- Description: Luidsprekers (SRS Audio Sandbox (WDM)) Default Sound Playback: Yes Default Voice Playback: No Hardware ID: SRS\SSCFilter Manufacturer ID: 65535 Product ID: 65535 Type: WDM Driver Name: SRS_SSCFilter_i386.sys Driver Version: 2.07.0007.0000 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 12/15/2009 15:41:30, 268912 bytes Other Files: Driver Provider: SRS Labs, Inc. HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX 2.0 Listen/Src: No, No I3DL2 Listen/Src: No, No Sensaura ZoomFX: No Description: ATI HDMI Output (ATI High Definition Audio Device) Default Sound Playback: No Default Voice Playback: Yes Hardware ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1002 Manufacturer ID: 1 Product ID: 100 Type: WDM Driver Name: AtiHdmi.sys Driver Version: 7.11.0000.7706 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 5/6/2010 11:21:42, 108560 bytes Other Files: Driver Provider: ATI Technologies Inc. HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX 2.0 Listen/Src: No, No I3DL2 Listen/Src: No, No Sensaura ZoomFX: No Description: Realtek Digital Output (Realtek High Definition Audio) Default Sound Playback: No Default Voice Playback: No Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_14627708&REV_1003 Manufacturer ID: 1 Product ID: 100 Type: WDM Driver Name: RTKVHDA.sys Driver Version: 6.00.0001.6136 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 6/14/2010 17:46:22, 3114024 bytes Other Files: Driver Provider: Realtek Semiconductor Corp. HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX 2.0 Listen/Src: No, No I3DL2 Listen/Src: No, No Sensaura ZoomFX: No Description: Speakers (Realtek High Definition Audio) Default Sound Playback: No Default Voice Playback: No Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_14627708&REV_1003 Manufacturer ID: 1 Product ID: 100 Type: WDM Driver Name: RTKVHDA.sys Driver Version: 6.00.0001.6136 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 6/14/2010 17:46:22, 3114024 bytes Other Files: Driver Provider: Realtek Semiconductor Corp. HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX 2.0 Listen/Src: No, No I3DL2 Listen/Src: No, No Sensaura ZoomFX: No --------------------- Sound Capture Devices --------------------- Description: Stereo Mix (Realtek High Definition Audio) Default Sound Capture: Yes Default Voice Capture: Yes Driver Name: RTKVHDA.sys Driver Version: 6.00.0001.6136 (English) Driver Attributes: Final Retail Date and Size: 6/14/2010 17:46:22, 3114024 bytes Cap Flags: 0x1 Format Flags: 0xFFFFF ------------------- DirectInput Devices ------------------- Device Name: Muis Attached: 1 Controller ID: n/a Vendor/Product ID: n/a FF Driver: n/a Device Name: Toetsenbord Attached: 1 Controller ID: n/a Vendor/Product ID: n/a FF Driver: n/a Poll w/ Interrupt: No ----------- USB Devices ----------- + USB-hoofdhub | Vendor/Product ID: 0x8086, 0x3B3C | Matching Device ID: usb\root_hub20 | Service: usbhub | Driver: usbhub.sys, 3/25/2011 04:58:37, 258560 bytes | Driver: usbd.sys, 3/25/2011 04:57:53, 5888 bytes | +-+ Generic USB Hub | | Vendor/Product ID: 0x8087, 0x0020 | | Location: Port_#0001.Hub_#0001 | | Matching Device ID: usb\class_09 | | Service: usbhub | | Driver: usbhub.sys, 3/25/2011 04:58:37, 258560 bytes | | | +-+ USB-invoerapparaat | | | Vendor/Product ID: 0x04F2, 0x0718 | | | Location: Port_#0005.Hub_#0003 | | | Matching Device ID: generic_hid_device | | | Service: HidUsb | | | | | +-+ HID-muis | | | | Vendor/Product ID: 0x04F2, 0x0718 | | | | Matching Device ID: hid_device_system_mouse | | | | Service: mouhid ---------------- Gameport Devices ---------------- ------------ PS/2 Devices ------------ + Standaard-PS/2-toetsenbord | Matching Device ID: *pnp0303 | Service: i8042prt | + Toetsenbordstuurprogramma voor Terminal Server | Matching Device ID: root\rdp_kbd | Upper Filters: kbdclass | Service: TermDD | + Muisstuurprogramma voor Terminal Server | Matching Device ID: root\rdp_mou | Upper Filters: mouclass | Service: TermDD ------------------------ Disk & DVD/CD-ROM Drives ------------------------ Drive: C: Free Space: 1042.2 GB Total Space: 1388.7 GB File System: NTFS Model: WDC WD15EARS-00MVWB0 Drive: D: Free Space: 21.5 GB Total Space: 41.0 GB File System: NTFS Model: WDC WD15EARS-00MVWB0 Drive: Q: Model: n/a Drive: E: Model: TSSTcorp CDDVDW SH-S223C Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7601.17514 (Dutch), 11/20/2010 10:38:10, 108544 bytes -------------- System Devices -------------- Name: Intel® 5 Series/3400 Series Chipset Family SMBus Controller - 3B30 Device ID: PCI\VEN_8086&DEV_3B30&SUBSYS_77081462&REV_06\3&11583659&0&FB Driver: n/a Name: Renesas Electronics USB 3.0 Host Controller Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_77081462&REV_03\4&27A9C313&0&0030 Driver: C:\Windows\system32\DRIVERS\nusb3xhc.sys, 2.00.0004.0000 (English), 4/27/2010 18:28:46, 146568 bytes Name: Intel® 5 Series/3400 Series SATA AHCI Controller Device ID: PCI\VEN_8086&DEV_3B22&SUBSYS_77081462&REV_06\3&11583659&0&FA Driver: C:\Windows\system32\DRIVERS\iaStor.sys, 9.06.0000.1014 (English), 3/4/2010 04:33:26, 435736 bytes Name: High Definition Audio-besturing Device ID: PCI\VEN_1002&DEV_AA60&SUBSYS_AA601462&REV_00\4&2AE06CE7&0&0108 Driver: n/a Name: Intel® P55 Express Chipset LPC Interface Controller - 3B02 Device ID: PCI\VEN_8086&DEV_3B02&SUBSYS_77081462&REV_06\3&11583659&0&F8 Driver: C:\Windows\system32\DRIVERS\msisadrv.sys, 6.01.7600.16385 (English), 7/14/2009 03:20:43, 13888 bytes Name: ATI Radeon HD 5670 Device ID: PCI\VEN_1002&DEV_68D8&SUBSYS_22051462&REV_00\4&2AE06CE7&0&0008 Driver: C:\Windows\system32\DRIVERS\atikmdag.sys, 8.01.0001.1038 (English), 5/27/2010 19:38:24, 5586432 bytes Driver: C:\Windows\system32\DRIVERS\ati2erec.dll, 1.00.0000.0019 (English), 5/27/2010 18:24:16, 53248 bytes Driver: C:\Windows\system32\DRIVERS\atikmpag.sys, 8.14.0001.6117 (English), 5/27/2010 18:25:18, 209920 bytes Driver: C:\Windows\system32\atiumdag.dll, 8.14.0010.0761 (English), 5/27/2010 18:37:44, 3798528 bytes Driver: C:\Windows\system32\atiumdva.dll, 8.14.0010.0263 (English), 5/27/2010 18:31:38, 3025408 bytes Driver: C:\Windows\system32\atitmmxx.dll, 6.14.0011.0022 (English), 5/27/2010 18:58:32, 159744 bytes Driver: C:\Windows\system32\atiicdxx.dat, 4/6/2010 19:54:32, 203336 bytes Driver: C:\Windows\system32\amdpcom32.dll, 8.14.0010.0023 (English), 5/27/2010 18:20:46, 52736 bytes Driver: C:\Windows\system32\atimpc32.dll, 8.14.0010.0023 (English), 5/27/2010 18:20:46, 52736 bytes Driver: C:\Windows\system32\atiadlxx.dll, 6.14.0010.1054 (English), 5/27/2010 18:25:52, 237568 bytes Driver: C:\Windows\system32\atiumdva.cap, 5/27/2010 18:31:14, 534960 bytes Driver: C:\Windows\system32\atimuixx.dll, 6.14.0010.1001 (English), 5/27/2010 18:58:04, 11776 bytes Driver: C:\Windows\system32\atiapfxx.exe, 6.14.0010.1001 (English), 5/27/2010 19:02:58, 143360 bytes Driver: C:\Windows\system32\atiapfxx.blb, 5/27/2010 19:03:08, 57480 bytes Driver: C:\Windows\system32\atiesrxx.exe, 6.14.0011.1059 (English), 5/27/2010 18:59:30, 176128 bytes Driver: C:\Windows\system32\atieclxx.exe, 6.14.0011.1059 (English), 5/27/2010 18:59:54, 376832 bytes Driver: C:\Windows\system32\atipdlxx.dll, 6.14.0010.2562 (English), 5/27/2010 18:58:18, 356352 bytes Driver: C:\Windows\system32\Oemdspif.dll, 6.15.0006.0006 (English), 5/27/2010 18:58:10, 278528 bytes Driver: C:\Windows\system32\ati2edxx.dll, 6.14.0010.2514 (English), 5/27/2010 18:57:58, 43520 bytes Driver: C:\Windows\system32\ATIDEMGX.dll, 2.00.3799.21610 (Dutch), 5/27/2010 19:00:20, 446464 bytes Driver: C:\Windows\system32\atioglxx.dll, 6.14.0010.9901 (English), 5/27/2010 19:05:28, 15180800 bytes Driver: C:\Windows\system32\aticaldd.dll, 6.14.0010.0696 (English), 5/27/2010 18:39:54, 4096000 bytes Driver: C:\Windows\system32\aticalrt.dll, 6.14.0010.0696 (English), 5/27/2010 18:41:10, 53248 bytes Driver: C:\Windows\system32\aticalcl.dll, 6.14.0010.0696 (English), 5/27/2010 18:41:04, 53248 bytes Driver: C:\Windows\system32\atipblag.dat, 4/29/2010 17:37:26, 2137 bytes Driver: C:\Windows\system32\atiu9pag.dll, 8.14.0001.6117 (English), 5/27/2010 18:24:46, 22528 bytes Driver: C:\Windows\system32\atigktxx.dll, 8.14.0001.6117 (English), 5/27/2010 18:25:38, 16896 bytes Driver: C:\Windows\system32\atiglpxx.dll, 8.14.0001.6117 (English), 5/27/2010 18:25:44, 12800 bytes Driver: C:\Windows\system32\atidxx32.dll, 8.17.0010.0286 (English), 5/27/2010 18:54:56, 3668480 bytes Driver: C:\Windows\system32\atiuxpag.dll, 8.14.0001.6117 (English), 5/27/2010 18:24:56, 30208 bytes Driver: C:\Windows\atiogl.xml, 5/4/2010 20:35:38, 21360 bytes Driver: C:\Windows\system32\ATIODCLI.exe, 1.00.0000.0001 (English), 2/3/2009 22:52:02, 45056 bytes Driver: C:\Windows\system32\ATIODE.exe, 1.00.0000.0001 (English), 2/18/2009 19:55:20, 294912 bytes Driver: C:\Windows\system32\aticfx32.dll, 8.17.0010.0029 (English), 5/27/2010 19:02:46, 511488 bytes Driver: C:\Windows\system32\coinst.dll, 1.00.0002.0001 (English), 5/27/2010 18:35:16, 50176 bytes Name: Intel® 82801 PCI Bridge - 244E Device ID: PCI\VEN_8086&DEV_244E&SUBSYS_77081462&REV_A6\3&11583659&0&F0 Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.01.7601.17514 (Dutch), 11/20/2010 14:30:06, 153984 bytes Name: High Definition Audio-besturing Device ID: PCI\VEN_8086&DEV_3B56&SUBSYS_77081462&REV_06\3&11583659&0&D8 Driver: n/a Name: Intel® processor PCI Express Root Port - 0043 Device ID: PCI\VEN_8086&DEV_0043&SUBSYS_77081462&REV_18\3&11583659&0&30 Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.01.7601.17514 (Dutch), 11/20/2010 14:30:06, 153984 bytes Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42 Device ID: PCI\VEN_8086&DEV_3B42&SUBSYS_77081462&REV_06\3&11583659&0&E0 Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.01.7601.17514 (Dutch), 11/20/2010 14:30:06, 153984 bytes Name: Intel® processor PCI Express Root Port - 0041 Device ID: PCI\VEN_8086&DEV_0041&SUBSYS_77081462&REV_18\3&11583659&0&08 Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.01.7601.17514 (Dutch), 11/20/2010 14:30:06, 153984 bytes Name: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C Device ID: PCI\VEN_8086&DEV_3B3C&SUBSYS_77081462&REV_06\3&11583659&0&D0 Driver: C:\Windows\system32\drivers\usbehci.sys, 6.01.7601.17586 (English), 3/25/2011 04:57:58, 43008 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.01.7601.17586 (Dutch), 3/25/2011 04:58:07, 284672 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.01.7601.17586 (Dutch), 3/25/2011 04:58:37, 258560 bytes Name: Intel® processor DRAM Controller - 0040 Device ID: PCI\VEN_8086&DEV_0040&SUBSYS_77081462&REV_18\3&11583659&0&00 Driver: n/a Name: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34 Device ID: PCI\VEN_8086&DEV_3B34&SUBSYS_77081462&REV_06\3&11583659&0&E8 Driver: C:\Windows\system32\drivers\usbehci.sys, 6.01.7601.17586 (English), 3/25/2011 04:57:58, 43008 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.01.7601.17586 (Dutch), 3/25/2011 04:58:07, 284672 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.01.7601.17586 (Dutch), 3/25/2011 04:58:37, 258560 bytes Name: Realtek PCIe GBE Family Controller Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_77081462&REV_06\4&15E20CA&0&00E0 Driver: n/a ------------------ DirectShow Filters ------------------ DirectShow Filters: WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,6.01.7601.17514 WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,6.01.7601.17514 WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,6.01.7601.17514 MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,6.01.7600.16385 Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,6.01.7600.16385 WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,6.01.7601.17514 WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,6.01.7601.17514 Expression Encoder Screen Codec 2,0x00600800,1,1,Microsoft.Expression.Encoder.EEScreen.Codec.dll,4.00.3205.0000 Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,6.01.7600.16385 Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,6.01.7600.16385 ffdshow Video Decoder,0xff800001,2,1,ffdshow.ax,1.01.3761.0000 WMT VIH2 Fix,0x00200000,1,1,WLXVAFilt.dll,15.04.3555.0308 Record Queue,0x00200000,1,1,WLXVAFilt.dll,15.04.3555.0308 WMT Switch Filter,0x00200000,1,1,WLXVAFilt.dll,15.04.3555.0308 WMT Virtual Renderer,0x00200000,1,0,WLXVAFilt.dll,15.04.3555.0308 WMT DV Extract,0x00200000,1,1,WLXVAFilt.dll,15.04.3555.0308 WMT Virtual Source,0x00200000,0,1,WLXVAFilt.dll,15.04.3555.0308 WMT Sample Information Filter,0x00200000,1,1,WLXVAFilt.dll,15.04.3555.0308 CyberLink MPEG Video Encoder,0x00200000,1,1,P2GVidEnc.ax,6.00.0001.2226 ffdshow DXVA Video Decoder,0xff800002,2,1,ffdshow.ax,1.01.3761.0000 ffdshow raw video filter,0x00200000,2,1,ffdshow.ax,1.01.3761.0000 ffdshow Audio Decoder,0xff800001,1,1,ffdshow.ax,1.01.3761.0000 Bytescout Screen Capturing Filter,0x00200000,0,1,BytescoutScreenCapturingFilter.dll,1.60.0565.0000 CyberLink MP3/WAV Wrapper,0x00200000,1,1,P2GMP3Wrap.ax,3.07.0000.1314 DV Muxer,0x00400000,0,0,qdv.dll,6.06.7601.17514 MPC - Mpeg Source (Gabest),0x00400000,0,0,MpegSplitter.ax,1.05.0001.2910 CyberLink AudioCD Filter,0x00200000,0,1,P2GAudioCD.ax,5.00.0000.1321 Color Space Converter,0x00400001,1,1,quartz.dll,6.06.7601.17713 WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.7601.17514 Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,12.00.7601.17514 AVI Splitter,0x00600000,1,1,quartz.dll,6.06.7601.17713 VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.06.7601.17713 SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,6.06.7601.17528 CyberLink Editing Service 3.0 (Source),0x00200000,0,2,P2GEdtKrn.dll,3.00.0000.2911 Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,12.00.9200.16426 AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.7601.17528 StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.7601.17528 Microsoft TV Captions Decoder,0x00200001,1,0,MSTVCapn.dll,6.01.7601.17715 MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.06.7601.17713 CBVA DMO wrapper filter,0x00200000,1,1,cbva.dll,6.01.7601.17514 MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.06.7601.17713 SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713 P2G Video Decoder,0x00200000,2,3,P2GVSD.ax,6.00.0000.2310 VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7601.17514 MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.7601.17528 MPC - MP4 Source,0x00600000,0,0,MP4Splitter.ax,1.05.0001.2910 Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,6.06.7601.17514 SBE2FileScan,0x00200000,0,0,sbe.dll,6.06.7601.17528 Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7601.17514 Bytescout Video Mixer Filter,0x00200000,2,1,BytescoutVideoMixerFilter.dll,1.00.0565.0000 MPC - FLV Splitter (Gabest),0x00600000,1,1,FLVSplitter.ax,1.05.0001.2910 Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.06.7601.17713 CyberLink Video Regulator,0x00200000,1,1,P2GRGL.ax,2.00.0000.3328 P2G Audio Decoder,0x00200000,1,1,P2GAud.ax,6.01.0000.3601 MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.06.7601.17713 WavPack Audio Decoder,0x00600000,1,1,WavPackDSDecoder.ax,1.01.0000.0484 PlayReady DMO Wrapper,0x00600002,1,1,PRDMOW~1.DLL,1.03.2297.0000 DV Splitter,0x00600000,1,2,qdv.dll,6.06.7601.17514 Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.06.7601.17713 CyberLink Video Effect,0x00200000,1,1,P2GVidFx.ax,1.00.0000.2030 MS PR Source Filter,0x00200000,0,2,PRSource.dll,1.03.2297.0000 Haali Media Splitter,0x00800001,0,1,splitter.ax,1.10.0348.0015 Haali Media Splitter (AR),0x00400000,1,1,splitter.ax,1.10.0348.0015 CyberLink Audio Noise Reduction,0x00200000,1,1,P2GAuNRWrapper.ax,2.00.0000.1017 Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,6.01.7601.17514 CyberLink Load Image Filter,0x00200000,0,1,CLImage.ax,3.00.0000.2307 MPC - MP4 Splitter,0x00600000,1,1,MP4Splitter.ax,1.05.0001.2910 CyberLink MPEG-2 Splitter,0x00200000,1,2,P2Gm2spliter.ax,2.04.0000.2301 CyberLink Audio VolumeBooster,0x00200000,1,1,P2GVB.ax,1.00.0000.1008 ACM Wrapper,0x00600000,1,1,quartz.dll,6.06.7601.17713 madFlac Decoder,0x00600000,1,1,madFlac.ax,1.10.0000.0000 Video Renderer,0x00800001,1,0,quartz.dll,6.06.7601.17713 MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.7601.17528 Cyberlink Dump Dispatch Filter,0x00200000,1,0,P2GDumpDispatch.ax,1.02.0001.2412 Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.06.7601.17835 Video Port Manager,0x00600000,2,1,quartz.dll,6.06.7601.17713 CyberLink Line21 Decoder Filter (PDC 1.0),0x00200000,0,2,CLLine21.ax,4.00.0000.3924 Video Renderer,0x00400000,1,0,quartz.dll,6.06.7601.17713 CyberLink Audio Resampler,0x00200000,1,1,P2GAuRsmpl.ax,1.00.0000.2625 Haali Video Renderer,0x00200000,1,0,dxr.dll, File Writer,0x00200000,1,0,WLXVAFilt.dll,15.04.3555.0308 VPS Decoder,0x00200000,0,0,WSTPager.ax,6.06.7601.17514 WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.7601.17514 CyberLink MPEG-1 Splitter,0x00200000,1,2,P2Gm1spliter.ax,2.04.0000.2301 VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.01.7601.17514 CyberLink DVD Navigator (PDC 1.0),0x00200000,0,3,CLNavX.ax,6.00.0000.1321 File writer,0x00200000,1,0,qcap.dll,6.06.7601.17514 iTV Data Sink,0x00600000,1,0,itvdata.dll,6.06.7601.17514 iTV Data Capture filter,0x00600000,1,1,itvdata.dll,6.06.7601.17514 Cyberlink File Reader (Async.),0x00200000,0,1,P2GReader.ax,3.00.0000.3016 CyberLink M2V Writer,0x00200000,1,0,P2GM2VWriter.ax,1.03.0000.2017 Haali Simple Media Splitter,0x00200000,0,1,splitter.ax,1.10.0348.0015 DirectVobSub,0x00200000,2,1,vsfilter.dll,2.39.0005.0003 Cyberlink Dump Filter,0x00200000,1,0,P2GDump.ax,3.00.0000.7122 CyberLink Video Stabilizer,0x00200000,1,1,P2GVideoStabilizer.ax,1.00.0000.1017 DirectVobSub (auto-loading version),0x00800002,2,1,vsfilter.dll,2.39.0005.0003 Expression Encoder Screen Codec 2,0x00600000,0,0,Microsoft.Expression.Encoder.EEScreen.Codec.dll,4.00.3205.0000 CyberLink PCM Wrapper,0x00200000,1,1,P2GPCMEnc.ax,1.01.0000.0321 DVD Navigator,0x00200000,0,3,qdvd.dll,6.06.7601.17835 Microsoft TV Subtitles Decoder,0x00200001,1,0,MSTVCapn.dll,6.01.7601.17715 Overlay Mixer2,0x00200000,1,1,qdvd.dll,6.06.7601.17835 Haali Matroska Muxer,0x00200000,1,0,splitter.ax,1.10.0348.0015 AVI Draw,0x00600064,9,1,quartz.dll,6.06.7601.17713 RDP DShow Redirection Filter,0xffffffff,1,0,DShowRdpFilter.dll, Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7601.17514 WST Pager,0x00200000,1,1,WSTPager.ax,6.06.7601.17514 MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.7601.17528 DV Video Decoder,0x00800000,1,1,qdv.dll,6.06.7601.17514 ffdshow Audio Processor,0x00200000,1,1,ffdshow.ax,1.01.3761.0000 SampleGrabber,0x00200000,1,1,qedit.dll,6.06.7601.17514 Null Renderer,0x00200000,1,0,qedit.dll,6.06.7601.17514 madFlac Source,0x00600000,0,1,madFlac.ax,1.10.0000.0000 MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.7601.17514 Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,6.01.7601.17514 MPC - FLV Source (Gabest),0x00600000,0,0,FLVSplitter.ax,1.05.0001.2910 StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.7601.17528 CyberLink TimeStretch Filter (CES),0x00200000,1,1,P2Gauts.ax,1.00.0000.2212 Smart Tee,0x00200000,1,2,qcap.dll,6.06.7601.17514 Overlay Mixer,0x00200000,0,0,qdvd.dll,6.06.7601.17835 CyberLink TL MPEG Splitter,0x00200000,1,2,P2GTLMSplter.ax,3.02.0000.2219 AVI Decompressor,0x00600000,1,1,quartz.dll,6.06.7601.17713 CyberLink MPEG Muxer,0x00200000,2,1,P2GMpgMux.ax,5.01.0000.1723 NetBridge,0x00200000,2,0,netbridge.dll,6.01.7601.17514 AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.06.7601.17713 MPC - MPEG4 Video Splitter,0x00600000,1,1,MP4Splitter.ax,1.05.0001.2910 Wave Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713 MIDI Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713 Multi-file Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713 File stream renderer,0x00400000,1,1,quartz.dll,6.06.7601.17713 WavPack Audio Splitter,0x00600000,1,1,WavPackDSSplitter.ax,1.01.0000.0323 ffdshow subtitles filter,0x00200000,2,1,ffdshow.ax,1.01.3761.0000 MPC - Mpeg Splitter (Gabest),0x00400001,1,1,MpegSplitter.ax,1.05.0001.2910 Adaptive Streaming Filter,0x00600000,0,0,Microsoft.Expression.Encoder.Utilities2.dll,4.00.3205.0000 Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,6.01.7140.0000 StreamBufferSink2,0x00200000,0,0,sbe.dll,6.06.7601.17528 AVI Mux,0x00200000,1,0,qcap.dll,6.06.7601.17514 MPC - MPEG4 Video Source,0x00600000,0,0,MP4Splitter.ax,1.05.0001.2910 Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.06.7601.17713 File Source (Async.),0x00400000,0,1,quartz.dll,6.06.7601.17713 File Source (URL),0x00400000,0,1,quartz.dll,6.06.7601.17713 Media Center Extender Encryption Filter,0x00200000,2,2,Mcx2Filter.dll,6.01.7601.17514 P2G Video Regulator,0x00200000,1,1,P2GResample.ax,2.05.0000.1818 PDC Video Decoder,0x00200000,2,3,CLVSD.ax,5.00.0000.3009 AudioRecorder WAV Dest,0x00200000,0,0,WavDest.dll, AudioRecorder Wave Form,0x00200000,0,0,WavDest.dll, SoundRecorder Null Renderer,0x00200000,0,0,WavDest.dll, P2G Audio Encoder,0x00200000,2,0,P2GAudEnc.ax,2.00.0000.4815 Haali Video Sink,0x00200000,1,0,splitter.ax,1.10.0348.0015 Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.06.7601.17514 Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.01.7601.17514 BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.7601.17669 MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.06.7601.17713 CyberLink MPEG Decoder,0x00200000,2,3,P2GMVD.ax,5.00.0000.0929 WDM Streaming Tee/Splitter Devices: Tee/Sink-to-Sink-conversieprogramma,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Video Compressors: WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,6.01.7600.16385 WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,6.01.7600.16385 MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,6.01.7600.16385 DV Video Encoder,0x00200000,0,0,qdv.dll,6.06.7601.17514 ffdshow video encoder,0x00100000,1,1,ffdshow.ax,1.01.3761.0000 MJPEG Compressor,0x00200000,0,0,quartz.dll,6.06.7601.17713 Cinepak-codec van Radius,0x00200000,1,1,qcap.dll,6.06.7601.17514 Intel Indeo® Video R3.2,0x00200000,1,1,qcap.dll,6.06.7601.17514 Intel Indeo® Video 4.5,0x00200000,1,1,qcap.dll,6.06.7601.17514 Indeo® video 5.10,0x00200000,1,1,qcap.dll,6.06.7601.17514 Intel IYUV-codec,0x00200000,1,1,qcap.dll,6.06.7601.17514 Microsoft RLE,0x00200000,1,1,qcap.dll,6.06.7601.17514 Microsoft Video 1,0x00200000,1,1,qcap.dll,6.06.7601.17514 Audio Compressors: WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,6.01.7600.16385 WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,6.01.7600.16385 IAC2,0x00200000,1,1,quartz.dll,6.06.7601.17713 IMA ADPCM,0x00200000,1,1,quartz.dll,6.06.7601.17713 PCM,0x00200000,1,1,quartz.dll,6.06.7601.17713 Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.06.7601.17713 GSM 6.10,0x00200000,1,1,quartz.dll,6.06.7601.17713 Messenger Audio Codec,0x00200000,1,1,quartz.dll,6.06.7601.17713 CCITT A-Law,0x00200000,1,1,quartz.dll,6.06.7601.17713 CCITT u-Law,0x00200000,1,1,quartz.dll,6.06.7601.17713 MPEG Layer-3,0x00200000,1,1,quartz.dll,6.06.7601.17713 Audio Capture Sources: Stereo Mix (Realtek High Defini,0x00200000,0,0,qcap.dll,6.06.7601.17514 PBDA CP Filters: PBDA DTFilter,0x00600000,1,1,CPFilters.dll,6.06.7601.17528 PBDA ETFilter,0x00200000,0,0,CPFilters.dll,6.06.7601.17528 PBDA PTFilter,0x00200000,0,0,CPFilters.dll,6.06.7601.17528 Midi Renderers: Default MidiOut Device,0x00800000,1,0,quartz.dll,6.06.7601.17713 Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,6.06.7601.17713 WDM Streaming Capture Devices: ,0x00000000,0,0,, Realtek HD Audio Line input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Realtek HD Audio Mic input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Realtek HD Audio Stereo input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 WDM Streaming Rendering Devices: ATI HD Audio rear output,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Realtek HD Audio output,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Realtek HDA SPDIF Out,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 SRS Audio Sandbox,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 BDA Network Providers: Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514 Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514 Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514 Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514 Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.7601.17514 Video Capture Sources: Bytescout Screen Capturing Filter,0x00200000,0,1,BytescoutScreenCapturingFilter.dll,1.60.0565.0000 vfwwdm32.dll,0x00200000,0,0,qcap.dll,6.06.7601.17514 Multi-Instance Capable VBI Codecs: VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7601.17514 BDA Transport Information Renderers: BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.7601.17669 MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.7601.17514 BDA CP/CA Filters: Decrypt/Tag,0x00600000,1,1,EncDec.dll,6.06.7601.17708 Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.7601.17708 PTFilter,0x00200000,0,0,EncDec.dll,6.06.7601.17708 XDS Codec,0x00200000,0,0,EncDec.dll,6.06.7601.17708 WDM Streaming Communication Transforms: Tee/Sink-to-Sink-conversieprogramma,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Audio Renderers: Luidsprekers (SRS Audio Sandbox,0x00200000,1,0,quartz.dll,6.06.7601.17713 ATI HDMI Output (ATI High Defin,0x00200000,1,0,quartz.dll,6.06.7601.17713 Default DirectSound Device,0x00800000,1,0,quartz.dll,6.06.7601.17713 Default WaveOut Device,0x00200000,1,0,quartz.dll,6.06.7601.17713 DirectSound: ATI HDMI Output (ATI High Definition Audio Device),0x00200000,1,0,quartz.dll,6.06.7601.17713 DirectSound: Luidsprekers (SRS Audio Sandbox (WDM)),0x00200000,1,0,quartz.dll,6.06.7601.17713 DirectSound: Realtek Digital Output (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7601.17713 DirectSound: Speakers (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7601.17713 Realtek Digital Output (Realtek,0x00200000,1,0,quartz.dll,6.06.7601.17713 Speakers (Realtek High Definiti,0x00200000,1,0,quartz.dll,6.06.7601.17713 --------------- EVR Power Information --------------- Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality) Quality Flags: 2576 Enabled: Force throttling Allow half deinterlace Allow scaling Decode Power Usage: 100 Balanced Flags: 1424 Enabled: Force throttling Allow batching Force half deinterlace Force scaling Decode Power Usage: 50 PowerFlags: 1424 Enabled: Force throttling Allow batching Force half deinterlace Force scaling Decode Power Usage: 0

Heb hier onderaan de PC een plaatje gevonden met volgende nrs : ART NR 1001 4248 EAN 27083796 Type MED MT684 MED S/N 14832010010488

http://speccy.piriform.com/results/vYRhv1iOsGl2ONAIhHO7ls6

Jammer genoeg niet. Pc lijkt wel ietsje sneller te starten. In gelijk welke media-player gebeurt hetzelfde : het afspelen zie je op de tijdbalk starten en na een seconde stoppen. Ik veronderstel dat het de machine-instructie is, die met deze "start-muziek-afspelen"-opdracht moet uitgevoerd worden, gewoon NIET meer werkt. Zelfs het testen van de luidsprekers werkt niet. Is er geen windows-logbestand dat alle handelingen op een PC registreert ?

ComboFix 13-05-04.01 - rudy 05/05/2013 10:38:18.2.4 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3063.1905 [GMT 2:00] Gestart vanuit: c:\users\rudy\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\rudy\Desktop\CFscript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} . . (((((((((((((((((((( Bestanden Gemaakt van 2013-04-05 to 2013-05-05 )))))))))))))))))))))))))))))) . . 2013-05-05 08:47 . 2013-05-05 08:47 -------- d-----w- c:\users\pcxp\AppData\Local\temp 2013-05-05 08:47 . 2013-05-05 08:47 -------- d-----w- c:\users\Gast\AppData\Local\temp 2013-05-05 08:47 . 2013-05-05 08:47 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-05-05 08:47 . 2013-05-05 08:47 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AFF3CC56-0FB2-46A7-A94A-0FAE27CE51B1}\offreg.dll 2013-05-04 08:51 . 2013-05-05 08:47 -------- d-----w- c:\users\rudy\AppData\Local\temp 2013-05-03 23:46 . 2013-05-03 23:46 -------- d-----w- c:\programdata\PC Drivers HeadQuarters 2013-05-03 22:35 . 2013-05-03 22:40 -------- d-----w- c:\program files\Registry Easy 2013-05-03 21:21 . 2013-05-03 21:21 -------- d-----w- c:\program files\Coopoint 2013-05-03 21:07 . 2013-04-10 03:08 6906960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AFF3CC56-0FB2-46A7-A94A-0FAE27CE51B1}\mpengine.dll 2013-05-03 17:46 . 2013-05-03 17:46 -------- d-----w- c:\programdata\RegAce 2013-05-02 22:41 . 2013-05-02 22:41 -------- d-----w- c:\users\Default\AppData\Local\Google 2013-05-02 17:49 . 2013-05-02 17:49 -------- d-----w- c:\program files\Common Files\ParetoLogic 2013-05-02 17:49 . 2013-05-02 17:49 -------- d-----w- c:\program files\ParetoLogic 2013-05-02 11:38 . 2013-05-02 11:38 -------- d-----w- C:\NVIDIA 2013-05-02 11:17 . 2005-11-14 06:19 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe 2013-04-28 10:31 . 2013-04-28 10:31 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-28 10:29 . 2013-04-28 10:29 369856 ----a-w- c:\windows\system32\drivers\cng.sys 2013-04-28 10:29 . 2013-04-28 10:29 247808 ----a-w- c:\windows\system32\schannel.dll 2013-04-28 10:29 . 2013-04-28 10:29 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2013-04-28 10:29 . 2013-04-28 10:29 1039360 ----a-w- c:\windows\system32\lsasrv.dll 2013-04-28 10:28 . 2013-04-28 10:28 514560 ----a-w- c:\windows\system32\qdvd.dll 2013-04-28 10:04 . 2013-04-28 10:04 -------- d-----w- c:\users\rudy\AppData\Local\Programs 2013-04-26 13:49 . 2013-05-02 14:48 -------- d-----w- c:\program files\Common Files\Java 2013-04-23 10:18 . 2013-05-02 14:52 -------- d---a-w- c:\windows\system32\catroot2.old 2013-04-23 08:59 . 2012-06-02 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2013-04-23 08:59 . 2012-06-02 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll 2013-04-23 08:59 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\system32\crypt32.dll 2013-04-19 13:09 . 2013-04-19 13:09 -------- d-----w- c:\program files\Mozilla Maintenance Service 2013-04-19 13:09 . 2013-04-19 13:09 26520 ----a-w- c:\program files\Mozilla Firefox\plugin-hang-ui.exe 2013-04-12 14:19 . 2013-03-06 22:33 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-04-12 14:19 . 2013-03-06 22:33 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-04-12 14:19 . 2013-03-06 22:33 60656 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-04-12 14:19 . 2013-03-06 22:33 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-04-12 14:19 . 2013-03-06 22:33 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-04-12 14:19 . 2013-03-06 22:33 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-04-12 14:19 . 2013-03-06 22:32 228600 ----a-w- c:\windows\system32\aswBoot.exe 2013-04-12 14:18 . 2013-03-06 22:32 41664 ----a-w- c:\windows\avastSS.scr 2013-04-11 16:44 . 2013-04-11 16:44 -------- d-----w- c:\users\rudy\AppData\Roaming\ParetoLogic 2013-04-11 16:44 . 2013-04-11 16:44 -------- d-----w- c:\users\rudy\AppData\Roaming\DriverCure 2013-04-11 16:44 . 2013-05-02 17:49 -------- d-----w- c:\programdata\ParetoLogic 2013-04-11 16:26 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys 2013-04-11 16:26 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-04-11 16:26 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-04-11 16:26 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll 2013-04-11 16:26 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe 2013-04-11 16:25 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys 2013-04-11 15:54 . 2013-04-11 15:54 -------- d-----w- c:\programdata\AVS4YOU 2013-04-11 15:54 . 2013-04-11 15:54 -------- d-----w- c:\users\rudy\AppData\Roaming\AVS4YOU 2013-04-11 15:53 . 2013-04-11 16:10 -------- d-----w- c:\program files\Common Files\AVSMedia 2013-04-11 15:40 . 2013-05-02 13:11 -------- d-----w- c:\users\rudy\compilatie-cd's 2013-04-10 15:56 . 2013-05-03 17:59 -------- d-----w- c:\users\rudy\AppData\Roaming\Systweak . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-04 14:05 . 2011-05-18 16:24 704136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2013-05-02 00:06 . 2010-08-30 16:46 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-04-28 10:30 . 2013-04-28 10:30 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui 2013-04-18 08:42 . 2012-04-11 06:51 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-04-18 08:42 . 2011-06-20 20:08 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-04-17 18:20 . 2012-04-12 07:43 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2013-04-04 03:36 . 2012-09-13 12:29 866720 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-04-04 03:35 . 2010-08-30 10:05 788896 ----a-w- c:\windows\system32\deployJava1.dll 2013-03-06 23:33 . 2013-03-15 15:16 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-03-06 23:33 . 2013-03-15 15:16 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-02-12 04:48 . 2013-03-15 15:31 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-15 15:31 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-02-12 03:32 . 2013-03-26 09:39 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-04-19 13:09 . 2011-05-04 05:59 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-03-06 22:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2013-03-07 14:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2013-03-07 14:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2013-03-07 14:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2013-03-07 14:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832] "RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-12-10 107000] "Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840] "SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2010-01-07 3216664] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-06-14 9288296] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304] "NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840] . c:\users\rudy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2012-12-3 1044320] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R3 aswVmm;aswVmm; [x] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [x] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [x] R3 ExpatTrayService;Expat Shield Tray Service;c:\program files\Expat Shield\bin\ExpatTrayService.EXE [x] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 SliceDisk5;SliceDisk5;c:\program files\A-FF Find and Mount\slicedisk.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 aswRvrt;aswRvrt; [x] S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [x] S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x] S2 ExpatShieldService;Expat Shield Service;c:\program files\Expat Shield\bin\openvpnas.exe [x] S2 ExpatSrv;Expat Shield Routing Service;c:\program files\Expat Shield\HssWPR\hsssrv.exe [x] S2 ExpatWd;Expat Shield Monitoring Service;c:\program files\Expat Shield\bin\hsswd.exe [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe [x] S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc GPSvcGroup REG_MULTI_SZ GPSvc . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-05-02 23:31 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-05-05 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 08:42] . 2013-05-05 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2012-08-26 16:59] . 2013-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-24 13:39] . 2013-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-24 13:39] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://mijn.ovinob.be/index.cfm?wat=links uInternet Settings,ProxyOverride = 127.0.0.1 TCP: DhcpNameServer = 195.130.130.2 195.130.131.2 TCP: Interfaces\{ACFD45BF-ACFE-4DDF-B2E4-630826F78D39}: NameServer = 8.8.8.8 FF - ProfilePath - c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0iqgl65m.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.startup.homepage - hxxp://www.hln.be/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p= FF - ExtSQL: 2013-04-12 16:19; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF FF - ExtSQL: 2013-04-28 12:06; ascsurfingprotection@iobit.com; c:\users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0iqgl65m.default\extensions\ascsurfingprotection@iobit.com . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="ChromeHTML" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-05-05 10:50:06 ComboFix-quarantined-files.txt 2013-05-05 08:50 ComboFix2.txt 2013-05-04 09:03 . Pre-Run: 1.092.588.691.456 bytes beschikbaar Post-Run: 1.092.644.737.024 bytes beschikbaar . - - End Of File - - C079CEA7115624B12249809E3CCAA # AdwCleaner v2.300 - Verslag gemaakt op 05/05/2013 om 09:51:15 # Geactualiseerd op 28/04/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (32 bits) # Gebruiker : rudy - PC07 # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\rudy\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.url File Verwijdert : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\brav6mkq.default\searchplugins\funmoods.xml Map Verwijdert : C:\Program Files\Common Files\spigot Map Verwijdert : C:\Program Files\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com Map Verwijdert : C:\Program Files\SweetIM Map Verwijdert : C:\ProgramData\Partner Map Verwijdert : C:\ProgramData\Tarma Installer Map Verwijdert : C:\Users\rudy\AppData\Local\Ilivid Player Map Verwijdert : C:\Users\rudy\AppData\Local\OpenCandy Map Verwijdert : C:\Users\rudy\AppData\Local\PackageAware Map Verwijdert : C:\Users\rudy\AppData\Roaming\Desk 365 Map Verwijdert : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0iqgl65m.default\Conduit Map Verwijdert : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0iqgl65m.default\WinampToolbarData Map Verwijdert : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\brav6mkq.default\extensions\plugin@yontoo.com Map Verwijdert : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\brav6mkq.default\extensions\staged Map Verwijdert : C:\Users\rudy\AppData\Roaming\OpenCandy Map Verwijdert : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\APN PIP Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\IM Sleutel Verwijdert : HKCU\Software\ImInstaller Sleutel Verwijdert : HKCU\Software\OCS Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Sleutel Verwijdert : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B Sleutel Verwijdert : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\Freeze.com Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} Sleutel Verwijdert : HKLM\Software\PIP ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v20.0.1 (nl) File : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0iqgl65m.default\prefs.js C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\0iqgl65m.default\user.js ... Verwijdert ! Verwijdert : user_pref("CT2384137.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Verwijdert : user_pref("CT2384137.CTID", "CT2384137"); Verwijdert : user_pref("CT2384137.DialogsAlignMode", "LTR"); Verwijdert : user_pref("CT2384137.EMailNotifierPollDate", "Mon Nov 16 2009 20:08:45 GMT+0100 (Romance (standaardt[...] Verwijdert : user_pref("CT2384137.FirstTime", true); Verwijdert : user_pref("CT2384137.FirstTimeFF3", true); Verwijdert : user_pref("CT2384137.GroupingServerCheckInterval", 1440); Verwijdert : user_pref("CT2384137.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Verwijdert : user_pref("CT2384137.Initialize", true); Verwijdert : user_pref("CT2384137.InitializeCommonPrefs", true); Verwijdert : user_pref("CT2384137.InstalledDate", "Thu Nov 12 2009 15:05:39 GMT+0100 (Romance (standaardtijd))"); Verwijdert : user_pref("CT2384137.InvalidateCache", false); Verwijdert : user_pref("CT2384137.IsGrouping", false); Verwijdert : user_pref("CT2384137.IsMulticommunity", false); Verwijdert : user_pref("CT2384137.IsOpenThankYouPage", true); Verwijdert : user_pref("CT2384137.IsOpenUninstallPage", true); Verwijdert : user_pref("CT2384137.LanguagePackLastCheckTime", "Mon Nov 16 2009 08:46:55 GMT+0100 (Romance (standa[...] Verwijdert : user_pref("CT2384137.LanguagePackReloadIntervalMM", 1440); Verwijdert : user_pref("CT2384137.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Verwijdert : user_pref("CT2384137.LastLogin_2.4.0.4", "Mon Nov 16 2009 18:03:15 GMT+0100 (Romance (standaardtijd)[...] Verwijdert : user_pref("CT2384137.LatestVersion", "2.1.0.18"); Verwijdert : user_pref("CT2384137.Locale", "en"); Verwijdert : user_pref("CT2384137.LoginCache", 4); Verwijdert : user_pref("CT2384137.MCDetectTooltipHeight", "83"); Verwijdert : user_pref("CT2384137.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Verwijdert : user_pref("CT2384137.MCDetectTooltipWidth", "295"); Verwijdert : user_pref("CT2384137.RadioIsPodcast", false); Verwijdert : user_pref("CT2384137.RadioLastCheckTime", "Mon Nov 16 2009 08:46:56 GMT+0100 (Romance (standaardtijd[...] Verwijdert : user_pref("CT2384137.RadioLastUpdateIPServer", "4"); Verwijdert : user_pref("CT2384137.RadioLastUpdateServer", "128998424480370000"); Verwijdert : user_pref("CT2384137.RadioMediaID", "12743586"); Verwijdert : user_pref("CT2384137.RadioMediaType", "Media Player"); Verwijdert : user_pref("CT2384137.RadioMenuSelectedID", "EBRadioMenu_CT238413712743586"); Verwijdert : user_pref("CT2384137.RadioStationName", "Radio%20IO%20-%2080s%20New%20Wave%20"); Verwijdert : user_pref("CT2384137.RadioStationURL", "hxxp://eradioportal.com/radioio_80s_New_Wave.asx"); Verwijdert : user_pref("CT2384137.SHRINK_TOOLBAR", 1); Verwijdert : user_pref("CT2384137.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...] Verwijdert : user_pref("CT2384137.SearchFromAddressBarIsInit", true); Verwijdert : user_pref("CT2384137.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT238[...] Verwijdert : user_pref("CT2384137.SearchInNewTabEnabled", true); Verwijdert : user_pref("CT2384137.SearchInNewTabIntervalMM", 1440); Verwijdert : user_pref("CT2384137.SearchInNewTabLastCheckTime", "Mon Nov 16 2009 08:46:52 GMT+0100 (Romance (stan[...] Verwijdert : user_pref("CT2384137.SearchInNewTabServiceUrl", "hxxp://hosting.conduit-services.com/newtab/?ctid=EB[...] Verwijdert : user_pref("CT2384137.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Verwijdert : user_pref("CT2384137.SettingsCheckIntervalMin", 120); Verwijdert : user_pref("CT2384137.SettingsLastCheckTime", "Mon Nov 16 2009 20:08:41 GMT+0100 (Romance (standaardt[...] Verwijdert : user_pref("CT2384137.SettingsLastUpdate", "1257848016"); Verwijdert : user_pref("CT2384137.ThirdPartyComponentsInterval", 72); Verwijdert : user_pref("CT2384137.ThirdPartyComponentsLastCheck", "Mon Nov 16 2009 08:46:50 GMT+0100 (Romance (st[...] Verwijdert : user_pref("CT2384137.ThirdPartyComponentsLastUpdate", "1258298858"); Verwijdert : user_pref("CT2384137.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...] Verwijdert : user_pref("CT2384137.UserID", "UN45209447438754047"); Verwijdert : user_pref("CT2384137.ValidationData_Toolbar", 2); Verwijdert : user_pref("CT2384137.WeatherNetwork", ""); Verwijdert : user_pref("CT2384137.WeatherPollDate", "Mon Nov 16 2009 20:08:44 GMT+0100 (Romance (standaardtijd))"[...] Verwijdert : user_pref("CT2384137.WeatherUnit", "C"); Verwijdert : user_pref("CT2384137.alertChannelId", "778910"); Verwijdert : user_pref("CT2384137.clientLogIsEnabled", false); Verwijdert : user_pref("CT2384137.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Verwijdert : user_pref("CT2384137.myStuffEnabled", true); Verwijdert : user_pref("CT2384137.myStuffPublihserMinWidth", 400); Verwijdert : user_pref("CT2384137.myStuffSearchUrl", "hxxp://search.conduit.com/Results.aspx?q=SEARCH_TERM&ctid=E[...] Verwijdert : user_pref("CT2384137.myStuffServiceIntervalMM", 1440); Verwijdert : user_pref("CT2384137.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Verwijdert : user_pref("CT2384137.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Verwijdert : user_pref("CT2911070..clientLogIsEnabled", false); Verwijdert : user_pref("CT2911070..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Verwijdert : user_pref("CT2911070..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Verwijdert : user_pref("CT2911070.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Verwijdert : user_pref("CT2911070.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Verwijdert : user_pref("CT2911070.AppTrackingLastCheckTime", "Wed May 04 2011 07:57:37 GMT+0200 (Romance (zomerti[...] Verwijdert : user_pref("CT2911070.BrowserCompStateIsOpen_129455460006513117", true); Verwijdert : user_pref("CT2911070.BrowserCompStateIsOpen_129455460229794273", true); Verwijdert : user_pref("CT2911070.BrowserCompStateIsOpen_129559982809217923", true); Verwijdert : user_pref("CT2911070.BrowserCompStateIsOpen_129973817349237684", true); Verwijdert : user_pref("CT2911070.BrowserCompStateIsOpen_1366704334000", true); Verwijdert : user_pref("CT2911070.BrowserCompStateIsOpen_1367225867000", true); Verwijdert : user_pref("CT2911070.CT2911070", "CT2911070"); Verwijdert : user_pref("CT2911070.CurrentServerDate", "2-5-2013"); Verwijdert : user_pref("CT2911070.DialogsAlignMode", "LTR"); Verwijdert : user_pref("CT2911070.DialogsGetterLastCheckTime", "Mon Apr 29 2013 14:26:20 GMT+0200 (Romance (zomer[...] Verwijdert : user_pref("CT2911070.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...] Verwijdert : user_pref("CT2911070.ExternalComponentPollDate129395542058107198", "Sun May 15 2011 09:53:06 GMT+020[...] Verwijdert : user_pref("CT2911070.FirstServerDate", "17-1-2011"); Verwijdert : user_pref("CT2911070.FirstTime", true); Verwijdert : user_pref("CT2911070.FirstTimeFF3", true); Verwijdert : user_pref("CT2911070.FixPageNotFoundErrors", false); Verwijdert : user_pref("CT2911070.GroupingServerCheckInterval", 1440); Verwijdert : user_pref("CT2911070.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Verwijdert : user_pref("CT2911070.HasUserGlobalKeys", true); Verwijdert : user_pref("CT2911070.Initialize", true); Verwijdert : user_pref("CT2911070.InitializeCommonPrefs", true); Verwijdert : user_pref("CT2911070.InstallationAndCookieDataSentCount", 3); Verwijdert : user_pref("CT2911070.InstalledDate", "Mon Jan 17 2011 15:18:33 GMT+0100 (Romance (standaardtijd))"); Verwijdert : user_pref("CT2911070.InvalidateCache", false); Verwijdert : user_pref("CT2911070.IsGrouping", false); Verwijdert : user_pref("CT2911070.IsMulticommunity", false); Verwijdert : user_pref("CT2911070.IsOpenThankYouPage", true); Verwijdert : user_pref("CT2911070.IsOpenUninstallPage", true); Verwijdert : user_pref("CT2911070.LanguagePackLastCheckTime", "Thu May 02 2013 09:36:57 GMT+0200 (Romance (zomert[...] Verwijdert : user_pref("CT2911070.LanguagePackReloadIntervalMM", 1440); Verwijdert : user_pref("CT2911070.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Verwijdert : user_pref("CT2911070.LastLogin_3.12.2.3", "Wed May 30 2012 08:30:35 GMT+0200 (Romance (zomertijd))")[...] Verwijdert : user_pref("CT2911070.LastLogin_3.13.0.6", "Mon Jul 16 2012 09:57:33 GMT+0200 (Romance (zomertijd))")[...] Verwijdert : user_pref("CT2911070.LastLogin_3.14.1.0", "Tue Aug 21 2012 14:16:26 GMT+0200 (Romance (zomertijd))")[...] Verwijdert : user_pref("CT2911070.LastLogin_3.15.1.0", "Thu Nov 15 2012 17:07:00 GMT+0100 (Romance (standaardtijd[...] Verwijdert : user_pref("CT2911070.LastLogin_3.16.0.3", "Fri Feb 08 2013 17:53:10 GMT+0100 (Romance (standaardtijd[...] Verwijdert : user_pref("CT2911070.LastLogin_3.18.0.7", "Thu May 02 2013 09:36:57 GMT+0200 (Romance (zomertijd))")[...] Verwijdert : user_pref("CT2911070.LastLogin_3.3.0.19", "Tue Mar 22 2011 11:56:10 GMT+0100 (Romance (standaardtijd[...] Verwijdert : user_pref("CT2911070.LastLogin_3.3.2.1", "Thu Mar 31 2011 13:37:40 GMT+0200 (Romance (zomertijd))"); Verwijdert : user_pref("CT2911070.LastLogin_3.3.3.2", "Sun May 15 2011 09:53:07 GMT+0200 (Romance (zomertijd))"); Verwijdert : user_pref("CT2911070.LatestVersion", "3.18.0.7"); Verwijdert : user_pref("CT2911070.Locale", "en"); Verwijdert : user_pref("CT2911070.MCDetectTooltipHeight", "83"); Verwijdert : user_pref("CT2911070.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Verwijdert : user_pref("CT2911070.MCDetectTooltipWidth", "295"); Verwijdert : user_pref("CT2911070.MyStuffEnabledAtInstallation", true); Verwijdert : user_pref("CT2911070.RadioIsPodcast", false); Verwijdert : user_pref("CT2911070.RadioLastCheckTime", "Sun May 15 2011 09:53:06 GMT+0200 (Romance (zomertijd))")[...] Verwijdert : user_pref("CT2911070.RadioLastUpdateIPServer", "3"); Verwijdert : user_pref("CT2911070.RadioLastUpdateServer", "129397796528830000"); Verwijdert : user_pref("CT2911070.RadioMediaID", "21745894"); Verwijdert : user_pref("CT2911070.RadioMediaType", "Media Player"); Verwijdert : user_pref("CT2911070.RadioMenuSelectedID", "EBRadioMenu_CT291107021745894"); Verwijdert : user_pref("CT2911070.RadioStationName", "California%20Rock%20-%20Rock"); Verwijdert : user_pref("CT2911070.RadioStationURL", "hxxp://www.feedlive.net/california.asx"); Verwijdert : user_pref("CT2911070.SHRINK_TOOLBAR", 1); Verwijdert : user_pref("CT2911070.SearchFromAddressBarIsInit", true); Verwijdert : user_pref("CT2911070.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT291[...] Verwijdert : user_pref("CT2911070.SearchInNewTabEnabled", true); Verwijdert : user_pref("CT2911070.SearchInNewTabIntervalMM", 1440); Verwijdert : user_pref("CT2911070.SearchInNewTabLastCheckTime", "Thu May 02 2013 09:36:48 GMT+0200 (Romance (zome[...] Verwijdert : user_pref("CT2911070.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Verwijdert : user_pref("CT2911070.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Verwijdert : user_pref("CT2911070.ServiceMapLastCheckTime", "Thu May 02 2013 09:36:56 GMT+0200 (Romance (zomertij[...] Verwijdert : user_pref("CT2911070.SettingsLastCheckTime", "Thu May 02 2013 09:36:47 GMT+0200 (Romance (zomertijd)[...] Verwijdert : user_pref("CT2911070.SettingsLastUpdate", "1367464345"); Verwijdert : user_pref("CT2911070.ThirdPartyComponentsInterval", 504); Verwijdert : user_pref("CT2911070.ThirdPartyComponentsLastCheck", "Fri May 06 2011 14:56:10 GMT+0200 (Romance (zo[...] Verwijdert : user_pref("CT2911070.ThirdPartyComponentsLastUpdate", "1246790578"); Verwijdert : user_pref("CT2911070.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2911070"); Verwijdert : user_pref("CT2911070.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Verwijdert : user_pref("CT2911070.UserID", "UN06165971627747835"); Verwijdert : user_pref("CT2911070.ValidationData_Search", 0); Verwijdert : user_pref("CT2911070.ValidationData_Toolbar", 2); Verwijdert : user_pref("CT2911070.WeatherNetwork", ""); Verwijdert : user_pref("CT2911070.WeatherPollDate", "Sun May 15 2011 09:53:07 GMT+0200 (Romance (zomertijd))"); Verwijdert : user_pref("CT2911070.WeatherUnit", "C"); Verwijdert : user_pref("CT2911070.alertChannelId", "1302974"); Verwijdert : user_pref("CT2911070.approveUntrustedApps", true); Verwijdert : user_pref("CT2911070.backendstorage._fb_dailyactivity", "31333032313739303133343631"); Verwijdert : user_pref("CT2911070.backendstorage._fb_lifetimesent", "54525545"); Verwijdert : user_pref("CT2911070.backendstorage.box_user_first_login_date", "30322F31392F32303131"); Verwijdert : user_pref("CT2911070.backendstorage.box_user_survey_visit", "4E4F545F56495349544544"); Verwijdert : user_pref("CT2911070.backendstorage.dob_dailyactivity", "31333035343435393837333532"); Verwijdert : user_pref("CT2911070.backendstorage.dob_lifetimesent", "54525545"); Verwijdert : user_pref("CT2911070.backendstorage.dob_login_status", "57414954494E475F464F525F544F4B454E"); Verwijdert : user_pref("CT2911070.backendstorage.dob_ticket", "787A306E726F78323268373169706D6B363733386462357A62[...] Verwijdert : user_pref("CT2911070.backendstorage.facebook_ctid_connect_send", "73656E646564"); Verwijdert : user_pref("CT2911070.backendstorage.is_first_login", "796573"); Verwijdert : user_pref("CT2911070.backendstorage.smspcntryinfo", "32325F3332"); Verwijdert : user_pref("CT2911070.backendstorage.smspcntryshort", "4245"); Verwijdert : user_pref("CT2911070.backendstorage.smspcntryts", "31333031303936323836323830"); Verwijdert : user_pref("CT2911070.backendstorage.smspnotalrtts", "31333032373833333633303638"); Verwijdert : user_pref("CT2911070.backendstorage.smspunuid", "736D737031333031303936323931343131"); Verwijdert : user_pref("CT2911070.backendstorage.smspunvwdalrt", "5B7B226F6964223A2230303034222C227669657773223A2[...] Verwijdert : user_pref("CT2911070.backendstorage.url_history", "687474703A2F2F7777772E726F6C6C696E6773746F6E652E6[...] Verwijdert : user_pref("CT2911070.backendstorage.url_history_time", "31333033303236353832333836"); Verwijdert : user_pref("CT2911070.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Verwijdert : user_pref("CT2911070.globalFirstTimeInfoLastCheckTime", "Sun May 15 2011 09:53:07 GMT+0200 (Romance [...] Verwijdert : user_pref("CT2911070.homepageProtectorEnableByLogin", true); Verwijdert : user_pref("CT2911070.initDone", true); Verwijdert : user_pref("CT2911070.isAppTrackingManagerOn", true); Verwijdert : user_pref("CT2911070.myStuffEnabled", true); Verwijdert : user_pref("CT2911070.myStuffPublihserMinWidth", 400); Verwijdert : user_pref("CT2911070.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Verwijdert : user_pref("CT2911070.myStuffServiceIntervalMM", 1440); Verwijdert : user_pref("CT2911070.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Verwijdert : user_pref("CT2911070.oldAppsList", "129395542055919679,129395542057794697,129455460229794273,1293955[...] Verwijdert : user_pref("CT2911070.revertSettingsEnabled", true); Verwijdert : user_pref("CT2911070.searchProtectorDialogDelayInSec", 10); Verwijdert : user_pref("CT2911070.searchProtectorEnableByLogin", true); Verwijdert : user_pref("CT2911070.testingCtid", ""); Verwijdert : user_pref("CT2911070.toolbarAppMetaDataLastCheckTime", "Thu May 02 2013 09:36:57 GMT+0200 (Romance ([...] Verwijdert : user_pref("CT2911070.toolbarContextMenuLastCheckTime", "Mon Jan 17 2011 15:18:33 GMT+0100 (Romance ([...] Verwijdert : user_pref("CT2911070.usagesFlag", 2); Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2911070/CT2911070[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1302974/1298645/BE", "\"0\"[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/778910/774738/BE", "\"0\"")[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/BE", "\"0\"")[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2911070", [...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.0[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2911070",[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/17/20[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2911070/CT2911070[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"47f[...] Verwijdert : user_pref("CommunityToolbar.EngineHiddenByUser", false); Verwijdert : user_pref("CommunityToolbar.EngineOwner", ""); Verwijdert : user_pref("CommunityToolbar.EngineOwnerGuid", "{00725d68-069b-4095-9ff1-e7469c0e95df}"); Verwijdert : user_pref("CommunityToolbar.EngineOwnerToolbarId", "software_master"); Verwijdert : user_pref("CommunityToolbar.IsEngineShown", true); Verwijdert : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Verwijdert : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://api2.similarsites.com/related?md=1&s=3&q=[...] Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2911070"); Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{00725d68-069b-4095-9ff1-e7469c0e95df}"); Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "software_master"); Verwijdert : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.avg.com/route/?d=4c3f2afd&[...] Verwijdert : user_pref("CommunityToolbar.ToolbarsList", "CT2384137,CT2911070"); Verwijdert : user_pref("CommunityToolbar.ToolbarsList2", "CT2911070"); Verwijdert : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Mar 23 2011 08:33:00 GMT+01[...] Verwijdert : user_pref("CommunityToolbar.alert.alertEnabled", false); Verwijdert : user_pref("CommunityToolbar.alert.alertInfoInterval", 60); Verwijdert : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jan 17 2011 15:18:37 GMT+0100 (Roman[...] Verwijdert : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Verwijdert : user_pref("CommunityToolbar.alert.locale", "en"); Verwijdert : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Verwijdert : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Mar 21 2012 12:14:26 GMT+0100 (Romance ([...] Verwijdert : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611"); Verwijdert : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Verwijdert : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Verwijdert : user_pref("CommunityToolbar.alert.showTrayIcon", false); Verwijdert : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Verwijdert : user_pref("CommunityToolbar.alert.userId", "{e8d23259-d8cc-42ee-ac4e-54c07d7350b0}"); Verwijdert : user_pref("CommunityToolbar.globalUserId", "ddfc2e97-7245-4f6e-b6b7-0f611e99a6a3"); Verwijdert : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Verwijdert : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Verwijdert : user_pref("CommunityToolbar.killedEngine", true); Verwijdert : user_pref("CommunityToolbar.undefined", ""); Verwijdert : user_pref("extensions.engine@conduit.com.install-event-fired", true); Verwijdert : user_pref("extensions.freecorder@freecorder.com.menuitems", "[{\"name\":\"Freecorder Menu Header\",\[...] Verwijdert : user_pref("extensions.mywebsearch.prevDefaultEngine", "Yahoo! Search"); Verwijdert : user_pref("extensions.mywebsearch.prevKwdEnabled", true); Verwijdert : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jht[...] Verwijdert : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google"); Verwijdert : user_pref("extensions.toolbar.mindspark._6xMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...] Verwijdert : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers"); Verwijdert : user_pref("extentions.y2layers.installId", "b6a80aea-3fd3-428d-9d6b-6aebb7a6dfd4"); Verwijdert : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;media_btn_wa;shout_btn_wa;ai[...] Verwijdert : user_pref("winamp_toolbar.favplus.focusnewtab", true); Verwijdert : user_pref("winamp_toolbar.favplus.newtab", true); Verwijdert : user_pref("winamp_toolbar.firsttime.showwindow", false); Verwijdert : user_pref("winamp_toolbar.install.lastTbVersion", "5.5.1.1"); Verwijdert : user_pref("winamp_toolbar.metrics.activestampdate", "20"); Verwijdert : user_pref("winamp_toolbar.metrics.activestampmonth", "3"); Verwijdert : user_pref("winamp_toolbar.metrics.activestampyear", "2009"); Verwijdert : user_pref("winamp_toolbar.metrics.originalDate", "22"); Verwijdert : user_pref("winamp_toolbar.metrics.originalHours", "22"); Verwijdert : user_pref("winamp_toolbar.metrics.originalMinutes", "20"); Verwijdert : user_pref("winamp_toolbar.metrics.originalMonth", "8"); Verwijdert : user_pref("winamp_toolbar.metrics.originalSeconds", "15"); Verwijdert : user_pref("winamp_toolbar.metrics.originalYear", "2008"); Verwijdert : user_pref("winamp_toolbar.search.focusnewtab", false); Verwijdert : user_pref("winamp_toolbar.search.newtab", false); Verwijdert : user_pref("winamp_toolbar.search.populateoncomplete", false); Verwijdert : user_pref("winamp_toolbar.search.savehistory", true); Verwijdert : user_pref("winamp_toolbar.search.searchtype", "web"); Verwijdert : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar"); Verwijdert : user_pref("winamp_toolbar.surf.show", true); Verwijdert : user_pref("winamp_toolbar.upgrade.showwindow", false); Verwijdert : user_pref("winamp_toolbar.winamp.appversion", "20564"); Verwijdert : user_pref("winamp_toolbar.winamp.artist", "Chuck Prophet"); Verwijdert : user_pref("winamp_toolbar.winamp.show.focus", true); Verwijdert : user_pref("winamp_toolbar.winamp.show.forward", true); Verwijdert : user_pref("winamp_toolbar.winamp.show.openfile", true); Verwijdert : user_pref("winamp_toolbar.winamp.show.pause", true); Verwijdert : user_pref("winamp_toolbar.winamp.show.play", true); Verwijdert : user_pref("winamp_toolbar.winamp.show.rewind", true); Verwijdert : user_pref("winamp_toolbar.winamp.show.stop", true); Verwijdert : user_pref("winamp_toolbar.winamp.show.volume", true); Verwijdert : user_pref("winamp_toolbar.winamp.title", "Lucinda Williams - Are You Alright?"); Verwijdert : user_pref("winamp_toolbar.winamp.tracklength", "318"); Verwijdert : user_pref("winamp_toolbar.winamp.tracktime", "-999998"); Verwijdert : user_pref("winamp_toolbar.winamp.volume", "252"); File : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\brav6mkq.default\prefs.js C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\brav6mkq.default\user.js ... Verwijdert ! [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v26.0.1410.64 File : C:\Users\rudy\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [32723 octets] - [05/05/2013 09:51:15] ########## EOF - C:\AdwCleaner[s1].txt - [32784 octets] ##########

[h=3]Hallo, had iets gevonden op internet over fout C00..., maar de hier voorgestelde oplossing kan ik niet uitvoeren omdat op de bewuste plaats in het register de regel "DisableProtectedAudioDG" helemaal niet voorkomt... (enkel 2 regels "Enable", namelijk 1: "enable captureMonitor" en 2: "enable logonHIDcontrols". Begrijp er niets meer van. How-to-solve : C00D11B1 error when trying to play files in Windows Media Player 11 or MuvAudio[/h]A soundcard driver that you have installed on your system has an unsigned sAPO which, to work, creates a registry key. The key is then causing the C00D11B1 error when trying to play files in Windows Media Player 11 or MuvAudio. To fix the problem, please do the following (WARNING: at your own risk, as modifying the registry incorrectly can cause issues): 1. Click on the Start Menu. 2. Type regedit into the Start Search box and hit enter. 3. If asked for permission, click on Continue to open the Registry Editor 4. On the left-pane, navigate to the following: HKEY_LOCAL_MACHINE, then SOFTWARE, then Microsoft, then Windows, then CurrentVersion, and finally, Audio. 5. In the right-pane, double click on the text, DisableProtectedAudioDG, and change the value from 1 to 0. 6. Close the Registry Editor. 7. Restart your computer.